Summary
A Concise Overview of the scan result of url https://www.hybrid-analysis.com/sample/5f0f38a94d12374150bb70303371533786a69fa62e8c98b00b683206c8038953
- Document
- HTML
- 1
- StyleSheets
- 7
- Scripts
- 29
- Font
- 4
- Images
- 7
- Links
- 23
- JavaScript Variables
- 47
- Console log messages
- 0
- Network
- Requests
- 55
- Bytes Transferred
- 1.82MB
- Bytes Total
- 3.86MB
- DNS Record
- A Record
- 2
- AAAA Record
- 2
- Technology
- Video players
- 1
- JavaScript frameworks
- 1
- Font scripts
- 1
- Security
- 2
- Cookie compliance
- 1
- CDN
- 1
Document
Links
The outgoing links identified from the page.
| Link | Text |
|---|---|
| http://www.enable-javascript.com/ | enable javascript |
| https://www.crowdstrike.com/endpoint-security-products/falcon-sandbox-malware-analysis/ | Learn More! |
| https://www.crowdstrike.com/endpoint-security-products/falcon-cyber-threat-search-engine/ | Falcon MalQuery |
| https://go.crowdstrike.com/HybridAnalysisRequest.html | Falcon Sandbox Free Trial |
| https://hybrid-analysis.blogspot.de/ | Hybrid Analysis Blog |
| https://urlscan.io/ | |
| https://www.scamadviser.com?utm_source=hybridanalysis | |
| https://www.scamadviser.com/check-website/m.imdb.com?utm_source=hybridanalysis | More Details |
| https://cleandns.com/ | |
| https://bfore.ai | |
| https://www.criminalip.io/ | |
| https://www.crowdstrike.com/why-crowdstrike/crowdstrike-industry-validation/ | Industry Recognition and Technology Validation |
| https://www.crowdstrike.com/blog/hijackloader-expands-techniques/?utm_source=ref&utm_medium=ha_overview | HijackLoader Expands Techniques to Improve Defense Evasion |
| https://www.crowdstrike.com/blog/imperial-kitten-deploys-novel-malware-families/?utm_source=ref&utm_medium=ha_overview | IMPERIAL KITTEN Deploys Novel Malware Families in Middle East-Focused Operations |
| https://www.crowdstrike.com/blog/crowdstrike-discovers-new-container-exploit/?utm_source=ref&utm_medium=ha_overview | New Container Exploit: Rooting Non-Root Containers with CVE-2023-2640 and CVE-2023-32629, aka GameOver(lay) |
| https://www.crowdstrike.com/blog/windows-restart-manager-part-2/?utm_source=ref&utm_medium=ha_overview | The Windows Restart Manager: How It Works and How It Can Be Hijacked, Part 2 |
| https://www.crowdstrike.com/blog/windows-restart-manager-part-1/?utm_source=ref&utm_medium=ha_overview | The Windows Restart Manager: How It Works and How It Can Be Hijacked, Part 1 |
| https://www.crowdstrike.com/blog/ | See More! |
| https://privacyportal.onetrust.com/ui/#/preferences/multipage/login/e5019602-7124-4242-8f7c-d1571d0c467d | Your Privacy Choices |
| https://twitter.com/HybridAnalysis | |
| https://www.crowdstrike.com/cookie-notice/ | More information about your privacyCookie Notice |
| https://cookiepedia.co.uk/giving-consent-to-cookies | More information about your privacy, opens in a new tabMore information. |
| https://www.onetrust.com/products/cookie-consent/ | Powered by OneTrust Opens in a new Tab |
JavaScript Variables
Global JavaScript variables are variables that are defined outside of any function or block scope in JavaScript.
