www.zdnet.com Open in urlscan Pro
2a04:4e42:1b::444 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Submission: On July 27 via api (July 27th 2020, 11:17:05 am UTC) from CA

Summary HTTP 236 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 25 domains to perform 236 HTTP transactions. The main IP is 2a04:4e42:1b::444, located in Ascension Island and belongs to FASTLY, US. The main domain is www.zdnet.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on January 24th 2020. Valid for: a year.

This is the only time www.zdnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2a04:4e42:1b:... 2a04:4e42:1b::444	54113 (FASTLY) (FASTLY)
6	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
3	2a02:26f0:6c0... 2a02:26f0:6c00:192::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	151.101.129.188 151.101.129.188	54113 (FASTLY) (FASTLY)
1	34.102.213.242 34.102.213.242	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
50	23.210.250.213 23.210.250.213	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:eb:... 2a02:26f0:eb:18c::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	151.101.13.194 151.101.13.194	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
40	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::645	54113 (FASTLY) (FASTLY)
1	18.132.99.227 18.132.99.227	16509 (AMAZON-02) (AMAZON-02)
2	3.11.4.3 3.11.4.3	16509 (AMAZON-02) (AMAZON-02)
1	95.100.118.141 95.100.118.141	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.21.37.179 2.21.37.179	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
22	23.202.53.245 23.202.53.245	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a02:26f0:f1:... 2a02:26f0:f1:1a1::36f1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	107.178.248.185 107.178.248.185	15169 (GOOGLE) (GOOGLE)
1	35.190.21.111 35.190.21.111	15169 (GOOGLE) (GOOGLE)
1	15.236.175.233 15.236.175.233	16509 (AMAZON-02) (AMAZON-02)
1	34.120.132.76 34.120.132.76	15169 (GOOGLE) (GOOGLE)
3	23.202.53.124 23.202.53.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	23.42.18.223 23.42.18.223	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
1	23.210.248.12 23.210.248.12	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
2	162.247.242.18 162.247.242.18	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1 2	2.16.186.75 2.16.186.75	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff18	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
1	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff11	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
1	2a02:26f0:eb:... 2a02:26f0:eb:189::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
236	37

31 2a04:4e42:1b::444 (Ascension Island)

ASN54113 (FASTLY, US)

www.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet2.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet3.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
production-cmp.isgprivacy.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet4.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet1.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:192::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.188 (United States)

ASN54113 (FASTLY, US)

at.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.213.242 (United States)

ASN15169 (GOOGLE, US)

urs.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:eb:18c::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

6852bd0a.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

677756612204b02249613994bc3a06d0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::645 (Ascension Island)

ASN54113 (FASTLY, US)

vidtech.cbsinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.99.227 (United States)

ASN16509 (AMAZON-02, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.11.4.3 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.118.141 (Ascension Island)

ASN16625 (AKAMAI-AS, US)

rev.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.37.179 (France)

ASN20940 (AKAMAI-ASN1, EU)

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 23.202.53.245 (United States)

ASN16625 (AKAMAI-AS, US)

cbsdfp5832910442.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:f1:1a1::36f1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.248.185 (United States) 1 redirects

ASN15169 (GOOGLE, US)

creatives.cbsileads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.21.111 (Mountain View, United States)

ASN15169 (GOOGLE, US)

static.cbsileads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.175.233 (Paris, France)

ASN16509 (AMAZON-02, US)

saa.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.132.76 (United States)

ASN15169 (GOOGLE, US)

im.cbsileads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.202.53.124 (United States)

ASN16625 (AKAMAI-AS, US)

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.42.18.223 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

668ef347673356d422d82b246a815195.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.248.12 (Netherlands)

ASN16625 (AKAMAI-AS, US)

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.18 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.75 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uxty4jaccc5ewxy6w6qa-p81kwc-0ac8026a7-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4a0:1338:28::c38a:ff18 (Germany) 1 redirects

ASN201011 (NETZBETRIEB-GMBH, DE)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4a0:1338:28::c38a:ff11 (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

fiaqj6absjkbikqbasqbgoaafbpr5n5a-p81kwc-29fe3c570-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:eb:189::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

