www.makeuseof.com Open in urlscan Pro
54.157.137.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3hJdQEm
Effective URL:
https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distr...
Submission: On January 05 via manual (January 5th 2021, 9:27:24 pm UTC) from TR

Summary HTTP 136 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 53 IPs in 9 countries across 40 domains to perform 136 HTTP transactions. The main IP is 54.157.137.27, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.makeuseof.com.
TLS certificate: Issued by R3 on December 23rd 2020. Valid for: 3 months.

This is the only time www.makeuseof.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
14	54.157.137.27 54.157.137.27	14618 (AMAZON-AES) (AMAZON-AES)
4	2.21.37.92 2.21.37.92	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700:e4:... 2606:4700:e4::ac40:ab0e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.224.94.56 13.224.94.56	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:5200:13:6a46:aa00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
21 42	2606:4700:10:... 2606:4700:10::ac43:274f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:39f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.113.2 151.101.113.2	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
3	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
2	104.80.28.24 104.80.28.24	16625 (AKAMAI-AS) (AKAMAI-AS)
6	13.224.103.105 13.224.103.105	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE)
2	3.12.239.212 3.12.239.212	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	3.230.50.184 3.230.50.184	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:4c00:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.195.5.38 51.195.5.38	16276 (OVH) (OVH)
3	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
3	34.246.127.166 34.246.127.166	16509 (AMAZON-02) (AMAZON-02)
5	23.67.141.101 23.67.141.101	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2	104.111.215.135 104.111.215.135	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.4.152.106 52.4.152.106	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:10:... 2606:4700:10::6816:37ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	178.128.135.80 178.128.135.80	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	18.184.101.206 18.184.101.206	16509 (AMAZON-02) (AMAZON-02)
1 2	52.95.124.170 52.95.124.170	16509 (AMAZON-02) (AMAZON-02)
2	35.164.213.195 35.164.213.195	16509 (AMAZON-02) (AMAZON-02)
2	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
1	208.100.17.171 208.100.17.171	32748 (STEADFAST) (STEADFAST)
1	184.30.212.16 184.30.212.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.21.37.33 2.21.37.33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
136	53

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.157.137.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-137-27.compute-1.amazonaws.com

www.makeuseof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.21.37.92 (France)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-37-92.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e4::ac40:ab0e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.snigelweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geo-eu.snigelweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.94.56 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-56.zrh50.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:5200:13:6a46:aa00:93a1 (United States)

ASN16509 (AMAZON-02, US)

socialcanvas-cdn.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2606:4700:10::ac43:274f (United States) 21 redirects

ASN13335 (CLOUDFLARENET, US)

static1.makeuseofimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static0.makeuseofimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static3.makeuseofimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static2.makeuseofimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:39f (United States)

ASN13335 (CLOUDFLARENET, US)

track.mailerlite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mailerlite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mailerlite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.80.28.24 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-28-24.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.103.105 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-105.zrh50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.12.239.212 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-239-212.us-east-2.compute.amazonaws.com

api.rhombusads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.230.50.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-50-184.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:4c00:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.5.38 (France)

ASN16276 (OVH, FR)
PTR: p16.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.246.127.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-127-166.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.67.141.101 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-67-141-101.deploy.static.akamaitechnologies.com

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.251 (Germany)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.135 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.152.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-152-106.compute-1.amazonaws.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)

i.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1460 (Sweden)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.195.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.38 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.128.135.80 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.101.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-101-206.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.124.170 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.164.213.195 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-213-195.us-west-2.compute.amazonaws.com

events.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.171 (Chicago, United States)

ASN32748 (STEADFAST, US)

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.212.16 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.37.33 (France)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-37-33.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	makeuseofimages.com 21 redirects static1.makeuseofimages.com static0.makeuseofimages.com static3.makeuseofimages.com static2.makeuseofimages.com	345 KB
14	makeuseof.com www.makeuseof.com	678 KB
10	google.com www.google.com fundingchoicesmessages.google.com ampcid.google.com	98 KB
8	avantisvideo.com cdn.avantisvideo.com static.avantisvideo.com cdn1.avantisvideo.com events.avantisvideo.com	122 KB
8	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	68 KB
5	adnxs.com ib.adnxs.com acdn.adnxs.com	3 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	255 KB
4	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	212 KB
4	mailerlite.com track.mailerlite.com static.mailerlite.com cdn.mailerlite.com	55 KB
4	snigelweb.com cdn.snigelweb.com geo-eu.snigelweb.com	117 KB
3	casalemedia.com htlb.casalemedia.com as-sec.casalemedia.com	2 KB
3	onetag-sys.com onetag-sys.com	532 B
3	adsrvr.org match.adsrvr.org	2 KB
3	rlcdn.com api.rlcdn.com	291 B
3	adlightning.com tagan.adlightning.com	59 KB
3	indexww.com js-sec.indexww.com	85 KB
2	serverbid.com e.serverbid.com	171 B
2	lijit.com ap.lijit.com	762 B
2	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	118 B
2	connectad.io i.connectad.io cdn.connectad.io	708 B
2	33across.com ssc.33across.com ssc-cms.33across.com	636 B
2	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	2 KB
2	districtm.io dmx.districtm.io cdn.districtm.io	428 B
2	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
2	google.de ampcid.google.de www.google.de	972 B
2	rhombusads.com api.rhombusads.com	1 KB
2	media.net hbx.media.net	9 KB
2	quora.com a.quora.com q.quora.com	14 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	62 KB
1	3lift.com tlx.3lift.com	479 B
1	yahoo.com c2shb.ssp.yahoo.com	660 B
1	dotomi.com web.hb.ad.cpe.dotomi.com	379 B
1	id5-sync.com id5-sync.com	1 KB
1	googleapis.com fonts.googleapis.com	3 KB
1	googletagservices.com www.googletagservices.com	19 KB
1	facebook.com www.facebook.com	376 B
1	googletagmanager.com www.googletagmanager.com	32 KB
1	kargo.com socialcanvas-cdn.kargo.com	44 KB
1	bit.ly 1 redirects bit.ly	343 B
136	40

	Domain	Requested by
24	static0.makeuseofimages.com	3 redirects www.makeuseof.com
14	www.makeuseof.com	www.makeuseof.com
7	static1.makeuseofimages.com	7 redirects
6	c.amazon-adsystem.com	www.makeuseof.com c.amazon-adsystem.com
6	static3.makeuseofimages.com	6 redirects
5	fundingchoicesmessages.google.com	www.makeuseof.com tagan.adlightning.com
5	static2.makeuseofimages.com	5 redirects
4	cdn1.avantisvideo.com	cdn.avantisvideo.com cdn1.avantisvideo.com tagan.adlightning.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google.com	www.makeuseof.com tagan.adlightning.com
3	ib.adnxs.com	www.makeuseof.com js-sec.indexww.com
3	onetag-sys.com	www.makeuseof.com cdn.snigelweb.com
3	match.adsrvr.org	www.makeuseof.com js-sec.indexww.com
3	api.rlcdn.com	www.makeuseof.com js-sec.indexww.com
3	securepubads.g.doubleclick.net	www.makeuseof.com tagan.adlightning.com www.googletagservices.com
3	tagan.adlightning.com	www.makeuseof.com tagan.adlightning.com
3	cdn.snigelweb.com	www.makeuseof.com tagan.adlightning.com
3	js-sec.indexww.com	www.makeuseof.com cdn.snigelweb.com
2	acdn.adnxs.com	cdn.snigelweb.com
2	events.avantisvideo.com
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	e.serverbid.com	js-sec.indexww.com
2	ap.lijit.com	www.makeuseof.com cdn.snigelweb.com
2	htlb.casalemedia.com	www.makeuseof.com js-sec.indexww.com
2	api.rhombusads.com	www.makeuseof.com
2	hbx.media.net	www.makeuseof.com hbx.media.net
2	www.google-analytics.com	www.makeuseof.com
2	static.mailerlite.com	www.makeuseof.com tagan.adlightning.com
2	connect.facebook.net	www.makeuseof.com connect.facebook.net
1	cdn.districtm.io	cdn.snigelweb.com
1	cdn.connectad.io	cdn.snigelweb.com
1	ads.pubmatic.com	cdn.snigelweb.com
1	eus.rubiconproject.com	cdn.snigelweb.com
1	ssc-cms.33across.com	cdn.snigelweb.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	tlx.3lift.com	js-sec.indexww.com
1	hbopenbid.pubmatic.com	www.makeuseof.com
1	c2shb.ssp.yahoo.com	www.makeuseof.com
1	web.hb.ad.cpe.dotomi.com	www.makeuseof.com
1	i.connectad.io	www.makeuseof.com
1	ssc.33across.com	www.makeuseof.com
1	fastlane.rubiconproject.com	www.makeuseof.com
1	dmx.districtm.io	www.makeuseof.com
1	static.avantisvideo.com	cdn.avantisvideo.com
1	id5-sync.com	www.makeuseof.com
1	mug.criteo.com	www.makeuseof.com
1	gum.criteo.com	1 redirects
1	www.google.de	www.makeuseof.com
1	fonts.googleapis.com
1	www.googletagservices.com	www.makeuseof.com
1	cdn.avantisvideo.com	www.makeuseof.com
1	stats.g.doubleclick.net	www.makeuseof.com
1	q.quora.com	www.makeuseof.com
1	ampcid.google.de	www.makeuseof.com
1	ampcid.google.com	www.google-analytics.com
1	cdn.mailerlite.com	static.mailerlite.com
1	www.gstatic.com	www.google.com
1	www.facebook.com	www.makeuseof.com
1	geo-eu.snigelweb.com	cdn.snigelweb.com
1	a.quora.com	www.makeuseof.com
1	www.googletagmanager.com	www.makeuseof.com
1	track.mailerlite.com	www.makeuseof.com
1	socialcanvas-cdn.kargo.com	www.makeuseof.com
1	bit.ly	1 redirects
136	64

This site contains links to these domains. Also see Links.

Domain
deals.makeuseof.com
www.facebook.com
www.pinterest.com
www.instagram.com
twitter.com
www.youtube.com
www.intezer.com

Subject Issuer	Validity	Valid
makeuseof.com R3	`2020-12-23` - `2021-03-23`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
*.adlightning.com Amazon	`2020-07-22` - `2021-08-22`	a year	crt.sh
*.kargo.com Amazon	`2020-07-27` - `2021-08-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
mailerlite.com Cloudflare Inc ECC CA-3	`2020-08-28` - `2021-08-28`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
quora.com R3	`2020-12-27` - `2021-03-27`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.rhombusads.com Amazon	`2020-11-12` - `2021-12-11`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.quora.com R3	`2020-12-27` - `2021-03-27`	3 months	crt.sh
avantisvideo.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
*.id5-sync.com R3	`2020-12-26` - `2021-03-26`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
cdn.avantisvideo.com Let's Encrypt Authority X3	`2020-11-17` - `2021-02-15`	3 months	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
onetag-sys.com R3	`2021-01-02` - `2021-04-02`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2020-06-24` - `2021-02-17`	8 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2020-06-16` - `2021-06-16`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2020-03-30` - `2022-06-25`	2 years	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-09-18` - `2021-03-17`	6 months	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
e.serverbid.com R3	`2020-12-17` - `2021-03-17`	3 months	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
*.avantisvideo.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Frame ID: 245D49E6980AEE8F8759F0B4BF251113
Requests: 101 HTTP requests in this frame

Frame: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
Frame ID: 324F9C6F91D2839C9C5489E3FB0B00E6
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly93d3cubWFrZXVzZW9mLmNvbTo0NDM.&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=normal&cb=igkzs2n1j544
Frame ID: 3DF2366E18F62E2814B8586F6FAF3A2F
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?&vsSync=1&cs=17&hb=1&cv=37&ndec=1&cid=8CU6TM0R4&prvid=41%2C56%2C59%2C70%2C77%2C80%2C85%2C97%2C99%2C108%2C109%2C117%2C132%2C141%2C157%2C159%2C175%2C178%2C182%2C184%2C186%2C188%2C193%2C201%2C203%2C208%2C214%2C222%2C225%2C226%2C229%2C246%2C251%2C261%2C2009%2C2017%2C2025%2C2027%2C2028%2C2030%2C2031%2C2033%2C2034%2C3007%2C3008%2C3010%2C3011%2C3012%2C3014%2C3015%2C3017%2C3018%2C3020%2C3022%2C10000&https=1&gdpr=1&gdprconsent=2
Frame ID: 72C0D65AD3A4E2F7D812976CE93D02BC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&cb=rqrrjgb1zeh1
Frame ID: DAAA63C312A2B816FD5E8DFC87E586A1
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 5C98D7239D7DB997B564792CBEFDD2DF
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_dm_cnv_n-smaato_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift&dcc=t
Frame ID: 71AAF628E76AC9A4A7AD937B917953A4
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 67F2CA8690D5B5091E1DF5497F440A2F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 78B99C867AAA33B20DC5DF632146959E
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bDp8G-BEqr6OkqaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&gdpr=0
Frame ID: 80C54D4406EBD5DA76E1B6F5545B5E3F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 184259A7B495BB18FD40B434866DBC9C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C92C2B6B1F9F7BF3A922E3A7C4DC6424
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13384613
Frame ID: 71F51D1E84C9E38402969C67067382EB
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1609882028210
Frame ID: 945F2B869972CFBE61B82134C54B16F5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5E13DC5435B3BAFD4224A7AA5B4013FD
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 041AE0F23410A6AC578E81736EE436A9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 2973E7BCEE02699525FF7FDC5FE91141
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: C882B5B2C96B6D6ECE4CDE3D50C715E7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/3hJdQEm HTTP 301
https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

136
Requests

100 %
HTTPS

42 %
IPv6

40
Domains

64
Subdomains

53
IPs

9
Countries

2307 kB
Transfer

5228 kB
Size

9
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://deals.makeuseof.com/?utm_source=makeuseof&utm_medium=homepage&utm_campaign=shoptab
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.facebook.com/makeuseof

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/makeuseof/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/makeuseof/

Search URL Search Domain Scan URL

URL: https://twitter.com/makeuseof

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/makeuseof

Search URL Search Domain Scan URL

URL: https://www.intezer.com/blog/research/operation-ElectroRAT-attacker-creates-fake-companies-to-drain-your-crypto-wallets/
Title: Intezer

Search URL Search Domain Scan URL

URL: https://twitter.com/GavinSpavin

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3hJdQEm HTTP 301
https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://static1.makeuseofimages.com/wp-content/uploads/2020/12/malware-feature.jpg?q=50&fit=contain&w=750&h=375&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/malware-feature.jpg?q=50&fit=contain&w=750&h=375&dpr=1.5

Request Chain 10

https://static1.makeuseofimages.com/wp-content/uploads/2015/03/computer-virus.png?q=50&fit=crop&w=330&h=170&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2015/03/computer-virus.png?q=50&fit=crop&w=330&h=170&dpr=1.5

Request Chain 11

https://static1.makeuseofimages.com/wp-content/uploads/2015/11/android-custom-rom.jpg?q=50&fit=crop&w=110&h=90&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2015/11/android-custom-rom.jpg?q=50&fit=crop&w=110&h=90&dpr=1.5

Request Chain 15

https://static0.makeuseofimages.com/wp-content/uploads/2020/12/pexels-johannes-plenio-1125776.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/pexels-johannes-plenio-1125776.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

Request Chain 16

https://static3.makeuseofimages.com/wp-content/uploads/2020/09/flash-removed-2021-featured.png?q=50&fit=crop&w=330&h=170&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/09/flash-removed-2021-featured.png?q=50&fit=crop&w=330&h=170&dpr=1.5

Request Chain 17

https://static1.makeuseofimages.com/wp-content/uploads/2020/12/Photoshop-Underappreciated_featured-040.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Photoshop-Underappreciated_featured-040.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

Request Chain 18

https://static1.makeuseofimages.com/wp-content/uploads/2021/01/Apple-patent-reconfigurable-keyboard-USPTO-drawing-003.png?q=50&fit=crop&w=330&h=170&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/Apple-patent-reconfigurable-keyboard-USPTO-drawing-003.png?q=50&fit=crop&w=330&h=170&dpr=1.5