0stringdocumentPictureInPicturestringonbeforetogglestringonscrollendstringOneTrustStubstringOptanonWrapperstring_satellitestring__satelliteLoadedstringalloystring__alloyNSstringadobeDataLayerstringcsUtmsstringdataLayerstring_dataLayerOverwriteMonitorstringotStubDatastringscriptUrlstringttPolicystringYTstringYTConfigstringonYTReadystringOptanonstringOneTruststringgtagstringOnetrustActiveGroupsstringOptanonActiveGroupsstringCKEDITOR_TRANSLATIONSstringwebpackChunkvxwebservicestringflatpickrstring$stringtoastrstring___grecaptcha_cfgstringgrecaptchastring__recaptcha_apistring__google_recaptcha_clientstring__VUE_INSTANCE_SETTERS__string__VUE_SSR_SETTERS__string__VUE_OPTIONS_API__string__VUE_PROD_DEVTOOLS__string__VUE_PROD_HYDRATION_MISMATCH_DETAILS__string__VUE__stringVxWebServicestringrecaptchastringsetParentElementstringgetRegionNamestringitemsstringpageElementstringuniquePageElementstring
Technology
The technologies identified are present on the scanned URL.
| Name | Description | Detected patterns |
|---|---|---|
| JavaScript frameworks | ||
Vue.js | Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications. | Type: html Regex: <[^>]{1,250}\sdata-v(?:ue)?- |
| Video players | ||
YouTube | YouTube is a video sharing service where users can create their own profile, upload videos, watch, like and comment on other videos. | Type: scriptSrc Regex: \.youtube\.com\/ |
| Security | ||
reCAPTCHA | reCAPTCHA is a free service from Google that helps protect websites from spam and abuse. | Type: scriptSrc Regex: \/recaptcha\/(?:api|enterprise)\.js |
| HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS. | Type: headers Name: strict-transport-security Regex: (?:) | |
| Font scripts | ||
Typekit | Typekit is an online service which offers a subscription library of fonts. | Type: html Regex: <link [^>]{0,250}href="[^"]{1,250}use\.typekit\.(?:net|com) |
| CDN | ||
Cloudflare | Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services. | Type: headers Name: cf-ray Regex: ^cloudflare$ |
| Cookie compliance | ||
OneTrust | OneTrust is a cloud-based data privacy management compliance platform. | Type: scriptSrc Regex: cdn\.cookielaw\.org |
Performance
The speed and efficiency of the scanned URL loads and displays its content.
- dns
- 1 msGood
- tcp
- 27 msGood
- requestTime
- 29 msGood
- dom
- 345 msNeeds Improvement
DNS Record
A DNS record maps a domain name to an IP address or other resource information.
| Type | Name | Content | DNSSEC |
|---|---|---|---|
| A | www.hybrid-analysis.com | 172.66.41.15 | no |
| A | www.hybrid-analysis.com | 172.66.42.241 | no |
| AAAA | www.hybrid-analysis.com | 2606:4700:3108::ac42:2af1 | no |
| AAAA | www.hybrid-analysis.com | 2606:4700:3108::ac42:290f | no |
SSL Certificate
An SSL certificate is a digital certificate that verifies the authenticity and encrypts the communication between a website and its visitors.
| Subject | Issue date | Expiry date | Valid |
|---|---|---|---|
hybrid-analysis.com Cloudflare Inc ECC CA-3 | 3/3/2024 | 12/31/2024 | 10 months 3 days |
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 | 7/9/2024 | 8/9/2025 | 1 year 1 month 1 day |
cookielaw.org Cloudflare Inc ECC CA-3 | 3/1/2024 | 12/31/2024 | 10 months 5 days |
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 | 2/1/2024 | 3/3/2025 | 1 year 1 month 1 day |
onetrust.com Cloudflare Inc ECC CA-3 | 11/13/2023 | 11/12/2024 | 1 year |
www.google.com WR2 | 7/30/2024 | 10/22/2024 | 2 months 23 days |
*.google.com WR2 | 7/30/2024 | 10/22/2024 | 2 months 23 days |
*.gstatic.com WR2 | 7/30/2024 | 10/22/2024 | 2 months 23 days |
HTTP Headers
HTTP Header
An HTTP header is a component of an HTTP request or response that contains additional information about the message being sent or received.