6852bd07.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	moatads.com z.moatads.com mb.moatads.com geo.moatads.com px.moatads.com	844 KB
34	googlesyndication.com 677756612204b02249613994bc3a06d0.safeframe.googlesyndication.com tpc.googlesyndication.com 668ef347673356d422d82b246a815195.safeframe.googlesyndication.com pagead2.googlesyndication.com	512 KB
26	cbsistatic.com zdnet2.cbsistatic.com zdnet3.cbsistatic.com zdnet4.cbsistatic.com zdnet1.cbsistatic.com	530 KB
25	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	251 KB
22	moatpixel.com cbsdfp5832910442.s.moatpixel.com	9 KB
15	ampproject.org cdn.ampproject.org	324 KB
12	teads.tv a.teads.tv s8t.teads.tv t.teads.tv sync.teads.tv	184 KB
10	googletagservices.com www.googletagservices.com	265 KB
6	google.com 3 redirects adservice.google.com www.google.com	1 KB
6	cookielaw.org cdn.cookielaw.org	115 KB
5	zdnet.com www.zdnet.com urs.zdnet.com	205 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net uxty4jaccc5ewxy6w6qa-p81kwc-0ac8026a7-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net fiaqj6absjkbikqbasqbgoaafbpr5n5a-p81kwc-29fe3c570-clienttons-s.akamaihd.net	1 KB
4	cbsi.com production-cmp.isgprivacy.cbsi.com at.cbsi.com rev.cbsi.com saa.cbsi.com	16 KB
3	cbsileads.com 1 redirects creatives.cbsileads.com static.cbsileads.com im.cbsileads.com	5 KB
3	fastly.net confiant-integrations.global.ssl.fastly.net	102 KB
3	go-mpulse.net c.go-mpulse.net	53 KB
2	nr-data.net bam.nr-data.net	455 B
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	1 KB
2	akstat.io 6852bd0a.akstat.io 6852bd07.akstat.io	708 B
1	newrelic.com js-agent.newrelic.com	10 KB
1	google.de adservice.google.de	168 B
1	googleapis.com ajax.googleapis.com	33 KB
1	cbsinteractive.com vidtech.cbsinteractive.com	281 KB
1	google.ee adservice.google.ee	829 B
1	onetrust.com geolocation.onetrust.com	553 B
236	25

	Domain	Requested by
42	px.moatads.com	www.zdnet.com
25	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.zdnet.com confiant-integrations.global.ssl.fastly.net cdn.ampproject.org tpc.googlesyndication.com
22	cbsdfp5832910442.s.moatpixel.com	www.zdnet.com
22	securepubads.g.doubleclick.net	zdnet3.cbsistatic.com securepubads.g.doubleclick.net www.zdnet.com www.googletagservices.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
10	www.googletagservices.com	securepubads.g.doubleclick.net www.zdnet.com rev.cbsi.com
9	zdnet1.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com zdnet3.cbsistatic.com
8	z.moatads.com	zdnet3.cbsistatic.com securepubads.g.doubleclick.net www.zdnet.com
8	zdnet2.cbsistatic.com	www.zdnet.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.zdnet.com
6	s8t.teads.tv	a.teads.tv www.zdnet.com
6	cdn.cookielaw.org	www.zdnet.com cdn.cookielaw.org
5	zdnet3.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com
4	www.google.com	3 redirects www.zdnet.com
4	zdnet4.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com zdnet3.cbsistatic.com
4	www.zdnet.com	zdnet3.cbsistatic.com
3	t.teads.tv	www.zdnet.com
3	googleads.g.doubleclick.net	www.zdnet.com
3	confiant-integrations.global.ssl.fastly.net	zdnet3.cbsistatic.com confiant-integrations.global.ssl.fastly.net
3	c.go-mpulse.net	www.zdnet.com c.go-mpulse.net zdnet1.cbsistatic.com
2	bam.nr-data.net	js-agent.newrelic.com
2	sb.scorecardresearch.com	1 redirects www.zdnet.com
2	a.teads.tv	securepubads.g.doubleclick.net s8t.teads.tv
2	geo.moatads.com	z.moatads.com
2	677756612204b02249613994bc3a06d0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net www.googletagservices.com
1	6852bd07.akstat.io	c.go-mpulse.net
1	fiaqj6absjkbikqbasqbgoaafbpr5n5a-p81kwc-29fe3c570-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	uxty4jaccc5ewxy6w6qa-p81kwc-0ac8026a7-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	js-agent.newrelic.com	www.zdnet.com
1	sync.teads.tv	s8t.teads.tv
1	668ef347673356d422d82b246a815195.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	im.cbsileads.com	www.zdnet.com
1	saa.cbsi.com	www.zdnet.com
1	static.cbsileads.com	www.zdnet.com
1	creatives.cbsileads.com	1 redirects
1	adservice.google.de	www.googletagservices.com
1	ajax.googleapis.com	securepubads.g.doubleclick.net
1	rev.cbsi.com	securepubads.g.doubleclick.net
1	mb.moatads.com	z.moatads.com
1	vidtech.cbsinteractive.com	zdnet2.cbsistatic.com
1	6852bd0a.akstat.io	zdnet1.cbsistatic.com
1	adservice.google.ee	securepubads.g.doubleclick.net
1	urs.zdnet.com	zdnet2.cbsistatic.com
1	at.cbsi.com	zdnet3.cbsistatic.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	production-cmp.isgprivacy.cbsi.com	www.zdnet.com
236	49