Request Chain 19

https://static1.makeuseofimages.com/wp-content/uploads/2020/12/koei-tecmo-hacked.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/koei-tecmo-hacked.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

Request Chain 20

https://static0.makeuseofimages.com/wp-content/uploads/2020/12/mozilla-hubs-featured-image.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/mozilla-hubs-featured-image.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

Request Chain 21

https://static3.makeuseofimages.com/wp-content/uploads/2021/01/ps4-slim-japan.png?q=50&fit=crop&w=341&h=215&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/ps4-slim-japan.png?q=50&fit=crop&w=341&h=215&dpr=1.5

Request Chain 22

https://static3.makeuseofimages.com/wp-content/uploads/2020/12/banana_pi_m5_featured.png?q=50&fit=crop&w=341&h=215&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/banana_pi_m5_featured.png?q=50&fit=crop&w=341&h=215&dpr=1.5

Request Chain 23

https://static3.makeuseofimages.com/wp-content/uploads/2020/12/Subway-station.jpg?q=50&fit=crop&w=341&h=215&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Subway-station.jpg?q=50&fit=crop&w=341&h=215&dpr=1.5

Request Chain 24

https://static0.makeuseofimages.com/wp-content/uploads/2021/01/livecrowd_techexplained.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/livecrowd_techexplained.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

Request Chain 25

https://static2.makeuseofimages.com/wp-content/uploads/2020/12/encrypting-folders.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/encrypting-folders.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

Request Chain 26

https://static2.makeuseofimages.com/wp-content/uploads/2021/01/galaxyunpacked2021.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/galaxyunpacked2021.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

Request Chain 27

https://static1.makeuseofimages.com/wp-content/uploads/2020/12/Luminosity-Masks.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Luminosity-Masks.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

Request Chain 28

https://static2.makeuseofimages.com/wp-content/uploads/2020/12/youtube-darkmode.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/youtube-darkmode.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

Request Chain 29

https://static2.makeuseofimages.com/wp-content/uploads/2020/12/typing-on-mac.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/typing-on-mac.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

Request Chain 30

https://static2.makeuseofimages.com/wp-content/uploads/2020/12/Downloading-Games-Featured-Image.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Downloading-Games-Featured-Image.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

Request Chain 31

https://static3.makeuseofimages.com/wp-content/uploads/2020/12/person-typing-on-laptop.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/person-typing-on-laptop.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

Request Chain 32

https://static3.makeuseofimages.com/wp-content/uploads/2020/12/Shadowed-man-making-a-phone-call-in-a-cafe2.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5 HTTP 301
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Shadowed-man-making-a-phone-call-in-a-cafe2.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

Request Chain 86

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.makeuseof.com%2F&domain=www.makeuseof.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=atqKEnxTQ1FLY3ZBWVpHVFAreGFEcVZHaFVPNm81ZFJyeHdHRWtHYjlqdU83TmhLM3QvQTU2UmlORTJjNzFMcmVKTVZxMkxia2NQbU54VGN0ZTRXOTd3K3pwV0VxYVFYeW53R1VHVmpWYTlURnhTMWszamtSSVpzTDVZSWpBdWdBQzdoUjN1UjJtR3lsZG1YaTEyRkJIQ3djUmlTMGt6cTRYd1BoejlETXM5QlR1Q2pDeDVHS2EwOE1VdGNDS3RlMWpiOGJyZnNTZFlOWDlNWnlYdE9qaGxaVUlUeE1NNTFTMzN3SmNPSTNiR0xjeENnPXw&cppv=2

Request Chain 117

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_dm_cnv_n-smaato_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_dm_cnv_n-smaato_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift&dcc=t

136 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/
Redirect Chain

https://bit.ly/3hJdQEm
https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

148 KB
21 KB

582ms
334ms

Document
text/html

54.157.137.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.157.137.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-137-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9935ff10d2fdc651cc3609549c81df905993cd0a6d3ab85ca9b4642b5e4a32ea

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.makeuseof.com
:scheme: https
:path: /malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Tue, 05 Jan 2021 21:27:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: viewType=utm; path=/ campaign=MUO-TW-P; path=/ refererSource=empty; path=/
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br

Redirect headers

server: nginx
date: Tue, 05 Jan 2021 21:27:05 GMT
content-type: text/html; charset=utf-8
content-length: 246
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
referrer-policy: unsafe-url
set-cookie: _bit=l05lr5-4bcfba3c68dc377503-00g; Domain=bit.ly; Expires=Sun, 04 Jul 2021 21:27:05 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 a-article.afa4336d.css
www.makeuseof.com/public/build/ 142 KB
20 KB 133ms
131ms Stylesheet
text/css 54.157.137.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuseof.com/public/build/a-article.afa4336d.css

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.157.137.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-137-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2c0013d600284aa02e57044a46bbd34f861757ddd521f22dadddcab9e4813a67

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Jan 2021 18:51:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ff4b544-23978"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Wed, 05 Jan 2022 21:27:06 GMT

GET
H2 200 dfp.js Show response
www.makeuseof.com/public/build/ 36 B
510 B 122ms
121ms Script
application/javascript 54.157.137.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuseof.com/public/build/dfp.js

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.157.137.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-137-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ffc4b44e1b7402c08e5f2f702ca535e7e7083a684cda203dfdcb734cd5761aa6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Jan 2021 18:51:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ff4b544-24"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Wed, 05 Jan 2022 21:27:06 GMT

GET
H2 200 valnet-header.3dcffde1.js Show response
www.makeuseof.com/public/build/ 2 KB
1 KB 140ms
128ms Script
application/javascript 54.157.137.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuseof.com/public/build/valnet-header.3dcffde1.js

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.157.137.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-137-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e9f05093dd6f07bb7a9aaf91ab4e3b08037343d5d07b730e844ba2cc87899462

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Jan 2021 18:51:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ff4b544-94c"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Wed, 05 Jan 2022 21:27:06 GMT

GET
H/1.1 200
OK 184735-131337367521686.js Show response
js-sec.indexww.com/ht/p/ 154 KB
42 KB 1122ms
1053ms Script
text/javascript 2.21.37.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/184735-131337367521686.js
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.92 , France, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-37-92.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b937ec067c85bc923e1b48b5c3cdfacf2c1bef962d9b2e32cc3af1acc9cd0e14

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 05 Jan 2021 21:27:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 21:28:30 GMT
Server: Apache
ETag: "da4042-26652-5b82de350e317"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3599
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Tue, 05 Jan 2021 22:27:06 GMT

GET
H2 200 snhb-makeuseof.com.min.js Show response
cdn.snigelweb.com/pub/makeuseof.com/20200929/ 38 KB
14 KB 75ms
28ms Script
application/javascript 2606:4700:e4::ac40:ab0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snigelweb.com/pub/makeuseof.com/20200929/snhb-makeuseof.com.min.js
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ab0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8115ed541181391e3ab28db10df8f4e0157f82fc434ef2c483e9f73daac850af

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1709
x-edge-location: Frankfurt, DE
x-cache: MISS
cf-request-id: 07760b5970000005fdd325d000000001
last-modified: Fri, 30 Oct 2020 13:39:29 GMT
server: cloudflare
etag: W/"99ea-5b2e3869b4a77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mkS%2BnZdM9N1Pwf%2BrWcdrHJyr3T3dTfNDd2f4mQl%2FF%2FA3GuWOTVMyX4rlpAjgFgO%2FJ1SQp997vRrg49oltqvzGQym8K%2FBwAZpXvL%2BdXbW1UQ3k1FWD6HtkknZXgrYIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: s-maxage=1800, max-age=1800, public, must-revalidate
x-edge-ip: 51.195.65.76
cf-ray: 60d04808ae9a05fd-FRA
x-storage: 809596973:8001
expires: 0

GET
H2 200 op.js Show response
tagan.adlightning.com/valnet/ 37 KB
14 KB 83ms
25ms Script
application/javascript 13.224.94.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/op.js
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.56 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-56.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aa566922aea18b0c041e5d8ac715422ef48a305113fe9926598b84f9dde236f

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:54:42 GMT
content-encoding: gzip
age: 1945
x-cache: Hit from cloudfront
content-length: 13391
x-amz-meta-git_commit: 9a4f7ce
last-modified: Tue, 05 Jan 2021 20:54:40 GMT
server: AmazonS3
etag: "f4a3293783fb93f312c6f39d92a3aa6e"
x-amz-version-id: 4RlXzlhOsYYmr6xs0nLxbsdHZrNgjgsu
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: e_9UneUfPbpMeeEuNTKMljC5qkIWWt446iXOpOT9e-OfsKE8kesu1g==

GET
H2 200 rh.min.js Show response
socialcanvas-cdn.kargo.com/js/ 236 KB
44 KB 57ms
10ms Script
application/javascript 2600:9000:206f:5200:13:6a46:aa00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5200:13:6a46:aa00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75bf5e00b89eba058d336a8cfeecf2f7a05f095f27fb59c649a9afd0dff00404

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 01:09:14 GMT
content-encoding: br
last-modified: Mon, 04 Jan 2021 01:08:45 GMT
server: AmazonS3
age: 73086
etag: W/"523334470ba30a4a057a101e196d0db1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: dDm75QK4NLXUtfVEHMPgQBCX5c6oKKLWGHysf8Gjheq3JmNVKRCgZg==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 34ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4bfae767fdd66c761f795a4fb10915cf19c0597ad09a3b211fc1292875ae1777

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: D+SgO6vlf9W2kgmCOxSR7w==
cross-origin-resource-policy: cross-origin
expires: Tue, 05 Jan 2021 21:36:24 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: xOHH5Zkc61EQg0Dur99tOW1YdD5ckcNDnC/qfLnnsUqPlLjv1QMUNaLdGeZz6YtczSqWiYoP1Z2HJAg5i7VXKQ==
x-fb-trip-id: 1814657579
x-fb-content-md5: 036884222a6bc2b32891199628a1bdaf
date: Tue, 05 Jan 2021 21:27:06 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6b050cb604167d43453268079d13520b"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 swiper.min.js Show response
www.makeuseof.com/public/build/ 125 KB
31 KB 232ms
231ms Script
application/javascript 54.157.137.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuseof.com/public/build/swiper.min.js

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.157.137.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-137-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Jan 2021 18:51:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ff4b544-1f3be"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Wed, 05 Jan 2022 21:27:06 GMT

GET
H2

200

malware-feature.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/
Redirect Chain

https://static1.makeuseofimages.com/wp-content/uploads/2020/12/malware-feature.jpg?q=50&fit=contain&w=750&h=375&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/malware-feature.jpg?q=50&fit=contain&w=750&h=375&dpr=1.5

34 KB
35 KB

336ms
336ms

Image
image/jpeg

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/malware-feature.jpg?q=50&fit=contain&w=750&h=375&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d77ed0d0567a5a86aacf33e0d9015a54a36de831208efb6b0665d743923e8e2

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: MISS
server: cloudflare
etag: 3ed849010f2189b823e962274aca4248644888789c17124b6e56d1ab75261b07
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
content-disposition: inline; filename="malware-feature.jpg"
accept-ranges: bytes
cf-ray: 60d0480a1d544a6d-FRA
content-length: 35254
cf-request-id: 07760b5a4f00004a6d24108000000001
x-request-id: pAfYmjNMmX-XbULHyeqAC
expires: Wed, 05 Jan 2022 21:27:06 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/malware-feature.jpg?q=50&fit=contain&w=750&h=375&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d04808a9a44a6d-FRA
cf-request-id: 07760b596600004a6dfcae4000000001

GET
H2

200

computer-virus.png
static0.makeuseofimages.com/wordpress/wp-content/uploads/2015/03/
Redirect Chain

https://static1.makeuseofimages.com/wp-content/uploads/2015/03/computer-virus.png?q=50&fit=crop&w=330&h=170&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2015/03/computer-virus.png?q=50&fit=crop&w=330&h=170&dpr=1.5

75 KB
75 KB

16ms
12ms

Image
image/webp

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2015/03/computer-virus.png?q=50&fit=crop&w=330&h=170&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b26cda41cab74a175c347356be48791d028ba1c6f20405ab113812bce27477a

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 1622511
cf-polished: origFmt=png, origSize=132855
content-disposition: inline; filename="computer-virus.webp"
content-length: 76530
cf-request-id: 07760b5a7200004a6d6a317000000001
x-request-id: u2_IfjrNGJmdw2ZJVEZLM
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 7ae52bd497c7fb1937a153329883f30ad34fe6624f02ea1021af9f99b68f1366
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d0480a4de84a6d-FRA
expires: Sat, 18 Dec 2021 02:45:15 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2015/03/computer-virus.png?q=50&fit=crop&w=330&h=170&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d04808a9a54a6d-FRA
cf-request-id: 07760b596700004a6d6eab8000000001

GET
H2

200

android-custom-rom.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2015/11/
Redirect Chain

https://static1.makeuseofimages.com/wp-content/uploads/2015/11/android-custom-rom.jpg?q=50&fit=crop&w=110&h=90&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2015/11/android-custom-rom.jpg?q=50&fit=crop&w=110&h=90&dpr=1.5

3 KB
3 KB

12ms
12ms

Image
image/webp

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2015/11/android-custom-rom.jpg?q=50&fit=crop&w=110&h=90&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d3c3deec6588fb00415d392f18953702dc0accbcfeeb7ed5c9f90a95682bb48

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 366966
cf-polished: qual=85, origFmt=jpeg, origSize=3035
content-disposition: inline; filename="android-custom-rom.webp"
content-length: 2776
cf-request-id: 07760b598200004a6d31a7f000000001
x-request-id: ZmXwpwtBsN0-9UszHZzI4
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 5b2f70ccbbc6465445925b686b66a9539ca7583ae4edd5e99379b557d188653d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d04808da224a6d-FRA
expires: Sat, 01 Jan 2022 15:31:00 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
server: cloudflare
age: 113
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2015/11/android-custom-rom.jpg?q=50&fit=crop&w=110&h=90&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d04808a9a84a6d-FRA
cf-request-id: 07760b596600004a6d003cc000000001

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
971 B 39ms
14ms Script
text/javascript 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c04cbfe21e23ceb866fae28e981a17dfe9ce6cb178943dda6f11a495255ec137

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Tue, 05 Jan 2021 21:27:06 GMT

GET
H2 200 r3i1n7
track.mailerlite.com/webforms/o/2384299/ 43 B
374 B 61ms
23ms Image
image/gif 2606:4700::6812:39f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.mailerlite.com/webforms/o/2384299/r3i1n7?v1595538294
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:39f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 07760b596900004a86f4359000000001
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 60d04808a80f4a86-FRA
date: Tue, 05 Jan 2021 21:27:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2 200 webforms.min.js Show response
static.mailerlite.com/js/w/ 8 KB
2 KB 47ms
21ms Script
application/javascript 2606:4700::6812:39f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mailerlite.com/js/w/webforms.min.js?v5c5d99c28cfe49b41fe82455507d7558

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:39f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e6a1a0d0a73d63b512706bc930da7faf372ee596676c2ea3ab767ff14afcde8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
age: 4789
content-encoding: br
cf-request-id: 07760b59570000c2ef469a7000000001
last-modified: Tue, 05 Jan 2021 07:27:44 GMT
server: cloudflare
etag: W/"5ff414f0-1e19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
content-type: application/javascript
cache-control: public, max-age=432000
cf-ray: 60d048088d6bc2ef-FRA
expires: Sun, 10 Jan 2021 21:27:06 GMT

GET
H2

200

pexels-johannes-plenio-1125776.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/
Redirect Chain

https://static0.makeuseofimages.com/wp-content/uploads/2020/12/pexels-johannes-plenio-1125776.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/pexels-johannes-plenio-1125776.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

16 KB
16 KB

17ms
16ms

Image
image/jpeg

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/pexels-johannes-plenio-1125776.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79ccf857b453929baf5d98ab63a172a7e0d75662b2d972ffabaa0a7ae0b7b527