| Name | Value |
|---|---|
| cache-control | max-age=0, private, must-revalidate |
| cf-cache-status | DYNAMIC |
| cf-ray | 8acda3565d8869e4-MAD |
| content-encoding | gzip |
| content-length | 9551 |
| content-security-policy | default-src 'none'; connect-src 'self' *.onetrust.com *.demdex.net *.adobedc.net *.cookielaw.org *.twitter.com; script-src 'self' *.google.com *.gstatic.com *.google-analytics.com *.adobedtm.com *.youtube.com *.cookielaw.org *.twitter.com *.twimg.com cdn.inspectlet.com frontend.id-visitors.com 'unsafe-inline'; font-src 'self' data: fonts.googleapis.com cdn.jsdelivr.net *.typekit.net; child-src 'self' data: *.google.com *.gstatic.com *.twitter.com; img-src 'self' data: *.gstatic.com *.google.com *.cookielaw.org *.google-analytics.com stats.g.doubleclick.net *.twitter.com *.twimg.com *.paypalobjects.com cartodb-basemaps-a.global.ssl.fastly.net cartodb-basemaps-b.global.ssl.fastly.net cartodb-basemaps-c.global.ssl.fastly.net; style-src 'self' *.google.com *.twitter.com *.twimg.com cdn.jsdelivr.net *.typekit.net 'unsafe-inline'; object-src 'self'; frame-ancestors 'none' |
| content-type | text/html;charset=UTF-8 |
| date | Fri, 02 Aug 2024 11:13:20 GMT |
| server | cloudflare |
| strict-transport-security | max-age=31536000; includeSubdomains |
| vary | Accept-Encoding |
| x-content-type-options | nosniff |
| x-frame-options | SAMEORIGIN |
| x-xss-protection | 1; mode=block |
Content Security Policy
Content Security Policy (CSP) is a security mechanism that helps prevent cross-site scripting (XSS) and other code injection attacks by specifying which content sources are allowed to be loaded on a web page.
| Name | Value |
|---|---|
| default-src | 'none' |
| connect-src | 'self'*.onetrust.com*.demdex.net*.adobedc.net*.cookielaw.org*.twitter.com |
| script-src | 'self'*.google.com*.gstatic.com*.google-analytics.com*.adobedtm.com*.youtube.com*.cookielaw.org*.twitter.com*.twimg.comcdn.inspectlet.comfrontend.id-visitors.com'unsafe-inline' |
| font-src | 'self'data:fonts.googleapis.comcdn.jsdelivr.net*.typekit.net |
| child-src | 'self'data:*.google.com*.gstatic.com*.twitter.com |
| img-src | 'self'data:*.gstatic.com*.google.com*.cookielaw.org*.google-analytics.comstats.g.doubleclick.net*.twitter.com*.twimg.com*.paypalobjects.comcartodb-basemaps-a.global.ssl.fastly.netcartodb-basemaps-b.global.ssl.fastly.netcartodb-basemaps-c.global.ssl.fastly.net |
| style-src | 'self'*.google.com*.twitter.com*.twimg.comcdn.jsdelivr.net*.typekit.net'unsafe-inline' |
| object-src | 'self' |
| frame-ancestors | 'none |
Cookies
Cookies are small pieces of data stored on a user's web browser to track and remember information about their browsing activity on a website.
| Name | Value | Domain/Path | Expires | Secure | HTTP Only |
|---|---|---|---|---|---|
| id | 88oe5u1i0favlpm3c7c2o0sqbn | www.hybrid-analysis.com/ | 12/31/1969, 11:59:59 PM | no | yes |
| _csUtms3 | %7B%22utm_medium%22%3A%22org%22%7D | .www.hybrid-analysis.com/ | 12/31/1969, 11:59:59 PM | yes | no |
| YSC | p0-3YXiEQT8 | .youtube.com/ | 12/31/1969, 11:59:59 PM | yes | yes |
| VISITOR_INFO1_LIVE | evmYv5PtGhU | .youtube.com/ | 1/29/2025, 11:13:21 AM | yes | yes |
| VISITOR_PRIVACY_METADATA | CgJFUxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgJA%3D%3D | .youtube.com/ | 1/29/2025, 11:13:21 AM | yes | yes |
| OptanonConsent | isGpcEnabled=0&datestamp=Fri+Aug+02+2024+11%3A13%3A22+GMT%2B0000+(Coordinated+Universal+Time)&version=202304.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=c89ce01b-e784-462c-9dee-e5105d451222&interactionCount=0&landingPath=https%3A%2F%2Fwww.hybrid-analysis.com%2Fsample%2F5f0f38a94d12374150bb70303371533786a69fa62e8c98b00b683206c8038953&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0 | .hybrid-analysis.com/ | 8/2/2025, 11:13:22 AM | no | no |