This site contains links to these domains. Also see Links.

Domain
www.zdnet.com.cn
www.zdnet.fr
www.zdnet.de
www.zdnet.co.kr
japan.zdnet.com
www.techrepublic.com
downloads.zdnet.com
www.youtube.com
www.cnet.com
blog.talosintelligence.com
adclick.g.doubleclick.net
cbsi.force.com
www.cbsinteractive.com
www.facebook.com
twitter.com
www.linkedin.com
legalterms.cbsinteractive.com
narratives.zdnet.com
ca.privacy.cbs
cbsi.secure.force.com
academy.zdnet.com
privacy.cbs
onetrust.com

Subject Issuer	Validity	Valid
*.zdnet.com DigiCert SHA2 High Assurance Server CA	`2020-01-24` - `2021-06-18`	a year	crt.sh
*.cbsistatic.com DigiCert SHA2 High Assurance Server CA	`2019-02-22` - `2021-02-26`	2 years	crt.sh
sni9451gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-05-07` - `2021-05-12`	a year	crt.sh
*.isgprivacy.cbsi.com DigiCert SHA2 High Assurance Server CA	`2019-10-07` - `2021-10-14`	2 years	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.at.cbsi.com DigiCert SHA2 High Assurance Server CA	`2019-12-17` - `2021-12-21`	2 years	crt.sh
*.google.ee GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
vidtech.cbsinteractive.com DigiCert SHA2 High Assurance Server CA	`2018-12-13` - `2020-12-17`	2 years	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
www.cbs.com GeoTrust RSA CA 2018	`2020-07-08` - `2021-08-07`	a year	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-07-15` - `2020-10-13`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
s8t.teads.tv DigiCert SHA2 Secure Server CA	`2019-10-17` - `2021-01-15`	a year	crt.sh
*.cbsileads.com DigiCert SHA2 High Assurance Server CA	`2019-02-04` - `2021-02-08`	2 years	crt.sh
saa.cbsi.com DigiCert SHA2 High Assurance Server CA	`2019-06-23` - `2020-09-25`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-07-22` - `2021-05-07`	10 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2019-08-13` - `2020-08-12`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Frame ID: CC8DE3869D67B2F313EA99152EA550C0
Requests: 151 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Frame ID: 357484F82443607185437AE80CF47156
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunJT1KiWaT7QP1Ahe2sKdBcluQ2LCfFLyCeZY-wM85Q2pwqJzdlbKFu8zhR79301g7lsNuJgH8Xq7IHYch_zQuAzdCFVvyD4gWtRL9ramr540cDyo1ImNJYj56TOeh64oXL8KZfqeAN5Ok770w6mr2C8eM-UBFfrgY3qzNkOPsJ234E95vi_uHDBwhw36v8O-kK-2oyb8T4VO4uhwP5JHr1DH8lqpuBz8whdrT-pWOPR-riZ51vfw8JSUMqUC8ozZwBisTszWu&sai=AMfl-YQHG6dNWlTLtlFIn8Qm_lR4_eFbO4Vb2nkWWSxATMgt8kMxVdjUt3KL6k34apoXZ4Vf4SomS7HR2JPhkjcqWaY23HijdKMEm8OOQfS4pZNgpJhVQp18YY8A7iaVOs8&sig=Cg0ArKJSzJ6M1DzHHWNzEAE&urlfix=1&adurl=
Frame ID: DB3FA99354AD26D5101A4569690BC949
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js
Frame ID: 8B2AFDF655394FA14B82CA92A45AD005
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js
Frame ID: F100BA1364AE7B08B86628FE6E02B90A
Requests: 15 HTTP requests in this frame