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 885364
cf-polished: origSize=16580, status=webp_bigger
content-disposition: inline; filename="pexels-johannes-plenio-1125776.jpg"
content-length: 16013
cf-request-id: 07760b598800004a6d11a58000000001
x-request-id: TW1frBvVIpLuEmVZ1SHdC
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 739e0f7778b2eead9aa7d2913cc773b1806c593b9c9267ac22e341b9a6baa8c2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d04808da3c4a6d-FRA
expires: Sun, 26 Dec 2021 15:31:02 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
server: cloudflare
age: 359
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/pexels-johannes-plenio-1125776.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d04808b9c84a6d-FRA
cf-request-id: 07760b596e00004a6d152d5000000001

GET
H2

200

flash-removed-2021-featured.png
static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/09/
Redirect Chain

https://static3.makeuseofimages.com/wp-content/uploads/2020/09/flash-removed-2021-featured.png?q=50&fit=crop&w=330&h=170&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/09/flash-removed-2021-featured.png?q=50&fit=crop&w=330&h=170&dpr=1.5

5 KB
5 KB

11ms
11ms

Image
image/webp

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/09/flash-removed-2021-featured.png?q=50&fit=crop&w=330&h=170&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8449b3d1eadb71266f2607cc4c1e94025b6ee4086d4f98fd7dbbf8d545e3e2c2

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 461065
cf-polished: origFmt=png, origSize=8565
content-disposition: inline; filename="flash-removed-2021-featured.webp"
content-length: 5180
cf-request-id: 07760b5a4f00004a6d071cb000000001
x-request-id: qqBXwNWeuTDXH-CPJ-HHc
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 1b6152375d82cc8f946e1aef7785e5c1d61c2846a38d8bc34fd792c8f3963032
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d0480a1d564a6d-FRA
expires: Fri, 31 Dec 2021 13:22:41 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/09/flash-removed-2021-featured.png?q=50&fit=crop&w=330&h=170&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d04808b9cb4a6d-FRA
cf-request-id: 07760b596e00004a6d45b75000000001

GET
H2

200

Photoshop-Underappreciated_featured-040.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/
Redirect Chain

https://static1.makeuseofimages.com/wp-content/uploads/2020/12/Photoshop-Underappreciated_featured-040.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Photoshop-Underappreciated_featured-040.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

16 KB
17 KB

12ms
12ms

Image
image/jpeg

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Photoshop-Underappreciated_featured-040.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 212bb2c1ab3a093249a757e3aaa939eb6ec2edddee9c7e173cca76217749523c

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 363087
cf-polished: origSize=17321, status=webp_bigger
content-disposition: inline; filename="Photoshop-Underappreciated_featured-040.jpg"
content-length: 16745
cf-request-id: 07760b59a900004a6d6f9e4000000001
x-request-id: JgnlplDQUgKJFo4AVUecS
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: c781d73680f896652a49efb5220f03a21e1483d4f567c80e65fb0edc4d6c88b1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d048090ad54a6d-FRA
expires: Sat, 01 Jan 2022 16:35:39 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
server: cloudflare
age: 366
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Photoshop-Underappreciated_featured-040.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d04808a9bf4a6d-FRA
cf-request-id: 07760b596d00004a6d68ace000000001

GET
H2

200

Apple-patent-reconfigurable-keyboard-USPTO-drawing-003.png
static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/
Redirect Chain

https://static1.makeuseofimages.com/wp-content/uploads/2021/01/Apple-patent-reconfigurable-keyboard-USPTO-drawing-003.png?q=50&fit=crop&w=330&h=170&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/Apple-patent-reconfigurable-keyboard-USPTO-drawing-003.png?q=50&fit=crop&w=330&h=170&dpr=1.5

6 KB
7 KB

14ms
13ms

Image
image/webp

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/Apple-patent-reconfigurable-keyboard-USPTO-drawing-003.png?q=50&fit=crop&w=330&h=170&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 855d9fb1c3ac4aa05748e097f22e5f45eac7700f3052cf2219f07b1ddd3faf4a

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 98173
cf-polished: origFmt=png, origSize=12876
content-disposition: inline; filename="Apple-patent-reconfigurable-keyboard-USPTO-drawing-003.webp"
content-length: 6420
cf-request-id: 07760b598200004a6d02080000000001
x-request-id: JRMFz2oViXbaqV3uuHzHt
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: d0896caad4a3f2e9ff6ffedcc06f117f374e6a50cf040e96dd5964a0746ee823
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d04808ca1c4a6d-FRA
expires: Tue, 04 Jan 2022 18:10:53 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
server: cloudflare
age: 380
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/Apple-patent-reconfigurable-keyboard-USPTO-drawing-003.png?q=50&fit=crop&w=330&h=170&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d04808a9c14a6d-FRA
cf-request-id: 07760b596e00004a6d56270000000001

GET
H2

200

koei-tecmo-hacked.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/
Redirect Chain

https://static1.makeuseofimages.com/wp-content/uploads/2020/12/koei-tecmo-hacked.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/koei-tecmo-hacked.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

13 KB
14 KB

21ms
21ms

Image
image/jpeg

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/koei-tecmo-hacked.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a32298019e603c97674a4b259fa3c4da6c6794a6829e94c9fcfe68aeaee632f4

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 532053
cf-polished: origSize=13909, status=webp_bigger
content-disposition: inline; filename="koei-tecmo-hacked.jpg"
content-length: 13662
cf-request-id: 07760b598600004a6dfa1ca000000001
x-request-id: 1VMtheKYmrv5gkqNk264p
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 6d00eefe414c93357a384df63ac719a51d7e8e756b25ed1220c85eefe6a79402
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d04808da3a4a6d-FRA
expires: Thu, 30 Dec 2021 17:39:32 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
server: cloudflare
age: 786
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/koei-tecmo-hacked.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d04808b9c34a6d-FRA
cf-request-id: 07760b596e00004a6d11a53000000001

GET
H2

200

mozilla-hubs-featured-image.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/
Redirect Chain

https://static0.makeuseofimages.com/wp-content/uploads/2020/12/mozilla-hubs-featured-image.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/mozilla-hubs-featured-image.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

13 KB
13 KB

13ms
12ms

Image
image/webp

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/mozilla-hubs-featured-image.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 132079c36b510789b2f974131480be0f6b7e0868cdca0de1b7897c410169d8a2

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 174427
cf-polished: qual=85, origFmt=jpeg, origSize=14426
content-disposition: inline; filename="mozilla-hubs-featured-image.webp"
content-length: 13220
cf-request-id: 07760b598600004a6d190e5000000001
x-request-id: AM4QPy2mfWmaS6Guqqjpb
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: ab35588a5b57c21937ebc98b1942955ea65d77f4c1f267f0046dc40e59d1a061
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d04808da2e4a6d-FRA
expires: Mon, 03 Jan 2022 20:59:59 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
server: cloudflare
age: 377
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/mozilla-hubs-featured-image.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d04808b9c44a6d-FRA
cf-request-id: 07760b596e00004a6d2d3d5000000001

GET
H2

200

ps4-slim-japan.png
static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/
Redirect Chain

https://static3.makeuseofimages.com/wp-content/uploads/2021/01/ps4-slim-japan.png?q=50&fit=crop&w=341&h=215&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/ps4-slim-japan.png?q=50&fit=crop&w=341&h=215&dpr=1.5

41 KB
42 KB

14ms
11ms

Image
image/webp

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/ps4-slim-japan.png?q=50&fit=crop&w=341&h=215&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 685422f17107920c13a98a8c871a3743b3bac8cf043c4c9dc68f914a6eae5063

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 6150
cf-polished: origFmt=png, origSize=72532
content-disposition: inline; filename="ps4-slim-japan.webp"
content-length: 42394
cf-request-id: 07760b5a7200004a6d6f9f2000000001
x-request-id: IAhb8myYify38EfN7JEXT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 979d5ebf4b8c110f2345dd6b6f68f1ce70dcfa7175df3a58c4518320450b5e57
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d0480a4deb4a6d-FRA
expires: Wed, 05 Jan 2022 19:44:36 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/ps4-slim-japan.png?q=50&fit=crop&w=341&h=215&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d04808ca084a6d-FRA
cf-request-id: 07760b597e00004a6d57b87000000001

GET
H2

200

banana_pi_m5_featured.png
static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/
Redirect Chain

https://static3.makeuseofimages.com/wp-content/uploads/2020/12/banana_pi_m5_featured.png?q=50&fit=crop&w=341&h=215&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/banana_pi_m5_featured.png?q=50&fit=crop&w=341&h=215&dpr=1.5

24 KB
25 KB

42ms
19ms

Image
image/webp

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/banana_pi_m5_featured.png?q=50&fit=crop&w=341&h=215&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70505d365c263d1b00bf0908f3fb96d00ddee592169d744ed89c3de535113e0f

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 662880
cf-polished: origFmt=png, origSize=44684
content-disposition: inline; filename="banana_pi_m5_featured.webp"
content-length: 24982
cf-request-id: 07760b5aab00004a6d7312e000000001
x-request-id: 8zVH6ksFMUXwglGZg27Ci
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 0690e6ad8379b52b943cbe1ec702fc4d8423985dc5960ab15ddc58c6278f471c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d0480aaed14a6d-FRA
expires: Wed, 29 Dec 2021 05:19:06 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/banana_pi_m5_featured.png?q=50&fit=crop&w=341&h=215&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d048090ab94a6d-FRA
cf-request-id: 07760b59a300004a6d02083000000001

GET
H2

200

Subway-station.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/
Redirect Chain

https://static3.makeuseofimages.com/wp-content/uploads/2020/12/Subway-station.jpg?q=50&fit=crop&w=341&h=215&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Subway-station.jpg?q=50&fit=crop&w=341&h=215&dpr=1.5

20 KB
20 KB

18ms
18ms

Image
image/jpeg

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Subway-station.jpg?q=50&fit=crop&w=341&h=215&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcde4557ae9fbb637dd56df7d32f487c47bb22cce7950a90839169c41a287687

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 404101
cf-polished: origSize=21353, status=webp_bigger
content-disposition: inline; filename="Subway-station.jpg"
content-length: 20439
cf-request-id: 07760b59ba00004a6d6f9e6000000001
x-request-id: RTFtozamHrwLUt4GxSWkM
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: d7a17405370f7b355362cbcbd511475f0eb2c0314fe283deeb153da720c6be87
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d048092b2b4a6d-FRA
expires: Sat, 01 Jan 2022 05:12:05 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
server: cloudflare
age: 173
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Subway-station.jpg?q=50&fit=crop&w=341&h=215&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d048090abc4a6d-FRA
cf-request-id: 07760b59a300004a6d11005000000001

GET
H2

200

livecrowd_techexplained.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/
Redirect Chain

https://static0.makeuseofimages.com/wp-content/uploads/2021/01/livecrowd_techexplained.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/livecrowd_techexplained.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

9 KB
9 KB

15ms
15ms

Image
image/webp

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/livecrowd_techexplained.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ddeac155714ab1accb0fe389511e40c1678d70b7122232aac1b6198863cb576

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 195869
cf-polished: qual=85, origFmt=jpeg, origSize=10313
content-disposition: inline; filename="livecrowd_techexplained.webp"
content-length: 8934
cf-request-id: 07760b59ba00004a6d629bd000000001
x-request-id: wKNlReIxZ92ndmV6yYM0B
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: ba466f066e3ce41d619fca2ef78de94e1140625be16359290b7f82a20e0fd9b0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d048092b254a6d-FRA
expires: Mon, 03 Jan 2022 15:02:37 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
server: cloudflare
age: 1092
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/livecrowd_techexplained.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d048090abf4a6d-FRA
cf-request-id: 07760b59a300004a6d2d3d9000000001

GET
H2

200

encrypting-folders.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/
Redirect Chain

https://static2.makeuseofimages.com/wp-content/uploads/2020/12/encrypting-folders.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/encrypting-folders.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

11 KB
12 KB

18ms
17ms

Image
image/webp

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/encrypting-folders.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4fdff0a0726e79ab66b58ea6256cc24b3fa3f268f7a5f4ba722e2dfa42495f9

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 430014
cf-polished: qual=85, origFmt=jpeg, origSize=12330
content-disposition: inline; filename="encrypting-folders.webp"
content-length: 11496
cf-request-id: 07760b59e900004a6d6f9e8000000001
x-request-id: efA-_zs1knT7xKkhaORG8
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: a76127ec4015da2f8a9b463ff83ecd66dbb879a7d0b9fa8e4506108fc7e71391
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d048097bee4a6d-FRA
expires: Fri, 31 Dec 2021 22:00:11 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
server: cloudflare
age: 239
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/encrypting-folders.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d048091af94a6d-FRA
cf-request-id: 07760b59b000004a6d4c830000000001

GET
H2

200

galaxyunpacked2021.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/
Redirect Chain

https://static2.makeuseofimages.com/wp-content/uploads/2021/01/galaxyunpacked2021.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/galaxyunpacked2021.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

2 KB
2 KB

15ms
14ms

Image
image/webp

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/galaxyunpacked2021.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f885027245d0a1410622459b44891241d4fe44b812e46c0bae07875572268688

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 106173
cf-polished: qual=85, origFmt=jpeg, origSize=3718
content-disposition: inline; filename="galaxyunpacked2021.webp"
content-length: 2240
cf-request-id: 07760b59e900004a6d37ab4000000001
x-request-id: j2UMFDhz8ZkOzNMbH4sPM
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: e576a7c802e8515134d2eee10a94172e882840966a53b7e379e74c66ea48876d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d048097bf14a6d-FRA
expires: Tue, 04 Jan 2022 15:57:33 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
server: cloudflare
age: 1183
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2021/01/galaxyunpacked2021.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d048091afc4a6d-FRA
cf-request-id: 07760b59b100004a6d11a5c000000001

GET
H2

200

Luminosity-Masks.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/
Redirect Chain

https://static1.makeuseofimages.com/wp-content/uploads/2020/12/Luminosity-Masks.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Luminosity-Masks.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

8 KB
8 KB

17ms
17ms

Image
image/webp

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Luminosity-Masks.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63072d6a75a2e67a3fa1c644eb27d863d1c6edd5648a9a89706fb8f3fb181faf

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 1662121
cf-polished: qual=85, origFmt=jpeg, origSize=8805
content-disposition: inline; filename="Luminosity-Masks.webp"
content-length: 7822
cf-request-id: 07760b59e800004a6d2ab1c000000001
x-request-id: yfJDt-75Xk6MQ6F6jKK-B
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: c04aef082d1989f2f33fdbd9c42c7aea6a4920c0f3096ac3f7e00e0e8c2704af
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d048097be64a6d-FRA
expires: Fri, 17 Dec 2021 15:45:05 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
server: cloudflare
age: 413
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Luminosity-Masks.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d048090ac14a6d-FRA
cf-request-id: 07760b59a400004a6d1da5f000000001

GET
H2

200

youtube-darkmode.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/
Redirect Chain

https://static2.makeuseofimages.com/wp-content/uploads/2020/12/youtube-darkmode.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/youtube-darkmode.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

2 KB
2 KB

13ms
12ms

Image
image/webp

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/youtube-darkmode.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d99a76613e7383d31ec580e8af83b979ad613161de7709620ce368c6de12f1ae

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 1142632
cf-polished: qual=85, origFmt=jpeg, origSize=2732
content-disposition: inline; filename="youtube-darkmode.webp"
content-length: 1632
cf-request-id: 07760b5b3600004a6d3bb02000000001
x-request-id: 5SfY1nNfuUt57JII6BZfk
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 82a33938324e9f68f7aee8f29e363e0efcf81f3490c93ee105ce653eea3a39b9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d0480b88de4a6d-FRA
expires: Thu, 23 Dec 2021 16:03:14 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/youtube-darkmode.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d048094b6d4a6d-FRA
cf-request-id: 07760b59cc00004a6d279a4000000001

GET
H2

200

typing-on-mac.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/
Redirect Chain

https://static2.makeuseofimages.com/wp-content/uploads/2020/12/typing-on-mac.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/typing-on-mac.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

12 KB
12 KB

10ms
10ms

Image
image/webp

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/typing-on-mac.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5ef2e156c6dcb773f748c5cc795a8fe17c85d59dd25d6f98883ec3f4f45aa55

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 444908
cf-polished: qual=85, origFmt=jpeg, origSize=12706
content-disposition: inline; filename="typing-on-mac.webp"
content-length: 11844
cf-request-id: 07760b5b3600004a6d279c8000000001
x-request-id: gip4wJLC_wbpXcIwMMeIz
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: b9db5ad5086b39924485f77e42429096895eaa2f4e7f86e8d1258aa436f178f8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d0480b88e14a6d-FRA
expires: Fri, 31 Dec 2021 17:51:58 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/typing-on-mac.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d048094b724a6d-FRA
cf-request-id: 07760b59cc00004a6d74a9c000000001

GET
H2

200

Downloading-Games-Featured-Image.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/
Redirect Chain

https://static2.makeuseofimages.com/wp-content/uploads/2020/12/Downloading-Games-Featured-Image.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Downloading-Games-Featured-Image.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

7 KB
7 KB

13ms
12ms

Image
image/webp

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Downloading-Games-Featured-Image.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 527f5abc4c6a8eb694112e22ac0e691767e3434a09d92937ae3c9022634ece70

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 1560377
cf-polished: qual=85, origFmt=jpeg, origSize=8936
content-disposition: inline; filename="Downloading-Games-Featured-Image.webp"
content-length: 7102
cf-request-id: 07760b5a2e00004a6d3bae6000000001
x-request-id: ZGNpN-vs3IG9ybHSR0FVK
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 5e642ad5572bfd276acc9bf189e70dc5102836726a2dfc763cb83bd3433f46c5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d04809ecf14a6d-FRA
expires: Sat, 18 Dec 2021 20:00:49 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
server: cloudflare
age: 691
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Downloading-Games-Featured-Image.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d048099c2c4a6d-FRA
cf-request-id: 07760b59fc00004a6d3334d000000001

GET
H2

200

person-typing-on-laptop.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/
Redirect Chain

https://static3.makeuseofimages.com/wp-content/uploads/2020/12/person-typing-on-laptop.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/person-typing-on-laptop.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

10 KB
10 KB

13ms
11ms

Image
image/webp

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/person-typing-on-laptop.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f9a49a24818d78f0d3aa4912041517867fed6388a4588c45e3af3d0a423d71c

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 1303174
cf-polished: qual=85, origFmt=jpeg, origSize=11278
content-disposition: inline; filename="person-typing-on-laptop.webp"
content-length: 9932
cf-request-id: 07760b5a2e00004a6d2d3e7000000001
x-request-id: QjdY4Z2whAL6wKdrVRbui
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 68db40508dceabd8f452734a072f8718c3695a397a23bf674b7faef9a2c07f41
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d04809ecee4a6d-FRA
expires: Tue, 21 Dec 2021 19:27:32 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
server: cloudflare
age: 705
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/person-typing-on-laptop.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d048099c2e4a6d-FRA
cf-request-id: 07760b59fd00004a6d0a11b000000001

GET
H2

200

Shadowed-man-making-a-phone-call-in-a-cafe2.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/
Redirect Chain

https://static3.makeuseofimages.com/wp-content/uploads/2020/12/Shadowed-man-making-a-phone-call-in-a-cafe2.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Shadowed-man-making-a-phone-call-in-a-cafe2.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5

7 KB
8 KB

14ms
13ms

Image
image/webp

2606:4700:10::ac43:274f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Shadowed-man-making-a-phone-call-in-a-cafe2.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:274f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 453246648fa7910a519f7d41bc5ba47c394209546d462b31a48db51650c1c790

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
age: 11338
cf-polished: qual=85, origFmt=jpeg, origSize=9379
content-disposition: inline; filename="Shadowed-man-making-a-phone-call-in-a-cafe2.webp"
content-length: 7508
cf-request-id: 07760b5a2e00004a6d56b45000000001
x-request-id: yHjeJFRtinZvudSJ_r087
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 84a2d524c03a9b1c56f229c1047b30719bfa70f021e520805ab18aed5573452a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60d04809ecec4a6d-FRA
expires: Wed, 05 Jan 2022 18:18:08 GMT

Redirect headers

date: Tue, 05 Jan 2021 21:27:06 GMT
cf-cache-status: HIT
server: cloudflare
age: 30
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/Shadowed-man-making-a-phone-call-in-a-cafe2.jpg?q=50&fit=crop&w=330&h=170&dpr=1.5
cache-control: max-age=31536000
cf-ray: 60d048099c2f4a6d-FRA
cf-request-id: 07760b59fd00004a6d1f244000000001

GET
H2 200 valnet-footer.70431242.js Show response
www.makeuseof.com/public/build/ 40 KB
12 KB 139ms
127ms Script
application/javascript 54.157.137.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuseof.com/public/build/valnet-footer.70431242.js

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.157.137.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-137-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

03a7f28ef43da23995045ffcb07b137e3e0b3e291df96a71c8b2a80deed97181

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Jan 2021 18:51:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ff4b544-9eeb"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Wed, 05 Jan 2022 21:27:06 GMT

GET
H2 200 valnet-footer-article.ae23fb33.js Show response
www.makeuseof.com/public/build/ 2 KB
1 KB 243ms
230ms Script
application/javascript 54.157.137.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuseof.com/public/build/valnet-footer-article.ae23fb33.js

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.157.137.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-137-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f3bedb91b175047657d303b5b3bd9530a2200404a5e578ecdb3da077af9c7050

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Jan 2021 18:51:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ff4b544-9f8"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Wed, 05 Jan 2022 21:27:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 5792
date: Tue, 05 Jan 2021 19:50:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 05 Jan 2021 21:50:34 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 84 KB
32 KB 16ms
14ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBXVR8R

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f99e140835206790a9e529ffb6a073c5bb989b99a4a1bd1daf00a68f76b4c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33000
x-xss-protection: 0
last-modified: Tue, 05 Jan 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Jan 2021 21:27:06 GMT

GET
H2 200 qevents.js Show response
a.quora.com/ 39 KB
14 KB 79ms
24ms Script
text/plain 151.101.113.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding: gzip
etag: "f32ebb1e93a72c0a57add6d07f688510"
age: 184
x-cache: HIT, HIT
content-length: 13681
x-amz-id-2: Eq/bZjlh5LsZzS4XdXhhBSXaXzFf/PhDr+dWOr6u4bu4amexUVNdJzTjTReY+zmsb46KPBEym+w=
x-served-by: cache-bwi5122-BWI, cache-hhn4066-HHN
last-modified: Fri, 25 Oct 2019 19:28:38 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer: S1609882027.621375,VS0,VE0
date: Tue, 05 Jan 2021 21:27:06 GMT
vary: Accept-Encoding
x-amz-request-id: 907013783F6B3181
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 2, 76

GET
H2 200 AGSKWxWQWAz8OIKuZ1rMJjIRM2y5r8b7rbMpLkOZ_d17PxhYtzCRRzDWDFY-4rAj8XltOUu79dh8WC3TA5sMuCz2OHI= Show response
fundingchoicesmessages.google.com/f/ 83 KB
31 KB 71ms
49ms Script
application/javascript 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWQWAz8OIKuZ1rMJjIRM2y5r8b7rbMpLkOZ_d17PxhYtzCRRzDWDFY-4rAj8XltOUu79dh8WC3TA5sMuCz2OHI=

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55705b77e7a7af9aef281ef653f9695dfc4da996bd86509b08306e4915ef5be3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0BxQ7h99HtbRH36sWTGPZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-0BxQ7h99HtbRH36sWTGPZQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-0BxQ7h99HtbRH36sWTGPZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-0BxQ7h99HtbRH36sWTGPZQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
19 KB 32ms
32ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

3ef5092a0f45b0cea3f33dfa24747b75f901a3f8a5a70516552449128c072624

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "746 / 938 of 1000 / last-modified: 1609865133"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18856
x-xss-protection: 0
expires: Tue, 05 Jan 2021 21:27:06 GMT

GET
H2 200 bxl.js Show response
hbx.media.net/ 25 KB
9 KB 108ms
28ms Script
text/javascript 104.80.28.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bxl.js?cid=8CU6TM0R4&dn=www.makeuseof.com&https=1

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.80.28.24 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-80-28-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d2fc5cb51b0eb81a374af59bb9a82c914814bd7f19439d2e4c1026313e8ac8d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Tue, 05 Jan 2021 21:27:06 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=172800
content-length: 9326
x-mnet-hl2: E
expires: Thu, 07 Jan 2021 21:27:06 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 116 KB
30 KB 47ms
46ms Script
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:24:42 GMT
content-encoding: gzip
server: Server
age: 143
etag: 089c185b065ebe3e9c21625b16dea242
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: _tJcEejvI3lMG1vG763SOdL7bPxWjlBE
x-amz-cf-id: 0ksTSkDtUe683LuqX_EqvJjfwOHQoYRY1Rszm6KPpiIqYcmpMMbo2A==

GET
H2 200 muo-logo-full-colored-light.02eb5ee9.svg
www.makeuseof.com/public/build/images/ 4 KB
2 KB 238ms
232ms Image
image/svg+xml 54.157.137.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.makeuseof.com/public/build/images/muo-logo-full-colored-light.02eb5ee9.svg

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/public/build/a-article.afa4336d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.157.137.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-137-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0eb688f736ba97fb859ec5b1e94d7e67edaea21e5ef1489e9d30ec9371d02ec7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.makeuseof.com/public/build/a-article.afa4336d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Jan 2021 18:51:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ff4b544-1098"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Wed, 05 Jan 2022 21:27:06 GMT

GET
H2 200 Inter-Bold-slnt=0.91e5aee8.ttf
www.makeuseof.com/public/build/fonts/ 287 KB
287 KB 137ms
132ms Font
application/octet-stream 54.157.137.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuseof.com/public/build/fonts/Inter-Bold-slnt=0.91e5aee8.ttf

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/public/build/a-article.afa4336d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.157.137.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-137-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d597e753e78d8bf9db34c13343146545fb3be5a1c99a175bc381fe3f6f787f31

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.makeuseof.com
Referer: https://www.makeuseof.com/public/build/a-article.afa4336d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
x-content-type-options: nosniff
content-length: 293448
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Jan 2021 18:51:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5ff4b544-47a48"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
accept-ranges: bytes
expires: Wed, 05 Jan 2022 21:27:06 GMT

GET
H2 200 icomoon.284f6729.woff
www.makeuseof.com/public/build/fonts/ 13 KB
14 KB 235ms
230ms Font
font/woff 54.157.137.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuseof.com/public/build/fonts/icomoon.284f6729.woff

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/public/build/a-article.afa4336d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.157.137.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-137-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

33dfa806e2056c81aab1b2e46ba016313f5189d10e0b7c9a3e355b59bfada530

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.makeuseof.com
Referer: https://www.makeuseof.com/public/build/a-article.afa4336d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
x-content-type-options: nosniff
content-length: 13380
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Jan 2021 18:51:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5ff4b544-3444"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
accept-ranges: bytes
expires: Wed, 05 Jan 2022 21:27:06 GMT

GET
H2 200 Inter-Regular-slnt=0.515cae74.ttf
www.makeuseof.com/public/build/fonts/ 281 KB
282 KB 236ms
232ms Font
application/octet-stream 54.157.137.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuseof.com/public/build/fonts/Inter-Regular-slnt=0.515cae74.ttf

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/public/build/a-article.afa4336d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.157.137.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-137-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1041a8cf17dab7579acef0cc46b21f6497ec1ae01918ddc3495416efb81a4780

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.makeuseof.com
Referer: https://www.makeuseof.com/public/build/a-article.afa4336d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
x-content-type-options: nosniff
content-length: 287928
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Jan 2021 18:51:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5ff4b544-464b8"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
accept-ranges: bytes
expires: Wed, 05 Jan 2022 21:27:06 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 195 KB
60 KB 39ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=4557fe37d11aa9b34a15ab0686ca5910&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d438ccf87b8328cb870e25562bd3452d3a51eb6c5985061570765a8eca035cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.makeuseof.com
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IPu0s6vDLPpJZWBRBkurCg==
cross-origin-resource-policy: cross-origin
expires: Wed, 05 Jan 2022 19:56:42 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60142
x-fb-rlafr: 0
x-fb-debug: UFjxRRuvgkuAguYRv/X1Y3cnpypYlIaLClhX7AeY650A9EA9u85ftJFgzNQZi00nE6a4ABYRzNJdY//kIKFfzg==
x-fb-trip-id: 1814657579
x-fb-content-md5: 9bac595e6c7cda7b957a8cdf170ad74b
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 05 Jan 2021 21:27:06 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "56407e158dde25090a083ab341f5d35a"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 / Show response
geo-eu.snigelweb.com/bp/ 45 B
409 B 28ms
15ms Script
text/javascript 2606:4700:e4::ac40:ab0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geo-eu.snigelweb.com/bp/
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/pub/makeuseof.com/20200929/snhb-makeuseof.com.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ab0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08caf2c82afb4122c117f675d11a2f71d6228152cf1df5bafe30ff5b8b62590a

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nEJQsEeR0YigGsx5T4TzC3kf5YRHTFK72hy7SpSFNqozHBc8qeFi%2FdLjH8iAQONIaE0qK0FUwtH5GjlzfvZHWXVN%2BAGKDPd0NvYI1aPelQdGwF%2FEmoLmr2VrfyLk9HaLyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600, must-revalidate, immutable
cf-ray: 60d0480a7af105fd-FRA
cf-request-id: 07760b5a8b000005fdafbf2000000001
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
376 B 48ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=172826243054377&ev=fb_page_view&dl=https%3A%2F%2Fwww.makeuseof.com%2Fmalware-targeting-cryptocurrency-wallets-windows-10%2F%3Futm_source%3DMUO-TW-P%26utm_medium%3DSocial-Distribution%26utm_campaign%3DMUO-TW-P&rl=&if=false&ts=1609882026535&sw=1600&sh=1200&at=

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 05 Jan 2021 21:27:06 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ 334 KB
131 KB 42ms
11ms Script
text/javascript 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.makeuseof.com
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 982
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133916
x-xss-protection: 0
last-modified: Sun, 06 Dec 2020 23:05:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jan 2022 21:10:44 GMT

GET
H2 200 jquery.min.js Show response
cdn.mailerlite.com/ajax/libs/jquery/1.8.3/ 91 KB
32 KB 42ms
26ms Script
application/javascript 2606:4700::6812:39f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mailerlite.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by: Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/w/webforms.min.js?v5c5d99c28cfe49b41fe82455507d7558
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:39f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 5141
cf-request-id: 07760b5ab20000c2efbea34000000001
last-modified: Thu, 26 Nov 2020 07:53:51 GMT
server: cloudflare
etag: W/"5fbf5f0f-16dc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 60d0480ab90fc2ef-FRA
expires: Sun, 10 Jan 2021 21:27:06 GMT

GET
H2 200 / Show response
www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/ Frame 324F 3 KB
2 KB 137ms
136ms Document
text/html 54.157.137.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.157.137.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-137-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8dbe959fdb8ab1673b4c273180cc92d0cc0c5fb534440b7f0b402aa91c886551

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.makeuseof.com
:scheme: https
:path: /iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: viewType=utm; campaign=MUO-TW-P; refererSource=empty
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Response headers

server: nginx
date: Tue, 05 Jan 2021 21:27:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: viewType=utm; path=/ campaign=MUO-TW-P; path=/ refererSource=empty; path=/
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
538 B 49ms
16ms XHR
application/json 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.makeuseof.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 muo-logo-full-white.690e588f.svg
www.makeuseof.com/public/build/images/ 4 KB
2 KB 133ms
127ms Image
image/svg+xml 54.157.137.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.makeuseof.com/public/build/images/muo-logo-full-white.690e588f.svg

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/public/build/a-article.afa4336d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.157.137.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-137-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4bcccf07818080032d90b4cb941b7a56b1ca3adf77cb55db4d259ba5c2a857fd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.makeuseof.com/public/build/a-article.afa4336d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Jan 2021 18:51:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ff4b544-1017"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Wed, 05 Jan 2022 21:27:06 GMT

GET
H2 200 pixel.png Show response
www.makeuseof.com/ 103 B
441 B 128ms
120ms XHR
image/png 54.157.137.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuseof.com/pixel.png?params=---{%22group%22:%22browseclip_imp%22,%22device%22:%22desktop%22,%22ids%22:[{%22id%22:%221030038%22,%22position%22:%22sentinel-article-sidebarTop-1%22},{%22id%22:%221035376%22,%22position%22:%22sentinel-article-sidebarTop-2%22},{%22id%22:%221032237%22,%22position%22:%22sentinel-article-sidebarTop-3%22},{%22id%22:%221036324%22,%22position%22:%22sentinel-article-sidebarTop-4%22},{%22id%22:%221035093%22,%22position%22:%22sentinel-article-sidebarTop-5%22},{%22id%22:%221025804%22,%22position%22:%22sentinel-article-sidebarTop-6+%22},{%22id%22:%221036835%22,%22position%22:%22sentinel-article-sidebarSticky-1%22},{%22id%22:%221030900%22,%22position%22:%22sentinel-article-sidebarSticky-2%22},{%22id%22:%221035654%22,%22position%22:%22sentinel-article-sidebarSticky-3%22},{%22id%22:%221032714%22,%22position%22:%22sentinel-article-relatedContent-1%22},{%22id%22:%221026472%22,%22position%22:%22sentinel-article-relatedContent-2%22},{%22id%22:%221035404%22,%22position%22:%22sentinel-article-relatedContent-3%22},{%22id%22:%221022225%22,%22position%22:%22sentinel-article-relatedContent-4%22},{%22id%22:%221012097%22,%22position%22:%22sentinel-article-relatedContent-5%22},{%22id%22:%221033302%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%221029295%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%221026666%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%221034736%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%221025076%22,%22position%22:%22sentinel-article-nextArticle%22}],%22eventType%22:%22impression%22}---&rdm=0.8416660900971777

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/public/build/valnet-footer.70431242.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.157.137.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-137-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d4ed5bd20c3036042165e91001bd91497551164b0e34c76cb8a6eb15c33f3c15

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 24 Oct 2019 21:53:00 GMT
server: nginx
etag: "5db21d3c-67"
x-frame-options: SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 103
x-content-type-options: nosniff

GET
H2 200 b-9a4f7ce-b9ae6efe.js Show response
tagan.adlightning.com/valnet/ 61 KB
21 KB 26ms
25ms Script
application/javascript 13.224.94.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/b-9a4f7ce-b9ae6efe.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.56 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-56.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f048c3e6706ea369473cdd05cde9dc9ed7e3bfb075e8b9a8f232b3219d380b53

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Dec 2020 22:43:48 GMT
content-encoding: gzip
age: 1118599
x-cache: Hit from cloudfront
content-length: 20710
x-amz-meta-git_commit: 9a4f7ce
last-modified: Tue, 18 Aug 2020 17:47:10 GMT
server: AmazonS3
etag: "520de053344b12f3c711b84d7e0aa9d8"
x-amz-version-id: nm_3rXp1mGZm1WxHztUzYl9CxpczEO3c
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: nFnUMVL_jarG45MD3rejOBM66H9UrDv-tl6Zc-9I9celydNRDv_X0A==

GET
H2 200 bl-c29bca2-477720e8.js Show response
tagan.adlightning.com/valnet/ 82 KB
25 KB 26ms
25ms Script
application/javascript 13.224.94.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/bl-c29bca2-477720e8.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.56 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-56.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 669ab2bacb6218da0b51abecdb66aa3bf926376f0d8ed248f3f76381ff7eeed2

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:54:43 GMT
content-encoding: gzip
age: 1944
x-cache: Hit from cloudfront
content-length: 25134
x-amz-meta-git_commit: c29bca2
last-modified: Tue, 05 Jan 2021 20:54:20 GMT
server: AmazonS3
etag: "59032dc3819c2e17463373ada53b14bf"
x-amz-version-id: K_jNUnuiPiBUNwWxxKiCLeGHymjQ5pEL
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: QphMBcJqZjvetST8Zvb5ldpVEXXUxQCLNl3_FSV8OrvpxBewP8He1Q==

OPTIONS
H/1.1 204
No Content request
api.rhombusads.com/v1/ Frame 0
0 952ms
525ms Other 3.12.239.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rhombusads.com/v1/request
Protocol: HTTP/1.1
Server: 3.12.239.212 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-239-212.us-east-2.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.makeuseof.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.14.1
Date: Tue, 05 Jan 2021 21:27:07 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: content-type

POST
H/1.1 200
OK request Show response
api.rhombusads.com/v1/ 2 KB
1 KB 324ms
324ms XHR
application/json 3.12.239.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rhombusads.com/v1/request
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.239.212 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-239-212.us-east-2.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash: 10ed4ebe92a7fa82cd872fd4c66a32b21510c48ad79fa293f8e39a3a5a118686

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Tue, 05 Jan 2021 21:27:07 GMT
Content-Encoding: gzip
Server: nginx/1.14.1
X-Powered-By: Express
ETag: W/"969-LK7XnMRnaNRpfuZYYj9zLQPemYw"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
467 B 39ms
18ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.makeuseof.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3-Q050 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ 274 KB
97 KB 83ms
49ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Tue, 05 Jan 2021 21:27:06 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/91f52889f6a04390a65ad2591c59986e/ 43 B
423 B 517ms
132ms Image
image/gif 3.230.50.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/91f52889f6a04390a65ad2591c59986e/pixel?j=1&u=https%3A%2F%2Fwww.makeuseof.com%2Fmalware-targeting-cryptocurrency-wallets-windows-10%2F%3Futm_source%3DMUO-TW-P%26utm_medium%3DSocial-Distribution%26utm_campaign%3DMUO-TW-P&tag=ViewContent&ts=1609882026913

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.230.50.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-230-50-184.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 05 Jan 2021 21:27:07 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,34f799f0446ea6c13b2a87870105ad10,10.0.0.219,9030,185.156.175.107,,57508355162,1,1609882027.365,0.002,,.,0,0,0.000,0.000,-,0,0,197,212,106,10,26847,,,,,,-,
Content-Type: image/gif

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
70 B 14ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1337181030&t=pageview&_s=1&dl=https%3A%2F%2Fwww.makeuseof.com%2Fmalware-targeting-cryptocurrency-wallets-windows-10%2F%3Futm_source%3DMUO-TW-P%26utm_medium%3DSocial-Distribution%26utm_campaign%3DMUO-TW-P&ul=en-us&de=UTF-8&dt=ElectroRAT%20Malware%20Targeting%20Cryptocurrency%20Wallets%20on%20Windows%2010&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAQCAC~&jid=1773331363&gjid=527677811&cid=196640193.1609882027&tid=UA-730874-1&_gid=2001076573.1609882027&_r=1&_slc=1&cd1=1037086&cd2=gavin&cd3=&cd4=security&cd5=security&cd6=all&cd7=0&cd8=all&cd9=&cd10=&cd11=false&cd12=native&cd13=news&cd14=1037086&cd15=gavin&cd16=&cd17=dparrack&cd18=all&cd19=all&cd20=false&cd21=0&cd22=false&cd23=native&cd24=desktop&cd25=185.156.175.107&cd26=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&cd27=20-24&cd28=20210105&cd29=&cd30=news&cd31=news&cd32=%7Cremote-access%7Ctrojan%7Cwindows-10%7Cmalware%7C&cd33=N&cd34=showAds&cd35=false&cd36=content-all&z=133547205

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Jan 2021 21:27:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.makeuseof.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid.js Show response
cdn.snigelweb.com/prebid/latest/ 362 KB
102 KB 33ms
33ms Script
application/javascript 2606:4700:e4::ac40:ab0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snigelweb.com/prebid/latest/prebid.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ab0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e3bc080c4d5f22db206c5a70360404ffe013998c0849c822ba8b5d68f39c943

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3471
x-edge-location: Frankfurt, DE
x-cache: MISS
cf-request-id: 07760b5bbf000005fdec32b000000001
last-modified: Wed, 04 Nov 2020 16:05:30 GMT
server: cloudflare
etag: W/"5a617-5b34a26050ff2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BsrA8OUYuIj4cHJtXmqR%2BpQK4CNO9PkCPidK59K7CXDDrjF3BwJ6AOT9rwtJYu71tUuQ8unpGL8aT1BoLG3rPIyO0cWwNbFr2bg4UN%2F7rO1VZILq%2BCMYzyxE4dBxbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=7200, must-revalidate, immutable
x-edge-ip: 51.195.65.76
cf-ray: 60d0480c6feb05fd-FRA
x-storage: 809596973:8001
expires: 0

GET
H2 200 snhbGlobalSettings.js Show response
cdn.snigelweb.com/snhb/ 2 KB
1 KB 15ms
15ms Script
application/javascript 2606:4700:e4::ac40:ab0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snigelweb.com/snhb/snhbGlobalSettings.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ab0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e85ad3c5cc201874b5816e938722759374befb3821429981d29389cde92f46b5

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1217
x-edge-location: Frankfurt, DE
x-cache: REVALIDATED
x-age: 1801
cf-request-id: 07760b5bbf000005fd7529e000000001
last-modified: Wed, 02 Dec 2020 17:11:24 GMT
server: cloudflare
etag: W/"700-5b57e553ee767"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kA0ChwEXxDFGAkNSxlrMcydkZ1ieD5A7ZbTeQaA7sfTVtV%2BRDLlfdtHKxja9ufWTsrk7205NFoJ0OHwOcsAt%2BfbbShJN5J6F9VzhHBUz5lOfd8Zced9XnhMumweHBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: s-maxage=1800, max-age=1800, public, must-revalidate
x-edge-ip: 51.195.65.76
cf-ray: 60d0480c6fed05fd-FRA
x-storage: 809596973:8001
expires: 0

POST
H3-Q050 204 AGSKWxVEpMg_MabHpjAPn6_UzWYpLpsqYvbEVeI0BEgq6HEjcmohk_e1adxkWo0ZIccnhLJHNM45Sqhzg6Y2iKBoZbY= Show response
fundingchoicesmessages.google.com/l/ 0
818 B 58ms
23ms XHR
text/html 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxVEpMg_MabHpjAPn6_UzWYpLpsqYvbEVeI0BEgq6HEjcmohk_e1adxkWo0ZIccnhLJHNM45Sqhzg6Y2iKBoZbY=?pvid=68F27A8D-5CE5-49D2-9263-EA5D826176B9&anonid=B3DF4CCC-85A6-425B-90F0-0AF494211441

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2ZEL/PcVbUSYWoSPND/Z8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-2ZEL/PcVbUSYWoSPND/Z8g' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Jan 2021 21:27:07 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.makeuseof.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-2ZEL/PcVbUSYWoSPND/Z8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-2ZEL/PcVbUSYWoSPND/Z8g' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxVTyocu3kg2mMStCZ37gH43vsgOeALILepZU3WeTlXfHKbI-gR7B_l1Z5VCwv1D6RxaOG16eACni5ALxhakbc4= Show response
fundingchoicesmessages.google.com/f/ 273 KB
63 KB 99ms
83ms Script
application/javascript 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVTyocu3kg2mMStCZ37gH43vsgOeALILepZU3WeTlXfHKbI-gR7B_l1Z5VCwv1D6RxaOG16eACni5ALxhakbc4=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjA5ODgyMDI3LDMzMDAwMDAwXSwiNjhGMjdBOEQtNUNFNS00OUQyLTkyNjMtRUE1RDgyNjE3NkI5IiwiQjNERjRDQ0MtODVBNi00MjVCLTkwRjAtMEFGNDk0MjExNDQxIixudWxsLFtudWxsLFs3XV1d

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

460a08925e89c7fe27f271a8219b6059c526675d5755a9552888abdeabb8f270

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-11fPC+F65mwus5B7N0KhVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-11fPC+F65mwus5B7N0KhVA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jan 2021 21:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-11fPC+F65mwus5B7N0KhVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-11fPC+F65mwus5B7N0KhVA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
372 B 82ms
80ms XHR
text/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3741&u=https%3A%2F%2Fwww.makeuseof.com%2Fmalware-targeting-cryptocurrency-wallets-windows-10%2F%3Futm_source%3DMUO-TW-P%26utm_medium%3DSocial-Distribution%26utm_campaign%3DMUO-TW-P&pid=hJpguBjZvjr8x&cb=0&ws=1600x1200&v=7.58.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F39363775%2FMUO_Balance_Regular%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22728x300%22%5D%2C%22sn%22%3A%22%2F39363775%2FMUO_Balance_Regular%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F39363775%2FMUO_Balance_Regular%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F39363775%2FMUO_Balance_Regular%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F39363775%2FMUO_Balance_Regular%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F39363775%2FMUO_Balance_Regular%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F39363775%2FMUO_Balance_Regular%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F39363775%2FMUO_Balance_Regular%22%7D%5D&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:07 GMT
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.makeuseof.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Pl6nCmlu07c7lvB483yRQhUmlKcigSc3SPlankIgwXFPanS8weMg2w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 25ms
24ms XHR
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: qvfBoISJ5ymXoV8clHCjrjeaYCNnawpM
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 14186
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 23 Dec 2020 21:52:09 GMT
server: AmazonS3
date: Tue, 05 Jan 2021 17:30:42 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: P9uiUQDyKYJWuGV9tQVZ1CIBv3VX2dtr9iCx6YfSpUQocgNuKt6gyg==

GET
H2 200 ml_jQuery.inputmask.bundle.min.js Show response
static.mailerlite.com/js/w/ 69 KB
20 KB 34ms
30ms Script
application/javascript 2606:4700::6812:39f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mailerlite.com/js/w/ml_jQuery.inputmask.bundle.min.js?v3.3.1

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:39f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c77ae965196f7308b827ce8cef39758740e9652e49958d866454ca1967e03dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:07 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
age: 5234
content-encoding: br
cf-request-id: 07760b5c650000c2ef91926000000001
last-modified: Tue, 05 Jan 2021 07:27:45 GMT
server: cloudflare
etag: W/"5ff414f1-1153a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
content-type: application/javascript
cache-control: public, max-age=432000
cf-ray: 60d0480d6e58c2ef-FRA
expires: Sun, 10 Jan 2021 21:27:07 GMT

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame 3DF2 0
0 54ms
40ms Document
text/html 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly93d3cubWFrZXVzZW9mLmNvbTo0NDM.&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=normal&cb=igkzs2n1j544

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CQI52Oh9l6fafie6bd9+ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly93d3cubWFrZXVzZW9mLmNvbTo0NDM.&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=normal&cb=igkzs2n1j544
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 05 Jan 2021 21:27:07 GMT
content-security-policy: script-src 'report-sample' 'nonce-CQI52Oh9l6fafie6bd9+ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11684
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 51ms
16ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-730874-1&cid=196640193.1609882027&jid=1773331363&gjid=527677811&_gid=2001076573.1609882027&_u=IEBAAEAAAAQCAC~&z=1887154445

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 05 Jan 2021 21:27:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.makeuseof.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 184735-131337367521686.js Show response
js-sec.indexww.com/ht/p/ Frame 324F 154 KB
42 KB 135ms
58ms Script
text/javascript 2.21.37.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/184735-131337367521686.js
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.92 , France, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-37-92.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b937ec067c85bc923e1b48b5c3cdfacf2c1bef962d9b2e32cc3af1acc9cd0e14

Request headers

Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 05 Jan 2021 21:27:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 21:28:30 GMT
Server: Apache
ETag: "da4042-26652-5b82de350e317"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3599
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 42888
Expires: Tue, 05 Jan 2021 22:27:06 GMT

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ Frame 324F 53 KB
18 KB 71ms
27ms Script
application/javascript 2600:9000:206f:4c00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=d414d99d-07c9-4fce-a58c-5da6dc3ee663&tagId=2&subId=MUO-Reg-Balance&callback=
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4c00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4390447cdbeb188fcda3f6593cbb3ebb1db6fe26ddf5589e00c5bce297ce38a

Request headers

Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: JC1MZXnTlq5q1hwwM7uac4dOsQCTW8Fq
content-encoding: gzip
last-modified: Wed, 02 Dec 2020 10:42:18 GMT
server: AmazonS3
age: 17213
etag: W/"68c180f02ff8411308f6cfc922d94aa4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
date: Tue, 05 Jan 2021 16:40:15 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: EwrfiMt79JH5EJBqmSuWxrmdY_9lAFbPJBUHgbLVJS8aVqjTHuL-4Q==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 324F 54 KB
19 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f24cdf83d334ae1a2c662bd693830f8ba8f9e38012679cb7c009ddc635e732e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "746 / 951 of 1000 / last-modified: 1609865133"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18858
x-xss-protection: 0
expires: Tue, 05 Jan 2021 21:27:07 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 324F 116 KB
30 KB 41ms
40ms Script
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883

Request headers

Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:24:42 GMT
content-encoding: gzip
server: Server
age: 144
etag: 089c185b065ebe3e9c21625b16dea242
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: _tJcEejvI3lMG1vG763SOdL7bPxWjlBE
x-amz-cf-id: 4tfDM2ybcbcrIx-cCMMaU_3vFYUcgGLh7hierNzNT8ty8IKr_SFjMQ==

GET
H2 200 css
fonts.googleapis.com/ 49 KB
3 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.en_US.PWbVtaA_vGk.es5.O/d=1/ct=zgms/rs=AJlcJMziQWKntns3pgRn7K9TN7Vpc-joDA/m=iabtcfv2wallscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8929511a46b2456650f499d20bfc86a8e32905b6b236770634cd06afee158f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Jan 2021 21:27:07 GMT
server: ESF
date: Tue, 05 Jan 2021 21:27:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Jan 2021 21:27:07 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
238 B 28ms
26ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-730874-1&cid=196640193.1609882027&jid=1773331363&_u=IEBAAEAAAAQCAC~&z=1964583475

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jan 2021 21:27:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 45ms
17ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-730874-1&cid=196640193.1609882027&jid=1773331363&_u=IEBAAEAAAAQCAC~&z=1964583475

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jan 2021 21:27:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxVEpMg_MabHpjAPn6_UzWYpLpsqYvbEVeI0BEgq6HEjcmohk_e1adxkWo0ZIccnhLJHNM45Sqhzg6Y2iKBoZbY= Show response
fundingchoicesmessages.google.com/l/ 0
347 B 21ms
21ms XHR
text/html 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5zWNKlCoRGRWbAVlcXSvcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-5zWNKlCoRGRWbAVlcXSvcw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Jan 2021 21:27:07 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.makeuseof.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-5zWNKlCoRGRWbAVlcXSvcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-5zWNKlCoRGRWbAVlcXSvcw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 324F 274 KB
97 KB 33ms
32ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Tue, 05 Jan 2021 21:27:07 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 19ms
16ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.makeuseof.com
Referer: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 11:36:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 381015
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Sat, 01 Jan 2022 11:36:52 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v70/ 96 KB
97 KB 13ms
10ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v70/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47663194d7d38716a59e702f42a8494d099a24a8f84ad940e0db38938c8a4956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.makeuseof.com
Referer: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 04:05:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Dec 2020 02:35:37 GMT
server: sffe
age: 408088
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98812
x-xss-protection: 0
expires: Sat, 01 Jan 2022 04:05:39 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 12ms
10ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.makeuseof.com
Referer: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 21:30:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 431774
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Fri, 31 Dec 2021 21:30:53 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.makeuseof.com
Referer: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 16:31:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 363362
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sat, 01 Jan 2022 16:31:05 GMT

POST
H3-Q050 204 AGSKWxUScYTnxwJrqnEHo-9uZVMKrRM_v7rw0TGQYXhvSlc1PFMg1_DVP5mrLv21m87EA-06cJYVFjqvKrCYp5vyehdd2wlqq7TJBhvvqEPX2J7Q4HpY01uXq-Cf4mdYu5Hyq_yW4PC-gZz71EgmSTd5HUss0ZbP9P0Cgwz6W5XGAuOOyj1kceE-6mo2Fw9F Show response
fundingchoicesmessages.google.com/l/ 0
348 B 34ms
28ms XHR
text/html 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxUScYTnxwJrqnEHo-9uZVMKrRM_v7rw0TGQYXhvSlc1PFMg1_DVP5mrLv21m87EA-06cJYVFjqvKrCYp5vyehdd2wlqq7TJBhvvqEPX2J7Q4HpY01uXq-Cf4mdYu5Hyq_yW4PC-gZz71EgmSTd5HUss0ZbP9P0Cgwz6W5XGAuOOyj1kceE-6mo2Fw9F?dmid=89c492f3463f5238

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9WveDrZk6SRMzOkWtZEk7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9WveDrZk6SRMzOkWtZEk7A' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Jan 2021 21:27:07 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.makeuseof.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-9WveDrZk6SRMzOkWtZEk7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9WveDrZk6SRMzOkWtZEk7A' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.makeuseof.com%2F&domain=www.makeuseof.com&cw=1
https://mug.criteo.com/sid?cpp=atqKEnxTQ1FLY3ZBWVpHVFAreGFEcVZHaFVPNm81ZFJyeHdHRWtHYjlqdU83TmhLM3QvQTU2UmlORTJjNzFMcmVKTVZxMkxia2NQbU54VGN0ZTRXOTd3K3pwV0VxYVFYeW53R1VHVmpWYTlURnhTMWszamtSSVpzTDVZSW...

350 B
643 B

130ms
42ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=atqKEnxTQ1FLY3ZBWVpHVFAreGFEcVZHaFVPNm81ZFJyeHdHRWtHYjlqdU83TmhLM3QvQTU2UmlORTJjNzFMcmVKTVZxMkxia2NQbU54VGN0ZTRXOTd3K3pwV0VxYVFYeW53R1VHVmpWYTlURnhTMWszamtSSVpzTDVZSWpBdWdBQzdoUjN1UjJtR3lsZG1YaTEyRkJIQ3djUmlTMGt6cTRYd1BoejlETXM5QlR1Q2pDeDVHS2EwOE1VdGNDS3RlMWpiOGJyZnNTZFlOWDlNWnlYdE9qaGxaVUlUeE1NNTFTMzN3SmNPSTNiR0xjeENnPXw&cppv=2

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

1d92d06704b38825a413ee221f4846dbef1de89538c71f826f1edd4fd9453b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 05 Jan 2021 21:27:07 GMT
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1054
content-length: 350
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 05 Jan 2021 21:27:06 GMT
location: https://mug.criteo.com/sid?cpp=atqKEnxTQ1FLY3ZBWVpHVFAreGFEcVZHaFVPNm81ZFJyeHdHRWtHYjlqdU83TmhLM3QvQTU2UmlORTJjNzFMcmVKTVZxMkxia2NQbU54VGN0ZTRXOTd3K3pwV0VxYVFYeW53R1VHVmpWYTlURnhTMWszamtSSVpzTDVZSWpBdWdBQzdoUjN1UjJtR3lsZG1YaTEyRkJIQ3djUmlTMGt6cTRYd1BoejlETXM5QlR1Q2pDeDVHS2EwOE1VdGNDS3RlMWpiOGJyZnNTZFlOWDlNWnlYdE9qaGxaVUlUeE1NNTFTMzN3SmNPSTNiR0xjeENnPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.makeuseof.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 951
content-length: 482
expires: 0

POST
H/1.1 200 364.json Show response
id5-sync.com/g/v2/ 346 B
1 KB 129ms
43ms XHR
application/json 51.195.5.38
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/364.json?gdpr_consent=&gdpr=0

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.38 , France, ASN16276 (OVH, FR),

Reverse DNS

p16.id5-sync.com

Software

Resource Hash

6feee65e9d59f67bf27c88411d4828fb0db3191ac1de8645b2ac230a75ca740a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 05 Jan 2021 21:27:06 GMT
Vary: Origin
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: https://www.makeuseof.com
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
199 B 36ms
33ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=107
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Jan 2021 21:27:07 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.makeuseof.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
546 B 146ms
47ms XHR
application/json 34.246.127.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=8p4qh9l&fmt=json
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.127.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-127-166.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 504b736a2e39c081dd818dcb412f996648e8362af9959cf182537318006bce5f

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Jan 2021 21:27:07 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.makeuseof.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 04 Feb 2021 21:27:07 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 324F 174 B
539 B 218ms
217ms XHR
text/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3741&u=https%3A%2F%2Fwww.makeuseof.com%2Fmalware-targeting-cryptocurrency-wallets-windows-10%2F%3Futm_source%3DMUO-TW-P%26utm_medium%3DSocial-Distribution%26utm_campaign%3DMUO-TW-P&pid=8DMBdiZzlrQUG&cb=0&ws=300x250&v=7.58.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F39363775%2FMUO_Balance_Regular%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 0698497b439f311a1b7c09967774715a788df9b7fc54f3a446652535e5a4f640

Request headers

Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 21:27:08 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: ZRH50-C1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.makeuseof.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 160
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
x-amz-cf-id: RYaw4fzeHB61s9Gj5CR0vqVRb566enRcKvABBRugAkZ3zl5AobeHSQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 324F 6 KB
3 KB 49ms
49ms XHR
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: qvfBoISJ5ymXoV8clHCjrjeaYCNnawpM
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 14186
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 23 Dec 2020 21:52:09 GMT
server: AmazonS3
date: Tue, 05 Jan 2021 17:30:42 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: eq_RunHjZNFYNyvQ420tF7tXL7XoL1xZaSjoo0cciGgA2vhB7mnR6Q==

GET
H/1.1 200
OK abc.txt Show response
static.avantisvideo.com/data/ Frame 324F 19 KB
5 KB 171ms
99ms XHR
text/plain 23.67.141.101
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=d414d99d-07c9-4fce-a58c-5da6dc3ee663&tagId=2&subId=MUO-Reg-Balance&callback=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.141.101 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-67-141-101.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 839e847999fa0f989f1697a087566863a80a0f019233cd5f573ebec1e11a7a9f

Request headers

Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 05 Jan 2021 21:27:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 11:55:53 GMT
Server: AmazonS3
x-amz-request-id: 17E6E5A8B3BB4551
ETag: "a67199dc8d5f43220d1952544e58a16d"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4500
x-amz-id-2: IljfPkGVOdSeu/EkSChpVwc1d67ZfuXLHipj0tLZDs6K+NpAP3t966+SrzPeiOLpYwqQ+G8Tkws=

GET
H2 451 identity Show response
api.rlcdn.com/api/ 0
46 B 34ms
32ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Jan 2021 21:27:07 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.makeuseof.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
544 B 56ms
51ms XHR
application/json 34.246.127.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184735
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.127.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-127-166.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dd0cda023ca54a30aefa590d33d5702395b4838435230636f10028e091e4a349

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Jan 2021 21:27:07 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.makeuseof.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 04 Feb 2021 21:27:07 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 324F 108 B
544 B 49ms
48ms XHR
application/json 34.246.127.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184735
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184735-131337367521686.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.127.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-127-166.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2d4e20bbcc7976b0b017e6d360896ccc69cd2b3627409c5c851b7087be7b0562

Request headers

Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Jan 2021 21:27:07 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.makeuseof.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Thu, 04 Feb 2021 21:27:07 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
428 B 93ms
32ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Jan 2021 21:27:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.makeuseof.com
access-control-allow-credentials: true
cf-ray: 60d048133eaf23f7-ZRH
access-control-allow-headers: Content-Type, Origin
cf-request-id: 07760b6001000023f763068000000001

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
448 B 212ms
136ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.makeuseof.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
688 B 218ms
132ms XHR
application/json 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=200690&v=7.2&r=%7B%22id%22%3A%2252e65311be1ecf%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2263473b836a8407%22%2C%22ext%22%3A%7B%22siteID%22%3A%22200690%22%2C%22sid%22%3A%22sidebar-1%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.makeuseof.com%2Fmalware-targeting-cryptocurrency-wallets-windows-10%2F%3Futm_source%3DMUO-TW-P%26utm_medium%3DSocial-Distribution%26utm_campaign%3DMUO-TW-P%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22snigelweb.com%22%2C%22sid%22%3A%227151%22%2C%22domain%22%3A%22makeuseof.com%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: abc85e4d491903258a7da299784bad3fce8dbb31a76d74b277124fbfa7cc826c

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Jan 2021 21:27:08 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin: https://www.makeuseof.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 44
x-ak-client-geo: 12
expires: Tue, 05 Jan 2021 21:27:08 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
2 KB 177ms
87ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14598&site_id=79822&zone_id=670250&size_id=15&gdpr=0&rp_schain=1.0,1!snigelweb.com,7151,1,,,makeuseof.com&tpid_tdid=7a6c5c33-dcb9-46a4-b3ab-f06fdeca7e87&rf=https%3A%2F%2Fwww.makeuseof.com%2Fmalware-targeting-cryptocurrency-wallets-windows-10%2F%3Futm_source%3DMUO-TW-P%26utm_medium%3DSocial-Distribution%26utm_campaign%3DMUO-TW-P&tk_flint=pbjs_lite_v3.27.1&x_source.tid=e2328853-44c4-4efb-ba29-07c37ad96141&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9920968592677308
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 31db95dca38432f40fe27737108571974a7528c9ec2d4b647db6ebee772f8988

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 05 Jan 2021 21:27:08 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.makeuseof.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
636 B 391ms
130ms XHR
application/json 52.4.152.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-152-106.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 16707f5f9756e1417de8ff1fa9daa8d004dd1d96e4a09cff438520460f8a9f61

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Jan 2021 21:27:08 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.makeuseof.com
access-control-allow-credentials: true

POST
H2 200 v2 Show response
i.connectad.io/api/ 96 B
708 B 176ms
139ms XHR
application/json 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac50a51267986f1242563b6f42b6ef730d433499f53425ccf901f6650a16380

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Jan 2021 21:27:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
via: 1.1 google
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://www.makeuseof.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 60d048131e50d729-FRA
content-type: application/json
cf-request-id: 07760b5fec0000d729a2849000000001

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 192 B
379 B 55ms
14ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1460 , Sweden, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebd3743cc48046c697458f28e8d81313839cef30b411eef5a60ce969beb5171

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Jan 2021 21:27:08 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.makeuseof.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 192
expires: 0

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
660 B 111ms
38ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96942e017474bab66ebadf20370005&pos=sws_hb_makeuseof_sidebar_1&cmd=bid&secure=1
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 937b2aae123257343910ac93c5d53081252b1e1c96d3b40540c073f82cc9ea38

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 05 Jan 2021 21:27:08 GMT
Server: ATS/7.1.2.128
Age: 0
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.makeuseof.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 155ms
82ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.makeuseof.com
date: Tue, 05 Jan 2021 21:27:06 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 118ms
56ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a1999e45e03212bbae8b032858ae30889037b27b9e7618faf6b029b218f2cfff

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 05 Jan 2021 21:27:08 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.39:80
AN-X-Request-Uuid: 1a67ca9a-d262-48c5-9d7f-d47b6df56ee8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.makeuseof.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 111ms
53ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

c1ea7cdd72756ca4afc173c6259f3980f56c81229d8e3d9759086b5bf9912872

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 05 Jan 2021 21:27:08 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.42:80
AN-X-Request-Uuid: b4be5304-3860-4ec1-9821-ec44f5cb56be
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.makeuseof.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 96 B
762 B 213ms
98ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.27.1
Requested by: Host: www.makeuseof.com
URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b4ce6d69fcc30a772273ebdd6f81c400811a517222c681f629c14d2c0eaa474d

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 05 Jan 2021 21:27:08 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.makeuseof.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

GET
H2 451 identity Show response
api.rlcdn.com/api/ Frame 324F 0
46 B 58ms
39ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184735-131337367521686.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Jan 2021 21:27:08 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.makeuseof.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 checksync.php
hbx.media.net/ Frame 72C0 0
0 44ms
43ms Document
text/html 104.80.28.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?&vsSync=1&cs=17&hb=1&cv=37&ndec=1&cid=8CU6TM0R4&prvid=41%2C56%2C59%2C70%2C77%2C80%2C85%2C97%2C99%2C108%2C109%2C117%2C132%2C141%2C157%2C159%2C175%2C178%2C182%2C184%2C186%2C188%2C193%2C201%2C203%2C208%2C214%2C222%2C225%2C226%2C229%2C246%2C251%2C261%2C2009%2C2017%2C2025%2C2027%2C2028%2C2030%2C2031%2C2033%2C2034%2C3007%2C3008%2C3010%2C3011%2C3012%2C3014%2C3015%2C3017%2C3018%2C3020%2C3022%2C10000&https=1&gdpr=1&gdprconsent=2

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bxl.js?cid=8CU6TM0R4&dn=www.makeuseof.com&https=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.80.28.24 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-80-28-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: hbx.media.net
:scheme: https
:path: /checksync.php?&vsSync=1&cs=17&hb=1&cv=37&ndec=1&cid=8CU6TM0R4&prvid=41%2C56%2C59%2C70%2C77%2C80%2C85%2C97%2C99%2C108%2C109%2C117%2C132%2C141%2C157%2C159%2C175%2C178%2C182%2C184%2C186%2C188%2C193%2C201%2C203%2C208%2C214%2C222%2C225%2C226%2C229%2C246%2C251%2C261%2C2009%2C2017%2C2025%2C2027%2C2028%2C2030%2C2031%2C2033%2C2034%2C3007%2C3008%2C3010%2C3011%2C3012%2C3014%2C3015%2C3017%2C3018%2C3020%2C3022%2C10000&https=1&gdpr=1&gdprconsent=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Fri, 09 Jul 2021 21:27:08 GMT; domain=.media.net; Path=/; sameSite=none; secure=true visitor-id=2528836285348369000V10; Expires=Wed, 05 Jan 2022 21:27:08 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Thu, 07 Jan 2021 21:27:08 GMT
date: Tue, 05 Jan 2021 21:27:08 GMT
content-length: 9493

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame DAAA 0
0 20ms
17ms Document
text/html 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&cb=rqrrjgb1zeh1

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4GTLRAEuRKDrjm1eaq1cDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&cb=rqrrjgb1zeh1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 05 Jan 2021 21:27:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-4GTLRAEuRKDrjm1eaq1cDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1123
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK u_d.html
cdn1.avantisvideo.com/connect/ Frame 5C98 0
0 160ms
55ms Document
text/html 23.67.141.101
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=d414d99d-07c9-4fce-a58c-5da6dc3ee663&tagId=2&subId=MUO-Reg-Balance&callback=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.141.101 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-67-141-101.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Host: cdn1.avantisvideo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/

Response headers

x-amz-id-2: AKcMRGPT2oFaxjSIz7J1KCw0Z8oDVIoGwe34L1bTsKEonRLwnSnmfGu7jZEqOHyt3AXzfy+AihY=
x-amz-request-id: C2D472B70E5F0D4F
Last-Modified: Wed, 21 Oct 2020 12:02:12 GMT
ETag: "616cd2f36203ae3b124d70c803c7c7a7"
x-amz-version-id: aQTt0EDrJInn5h7oZRa4YKcA5m0mCAoF
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 05 Jan 2021 21:27:08 GMT
Content-Length: 15090
Connection: keep-alive

OPTIONS
H2 200 v2
e.serverbid.com/api/ Frame 0
0 358ms
117ms Other 178.128.135.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Protocol: H2
Server: 178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.makeuseof.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Origin, User-Agent, If-Modified-Since, Cache-Control, Accept
access-control-allow-origin: https://www.makeuseof.com

POST
H2 200 v2 Show response
e.serverbid.com/api/ Frame 324F 16 B
171 B 351ms
119ms XHR
application/json 178.128.135.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184735-131337367521686.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.makeuseof.com
date: Tue, 05 Jan 2021 21:27:08 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 324F 144 B
843 B 36ms
34ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184735-131337367521686.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e27453fefbcddb4a529c34fc53075818f366473f2498d9bbecad0bda10ec720e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 05 Jan 2021 21:27:08 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.155:80
AN-X-Request-Uuid: ec6d9544-2ee6-4567-a4db-046780e713dc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.makeuseof.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 324F 66 B
730 B 100ms
97ms XHR
text/javascript 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=307872&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A91034057%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.makeuseof.com%2Fmalware-targeting-cryptocurrency-wallets-windows-10%2F%3Futm_source%3DMUO-TW-P%26utm_medium%3DSocial-Distribution%26utm_campaign%3DMUO-TW-P%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.makeuseof.com%2Fmalware-targeting-cryptocurrency-wallets-windows-10%2F%3Futm_source%3DMUO-TW-P%26utm_medium%3DSocial-Distribution%26utm_campaign%3DMUO-TW-P%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%2C%22ext%22%3A%7B%22sid%22%3A%2217%22%2C%22siteID%22%3A%22550460%22%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227a6c5c33-dcb9-46a4-b3ab-f06fdeca7e87%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22TRUE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222020-12-05T21%3A27%3A07%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184735-131337367521686.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cceeffbbd3ef35611643f28507d4891ec1ad69164c922325cdda6a8937e89720

Request headers

Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 05 Jan 2021 21:27:08 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin: https://www.makeuseof.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-type: text/javascript
content-length: 86
x-ak-client-geo: 12
expires: Tue, 05 Jan 2021 21:27:08 GMT

GET
H2 200 auction Show response
tlx.3lift.com/header/ Frame 324F 19 B
479 B 150ms
66ms XHR
application/json 18.184.101.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?inv_code=makeuseof_d_rrail_largerec_btf_header&lib=ix&size=300x250&referrer=https%3A%2F%2Fwww.makeuseof.com%2Fmalware-targeting-cryptocurrency-wallets-windows-10%2F%3Futm_source%3DMUO-TW-P%26utm_medium%3DSocial-Distribution%26utm_campaign%3DMUO-TW-P&v=2.1.2&tmax=1000&gdpr=true&cmp_cs=&us_privacy=

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184735-131337367521686.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.101.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-101-206.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 05 Jan 2021 21:27:08 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.makeuseof.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 71AA
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_dm_cnv_n-smaato_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_dm_cnv_n-smaato_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift&dcc=t

0
0

210ms
208ms

Document
text/html

52.95.124.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_dm_cnv_n-smaato_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A2eL-jhQnkX1iYYALk69KUw|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/

Response headers

Server: Server
Date: Tue, 05 Jan 2021 21:27:08 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 229
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A2eL-jhQnkX1iYYALk69KUw; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 21:27:08 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Apr-2026 21:27:08 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Tue, 05 Jan 2021 21:27:08 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_dm_cnv_n-smaato_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift&dcc=t
Set-Cookie: ad-id=A2eL-jhQnkX1iYYALk69KUw|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 21:27:08 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ Frame 324F 0
315 B 292ms
92ms XHR
text/plain 2.21.37.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=307872&u=https%3A%2F%2Fwww.makeuseof.com%2Fmalware-targeting-cryptocurrency-wallets-windows-10%2F%3Futm_source%3DMUO-TW-P%26utm_medium%3DSocial-Distribution%26utm_campaign%3DMUO-TW-P&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184735-131337367521686.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.92 , France, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-37-92.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 05 Jan 2021 21:27:09 GMT
Server: Apache
Access-Control-Allow-Origin: https://www.makeuseof.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Tue, 05 Jan 2021 21:27:09 GMT

GET
H/1.1 200
OK valnet-block-cr.js Show response
cdn1.avantisvideo.com/js/ Frame 324F 159 KB
49 KB 73ms
42ms Script
application/javascript 23.67.141.101
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/js/valnet-block-cr.js?id=d414d99d-07c9-4fce-a58c-5da6dc3ee663&tagId=2&subId=MUO-Reg-Balance&callback=
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=d414d99d-07c9-4fce-a58c-5da6dc3ee663&tagId=2&subId=MUO-Reg-Balance&callback=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.141.101 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-67-141-101.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a125bca76101a1b6555342832d4b8dde3ef466546709e501fd3c0d5da73117b4

Request headers

Referer: https://www.makeuseof.com/iFramedAdTemplate/1512/malware-targeting-cryptocurrency-wallets-windows-10/&postId=1037086/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: pCea63KiohcMq2g4aq3JX1un.Q.adFur
Content-Encoding: gzip
Last-Modified: Mon, 28 Dec 2020 07:06:16 GMT
Server: AmazonS3
x-amz-request-id: FB65DE44DFF70DFB
ETag: "7cb43022305e24dbdb38009000c5abe4"
Vary: Accept-Encoding
Content-Type: application/javascript
Date: Tue, 05 Jan 2021 21:27:09 GMT
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Transfer-Encoding: chunked
x-amz-id-2: 28jkpPkzUBjhfq4Y/h4NMV/L+GVSeXiKBYBr/uzAD/5RtfIdjESu/Lt+S5RJfZzCDh/weVIsCHU=

GET
H/1.1 200
OK valnet-block-cr.js Show response
cdn1.avantisvideo.com/js/ 159 KB
49 KB 35ms
34ms Script
application/javascript 23.67.141.101
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/js/valnet-block-cr.js?id=d414d99d-07c9-4fce-a58c-5da6dc3ee663&tagId=2&subId=MUO-Reg-Balance&callback=
Requested by: Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/valnet-block-cr.js?id=d414d99d-07c9-4fce-a58c-5da6dc3ee663&tagId=2&subId=MUO-Reg-Balance&callback=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.141.101 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-67-141-101.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a125bca76101a1b6555342832d4b8dde3ef466546709e501fd3c0d5da73117b4

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: pCea63KiohcMq2g4aq3JX1un.Q.adFur
Content-Encoding: gzip
Last-Modified: Mon, 28 Dec 2020 07:06:16 GMT
Server: AmazonS3
x-amz-request-id: FB65DE44DFF70DFB
ETag: "7cb43022305e24dbdb38009000c5abe4"
Vary: Accept-Encoding
Content-Type: application/javascript
Date: Tue, 05 Jan 2021 21:27:09 GMT
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Transfer-Encoding: chunked
x-amz-id-2: 28jkpPkzUBjhfq4Y/h4NMV/L+GVSeXiKBYBr/uzAD/5RtfIdjESu/Lt+S5RJfZzCDh/weVIsCHU=

GET
H/1.1 200
OK u_d.html
cdn1.avantisvideo.com/connect/ Frame 67F2 0
0 97ms
63ms Document
text/html 23.67.141.101
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.141.101 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-67-141-101.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Host: cdn1.avantisvideo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Response headers

x-amz-id-2: AKcMRGPT2oFaxjSIz7J1KCw0Z8oDVIoGwe34L1bTsKEonRLwnSnmfGu7jZEqOHyt3AXzfy+AihY=
x-amz-request-id: C2D472B70E5F0D4F
Last-Modified: Wed, 21 Oct 2020 12:02:12 GMT
ETag: "616cd2f36203ae3b124d70c803c7c7a7"
x-amz-version-id: aQTt0EDrJInn5h7oZRa4YKcA5m0mCAoF
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 05 Jan 2021 21:27:09 GMT
Content-Length: 15090
Connection: keep-alive

POST
H2 200 / Show response
events.avantisvideo.com/ 2 B
90 B 847ms
198ms XHR
text/plain 35.164.213.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.213.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-213-195.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 05 Jan 2021 21:27:10 GMT
content-length: 2
content-type: text/plain

POST
H2 200 / Show response
events.avantisvideo.com/ 2 B
89 B 847ms
199ms XHR
text/plain 35.164.213.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.213.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-213-195.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 05 Jan 2021 21:27:10 GMT
content-length: 2
content-type: text/plain

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 78B9 0
0 111ms
24ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/latest/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIvsBAEAoYASABKAEwrLPT_wU4AUABSAEQrLPT_wUYAA..; uuid2=2919696602785318381
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 03 Dec 2020 21:09:36 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 05 Jan 2021 21:27:11 GMT
Age: 987
X-Served-By: cache-lga21965-LGA, cache-hhn4083-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 15448
X-Timer: S1609882031.480706,VS0,VE0
Vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 80C5 0
0 422ms
130ms Document
text/plain 208.100.17.171
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bDp8G-BEqr6OkqaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&gdpr=0
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/latest/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.171 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: 33XP003 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=bDp8G-BEqr6OkqaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Response headers

x-33x-status: 2020008
server: 33XP003
date: Tue, 05 Jan 2021 21:27:11 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 1842 0
0 166ms
90ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/latest/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIvsBAEAoYASABKAEwrLPT_wU4AUABSAEQrLPT_wUYAA..; uuid2=2919696602785318381
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 03 Dec 2020 21:09:36 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 05 Jan 2021 21:27:11 GMT
Age: 987
X-Served-By: cache-lga21965-LGA, cache-hhn4030-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 16139
X-Timer: S1609882031.481429,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame C92C 0
0 29ms
27ms Document
text/html 184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/latest/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.212.16 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KJKI6YWH-9-4DFD; rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhKa2tmCxRUZWfOgl2qOqfPGrgL8vyf7qLiY/CRnOvtlP9UQv1FULOQ3SgGDSlnlAWiFIP9hAlb/GLEgInpQWgEKRbU66TGfmMWV7/AA==; ses15=; vis15=79822^1; pux=1512%3D96550%262249%3D96550%262974%3D96550%263778%3D96550%262249-DV360-Hosted%3D96550%26idl%3D96550%26goog%3D96550%26brx%3D96550%26; audit=1|hLZGFuTafB2VPC3dXYd20np4/TMPY9XwiSXE3b9+iiKokRFzeRRy5A1QaSF4jEiOcn+sBs3psW5o2B05UvZjL1fhjiYsBz1asqlSNZOaaDQ=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Jan 2021 21:27:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set beacon
ap.lijit.com/ Frame 71F5 0
0 53ms
52ms Document
text/html 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13384613
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/latest/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=1d3dd33a8fecdb8984655920; ljtrtbexp=eJyrVrIwUbIyNDM0NLA0NDOy0FGyMEXjm6PyTQ0MDFFFLC0tUfTUAgDasREc; _ljtrtb_5001=8399c81d0586c716754fc4b05da338a2; _ljtrtb_87=d44e5586-51e6-4c38-b800-c957418087c4; _ljtrtb_85=AAS1Z06_6bMAAA_hNhEc1A; _ljtrtb_84=c:df1c6a0fe499f2bfb382b8d108a90462
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Response headers

Server: nginx
Date: Tue, 05 Jan 2021 21:27:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxlkDsSgDAIRO%2BS2oIlhIBXc7y7k2jDWj6G%2FcDV0E64ZHpYx9HcFwOS8MVasVecqDxEaAKpnJmDPN5EsfDYCv0p5m8SlEKtg1KDeocRU6dgP2qg5Kf%2BfVGHbp71pk5%2BRnpL%2BiPtD75XaoP7AcIrWEU%3D;Path=/;Domain=.lijit.com;Expires=Wed, 05-Jan-2022 21:27:11 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Wed, 05-Jan-2022 21:27:11 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=1d3dd33a8fecdb8984655920;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap1ams1

GET
H2 200 /
onetag-sys.com/usync/ Frame 945F 0
0 46ms
46ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1609882028210

Requested by

Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/latest/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1609882028210
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=2592000

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 5E13 0
0 42ms
36ms Document
text/html 2.21.37.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/latest/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.33 , France, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-37-33.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=156657:2; KADUSERCOOKIE=A933007D-E12B-4908-B711-89A1E6DE20FB; chkChromeAb67Sec=1; DPSync3=1611014400%3A201_226_221_219; SyncRTB3=1611100800%3A35%7C1612396800%3A203%7C1610409600%3A15_2%7C1610668800%3A63%7C1611014400%3A161_3_88_8_55_21_7_71_166_22_56_54_223_81_99; SPugT=1609882029; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; PugT=1609882030; PUBMDCID=3; KRTBCOOKIE_1101=23040-6914390669291026578; KRTBCOOKIE_27=16735-uid:cbd55ff4-d9ac-4d00-9c14-c7821b76c437&KRTB&16736-uid:cbd55ff4-d9ac-4d00-9c14-c7821b76c437&KRTB&23019-uid:cbd55ff4-d9ac-4d00-9c14-c7821b76c437&KRTB&23114-uid:cbd55ff4-d9ac-4d00-9c14-c7821b76c437; KRTBCOOKIE_377=6810-a7502e45-94ab-4ad5-9186-eceb9d267e38&KRTB&22918-a7502e45-94ab-4ad5-9186-eceb9d267e38&KRTB&23031-a7502e45-94ab-4ad5-9186-eceb9d267e38; KRTBCOOKIE_22=14911-4049268946210048397
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=127631
Expires: Thu, 07 Jan 2021 08:54:22 GMT
Date: Tue, 05 Jan 2021 21:27:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame 041A 0
0 34ms
34ms Document
text/html 2.21.37.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/latest/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.92 , France, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-37-92.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Response headers

Server: Apache
Last-Modified: Tue, 06 Oct 2020 14:04:48 GMT
ETag: "e20015-8f4-5b10114f2003a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1136
Date: Tue, 05 Jan 2021 21:27:11 GMT
Connection: keep-alive

GET
H2 200 connectmyusers.php
cdn.connectad.io/ Frame 2973 0
0 96ms
81ms Document
text/html 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/latest/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.connectad.io
:scheme: https
:path: /connectmyusers.php?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=zp3CykoXvRPmipXBMXgloVzLycFLc6F0xQWDP9yK
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Response headers

date: Tue, 05 Jan 2021 21:27:11 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d5078a7b187c02e6e38a244a2ad96d4b41609882031; expires=Thu, 04-Feb-21 21:27:11 GMT; path=/; domain=.connectad.io; HttpOnly; SameSite=Lax
cf-cache-status: DYNAMIC
cf-request-id: 07760b6d760000d7298e08b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 60d04828bfedd729-FRA
content-encoding: gzip

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame C882 0
0 87ms
85ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/latest/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P

Response headers

date: Tue, 05 Jan 2021 21:27:11 GMT
set-cookie: __cfduid=dd9595e698e75348f45ed4c11d8d222461609882031; expires=Thu, 04-Feb-21 21:27:11 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 07760b6d7e000023f7c4b11000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 60d04828ca5123f7-ZRH

GET
H2 204 /
onetag-sys.com/usync/ 0
84 B 96ms
88ms Image
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
cache-control: no-cache, no-transform
content-length: 0

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.makeuseof.com/	1970-01-19 15:54:34	Name: id5id.1st_364_nb Value: 0
.makeuseof.com/	1970-01-19 15:12:05	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1609882026996]]
.makeuseof.com/	1970-01-19 15:11:22	Name: _gat Value: 1
.makeuseof.com/	1970-01-19 15:12:48	Name: _gid Value: GA1.2.2001076573.1609882027
.makeuseof.com/	1970-01-19 15:11:25	Name: AMP_TOKEN Value: %24NOT_FOUND
www.makeuseof.com/	1969-12-31 23:59:59	Name: viewType Value: utm
www.makeuseof.com/	1969-12-31 23:59:59	Name: refererSource Value: empty
www.makeuseof.com/	1969-12-31 23:59:59	Name: campaign Value: MUO-TW-P
.makeuseof.com/	1970-01-20 08:42:34	Name: _ga Value: GA1.2.196640193.1609882027

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2) Message: SC: No rhData
console-api	log	URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2) Message: SC: No rhData
console-api	log	URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2) Message: SC: No rhData
console-api	log	URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P(Line 2818) Message: viewType: utm
console-api	log	URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P(Line 2819) Message: view: all
console-api	log	URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P(Line 2820) Message: campaign: MUO-TW-P
console-api	log	URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P(Line 2821) Message: device: desktop
console-api	log	URL: https://www.makeuseof.com/malware-targeting-cryptocurrency-wallets-windows-10/?utm_source=MUO-TW-P&utm_medium=Social-Distribution&utm_campaign=MUO-TW-P(Line 2822) Message: displayStartButton: false
console-api	warning	URL: https://cdn.snigelweb.com/pub/makeuseof.com/20200929/snhb-makeuseof.com.min.js(Line 19) Message: [snhb](943ms): Consent handling overridden. Skipping.
console-api	warning	URL: https://cdn.snigelweb.com/pub/makeuseof.com/20200929/snhb-makeuseof.com.min.js(Line 19) Message: [snhb](943ms): Automatic auction starting disabled. Use snhb.snhb.getAllAvailableAdUnitNames() and snhb.startAuction([adUnitNames]) to manually start auctions.
console-api	warning	URL: https://cdn.snigelweb.com/prebid/latest/prebid.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	warning	URL: https://cdn.snigelweb.com/pub/makeuseof.com/20200929/snhb-makeuseof.com.min.js(Line 19) Message: [snhb](1.973s): Missing DOM element 'snhb-sidebar-1-0' for auctioned ad-unit. Skipping in ad server refresh.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ampcid.google.com
ampcid.google.de
ap.lijit.com
api.rhombusads.com
api.rlcdn.com
as-sec.casalemedia.com
bit.ly
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cdn.avantisvideo.com
cdn.connectad.io
cdn.districtm.io
cdn.mailerlite.com
cdn.snigelweb.com
cdn1.avantisvideo.com
connect.facebook.net
dmx.districtm.io
e.serverbid.com
eus.rubiconproject.com
events.avantisvideo.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo-eu.snigelweb.com
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.connectad.io
ib.adnxs.com
id5-sync.com
js-sec.indexww.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
q.quora.com
securepubads.g.doubleclick.net
socialcanvas-cdn.kargo.com
ssc-cms.33across.com
ssc.33across.com
static.avantisvideo.com
static.mailerlite.com
static0.makeuseofimages.com
static1.makeuseofimages.com
static2.makeuseofimages.com
static3.makeuseofimages.com
stats.g.doubleclick.net
tagan.adlightning.com
tlx.3lift.com
track.mailerlite.com
web.hb.ad.cpe.dotomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.makeuseof.com
104.111.215.135
104.16.190.66
104.80.28.24
13.224.103.105
13.224.94.56
151.101.113.108
151.101.113.2
172.217.21.226
178.128.135.80
178.250.0.157
18.156.195.47
18.184.101.206
184.30.212.16
185.64.189.112
2.21.37.33
2.21.37.92
208.100.17.171
23.67.141.101
2600:9000:206f:4c00:1c:38a0:8a40:93a1
2600:9000:206f:5200:13:6a46:aa00:93a1
2606:4700:10::6816:37ce
2606:4700:10::ac43:274f
2606:4700::6812:39f
2606:4700:e4::ac40:ab0e
2a00:1450:4001:801::200e
2a00:1450:4001:802::200a
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:814::2004
2a00:1450:4001:815::2002
2a00:1450:4001:815::200e
2a00:1450:4001:817::2003
2a00:1450:4001:818::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:820::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c06::9c
2a02:2638:1::13
2a02:fa8:8806:12::1460
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.12.239.212
3.230.50.184
34.120.207.148
34.246.127.166
35.164.213.195
37.252.172.38
51.195.5.38
51.89.9.251
52.4.152.106
52.95.124.170
54.157.137.27
67.199.248.11
69.173.144.143
72.251.249.14
03a7f28ef43da23995045ffcb07b137e3e0b3e291df96a71c8b2a80deed97181
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0698497b439f311a1b7c09967774715a788df9b7fc54f3a446652535e5a4f640
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08caf2c82afb4122c117f675d11a2f71d6228152cf1df5bafe30ff5b8b62590a
0d3c3deec6588fb00415d392f18953702dc0accbcfeeb7ed5c9f90a95682bb48
0e6a1a0d0a73d63b512706bc930da7faf372ee596676c2ea3ab767ff14afcde8
0eb688f736ba97fb859ec5b1e94d7e67edaea21e5ef1489e9d30ec9371d02ec7
0ebd3743cc48046c697458f28e8d81313839cef30b411eef5a60ce969beb5171
1041a8cf17dab7579acef0cc46b21f6497ec1ae01918ddc3495416efb81a4780
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10ed4ebe92a7fa82cd872fd4c66a32b21510c48ad79fa293f8e39a3a5a118686
132079c36b510789b2f974131480be0f6b7e0868cdca0de1b7897c410169d8a2
16707f5f9756e1417de8ff1fa9daa8d004dd1d96e4a09cff438520460f8a9f61
1aa566922aea18b0c041e5d8ac715422ef48a305113fe9926598b84f9dde236f
1d92d06704b38825a413ee221f4846dbef1de89538c71f826f1edd4fd9453b28
1f99e140835206790a9e529ffb6a073c5bb989b99a4a1bd1daf00a68f76b4c50
212bb2c1ab3a093249a757e3aaa939eb6ec2edddee9c7e173cca76217749523c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c0013d600284aa02e57044a46bbd34f861757ddd521f22dadddcab9e4813a67
2d4e20bbcc7976b0b017e6d360896ccc69cd2b3627409c5c851b7087be7b0562
31db95dca38432f40fe27737108571974a7528c9ec2d4b647db6ebee772f8988
33dfa806e2056c81aab1b2e46ba016313f5189d10e0b7c9a3e355b59bfada530
3ef5092a0f45b0cea3f33dfa24747b75f901a3f8a5a70516552449128c072624
453246648fa7910a519f7d41bc5ba47c394209546d462b31a48db51650c1c790
460a08925e89c7fe27f271a8219b6059c526675d5755a9552888abdeabb8f270
47663194d7d38716a59e702f42a8494d099a24a8f84ad940e0db38938c8a4956
4bcccf07818080032d90b4cb941b7a56b1ca3adf77cb55db4d259ba5c2a857fd
4bfae767fdd66c761f795a4fb10915cf19c0597ad09a3b211fc1292875ae1777
4d77ed0d0567a5a86aacf33e0d9015a54a36de831208efb6b0665d743923e8e2
4e3bc080c4d5f22db206c5a70360404ffe013998c0849c822ba8b5d68f39c943
4f9a49a24818d78f0d3aa4912041517867fed6388a4588c45e3af3d0a423d71c
504b736a2e39c081dd818dcb412f996648e8362af9959cf182537318006bce5f
527f5abc4c6a8eb694112e22ac0e691767e3434a09d92937ae3c9022634ece70
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55705b77e7a7af9aef281ef653f9695dfc4da996bd86509b08306e4915ef5be3
5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
63072d6a75a2e67a3fa1c644eb27d863d1c6edd5648a9a89706fb8f3fb181faf
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
669ab2bacb6218da0b51abecdb66aa3bf926376f0d8ed248f3f76381ff7eeed2
685422f17107920c13a98a8c871a3743b3bac8cf043c4c9dc68f914a6eae5063
6feee65e9d59f67bf27c88411d4828fb0db3191ac1de8645b2ac230a75ca740a
70505d365c263d1b00bf0908f3fb96d00ddee592169d744ed89c3de535113e0f
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75bf5e00b89eba058d336a8cfeecf2f7a05f095f27fb59c649a9afd0dff00404
79ccf857b453929baf5d98ab63a172a7e0d75662b2d972ffabaa0a7ae0b7b527
8115ed541181391e3ab28db10df8f4e0157f82fc434ef2c483e9f73daac850af
839e847999fa0f989f1697a087566863a80a0f019233cd5f573ebec1e11a7a9f
8449b3d1eadb71266f2607cc4c1e94025b6ee4086d4f98fd7dbbf8d545e3e2c2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855d9fb1c3ac4aa05748e097f22e5f45eac7700f3052cf2219f07b1ddd3faf4a
8929511a46b2456650f499d20bfc86a8e32905b6b236770634cd06afee158f4c
8b26cda41cab74a175c347356be48791d028ba1c6f20405ab113812bce27477a
8dbe959fdb8ab1673b4c273180cc92d0cc0c5fb534440b7f0b402aa91c886551
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
937b2aae123257343910ac93c5d53081252b1e1c96d3b40540c073f82cc9ea38
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9935ff10d2fdc651cc3609549c81df905993cd0a6d3ab85ca9b4642b5e4a32ea
9ddeac155714ab1accb0fe389511e40c1678d70b7122232aac1b6198863cb576
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a125bca76101a1b6555342832d4b8dde3ef466546709e501fd3c0d5da73117b4
a1999e45e03212bbae8b032858ae30889037b27b9e7618faf6b029b218f2cfff
a32298019e603c97674a4b259fa3c4da6c6794a6829e94c9fcfe68aeaee632f4
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a5ef2e156c6dcb773f748c5cc795a8fe17c85d59dd25d6f98883ec3f4f45aa55
abc85e4d491903258a7da299784bad3fce8dbb31a76d74b277124fbfa7cc826c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b4ce6d69fcc30a772273ebdd6f81c400811a517222c681f629c14d2c0eaa474d
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b937ec067c85bc923e1b48b5c3cdfacf2c1bef962d9b2e32cc3af1acc9cd0e14
b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6
bcde4557ae9fbb637dd56df7d32f487c47bb22cce7950a90839169c41a287687
c04cbfe21e23ceb866fae28e981a17dfe9ce6cb178943dda6f11a495255ec137
c1ea7cdd72756ca4afc173c6259f3980f56c81229d8e3d9759086b5bf9912872
c4fdff0a0726e79ab66b58ea6256cc24b3fa3f268f7a5f4ba722e2dfa42495f9
c77ae965196f7308b827ce8cef39758740e9652e49958d866454ca1967e03dae
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cac50a51267986f1242563b6f42b6ef730d433499f53425ccf901f6650a16380
cceeffbbd3ef35611643f28507d4891ec1ad69164c922325cdda6a8937e89720
d2fc5cb51b0eb81a374af59bb9a82c914814bd7f19439d2e4c1026313e8ac8d3
d438ccf87b8328cb870e25562bd3452d3a51eb6c5985061570765a8eca035cf9
d4390447cdbeb188fcda3f6593cbb3ebb1db6fe26ddf5589e00c5bce297ce38a
d4ed5bd20c3036042165e91001bd91497551164b0e34c76cb8a6eb15c33f3c15
d597e753e78d8bf9db34c13343146545fb3be5a1c99a175bc381fe3f6f787f31
d99a76613e7383d31ec580e8af83b979ad613161de7709620ce368c6de12f1ae
dd0cda023ca54a30aefa590d33d5702395b4838435230636f10028e091e4a349
dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883
e27453fefbcddb4a529c34fc53075818f366473f2498d9bbecad0bda10ec720e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e85ad3c5cc201874b5816e938722759374befb3821429981d29389cde92f46b5
e9f05093dd6f07bb7a9aaf91ab4e3b08037343d5d07b730e844ba2cc87899462
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f048c3e6706ea369473cdd05cde9dc9ed7e3bfb075e8b9a8f232b3219d380b53
f24cdf83d334ae1a2c662bd693830f8ba8f9e38012679cb7c009ddc635e732e0
f3bedb91b175047657d303b5b3bd9530a2200404a5e578ecdb3da077af9c7050
f885027245d0a1410622459b44891241d4fe44b812e46c0bae07875572268688
fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb
ffc4b44e1b7402c08e5f2f702ca535e7e7083a684cda203dfdcb734cd5761aa6

www.makeuseof.com Open in urlscan Pro 54.157.137.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

100 %HTTPS

42 %IPv6

40 Domains

64 Subdomains

53 IPs

9 Countries

2307 kBTransfer

5228 kBSize

9 Cookies

8 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

www.makeuseof.com Open in urlscan Pro
54.157.137.27 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

100 %
HTTPS

42 %
IPv6

40
Domains

64
Subdomains

53
IPs

9
Countries

2307 kB
Transfer

5228 kB
Size

9
Cookies

136 HTTP transactions
0 data transactions