Frame: https://677756612204b02249613994bc3a06d0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: D8CDCF9C1B99264FCB1C8A74E73ED74A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMJtg7P7IGQ2i1aYOdmGVJMhsKdIX0JPe0t_3pwQgVIMPSkua3c0pagBWAYM9Glv9kQF73L-EyhNbCRoJeqM0rzlbqNtPxW6WJPqWuVZpokNTZZK59etWFfCntjt6FXnVBwicfDL0lpowxbnOxtiesKuTH6tELCNrdhDZoc9KR5CaOb0MP7yxXv_OrvW_Npt2A2Lbou0eV5eGIX4OePANGZ_cqL46yqe6BIJa2lK769yoJHNWI1BigKaHlqc_b_8kwh5Bj0SBs&sai=AMfl-YS8ePO05MDxa5Own7UeUiHfMSrHF-54cmjgz3Kql2noG1QmcMZY4RDhyfCw2OFwl0Rm7bDmn0uh6q9nroHUkPbQBLVfFAnaNJwFJRz0EUeDBwbhqx-HdoCR3SofpuE&sig=Cg0ArKJSzABHs9wdRByBEAE&urlfix=1&adurl=
Frame ID: F5F3291E2401E7C1E81A1F7DE45FE8DC
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqGEZWBU4Cj-Z8ZqMuFNAO0ablA31Gq6PS8vsHCGrzh5aBuiClkVOKYevhT6I92aU00jJAyBl-xN0I8myZvHj0JP2OpL_f5SqCuwt5UqINkNySMzQGyPJFHWIrb7IUKhcZFtH4LVz7iCBSab8ymdzPi86vVESYzSayJwzwtBsqGVAgFsgBs-s8q5lypNMRGcRyxauiI4WwxZOjIM4Q-aDHqb0v6CQOAj5r1KYbgA1ruCokgZoHWWwmn1PNgRpw0zuxCyRDx4Mt&sai=AMfl-YQUL05GyH05vg9cSBqWmQ2lMO9ZuLSktOrAreJOAjAZ3T2_MUTF-F56eure9kfkiTmZqYeRnact0HUKfR5NlEvGL9AFThTzFvaDFRe1c7JEhOY4ST3LJkvfsBgIm20&sig=Cg0ArKJSzC3bGP0gVT7tEAE&urlfix=1&adurl=
Frame ID: 9CDFC83ADC8CC35FD4C8E204FFAFF274
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssXViB6kytxDjigQw_NZ3gYj5eoN03vwIrh5I5sWMRebHOHxaMgv3SdAomqmVHsKOeGAvezOMS9gJIgFxGIf7l4DeDWAJvidZNjAOQ-RRruEHnzUgEXEhNYA_eE-0qIc6VvyVx4JYvb0XY6sLwcfD5rM7NHPw0M8M93Vm6DzELSrtZXMKG0xYfq8P3ZgeLLDMIqNqNJKR18g-uXbM9DB-hfEarATdL8bJVW14-Nw0L5VSZ-BMcysTy8fT11PTOpDlSEud1zjqE&sai=AMfl-YRuyUU4L8MajCRhzuAS5wZjTB64i0g3qcJ7PtZUBis4Hq7Czb-4-7__Y9DDqcoOJOy3GTfb8Y3SUPAfJ9dxPgDc7qLOcvr-dmaHaFrQfQcCTgyKc4R3fhX1k9BYnuI&sig=Cg0ArKJSzGgOBC6HmprbEAE&urlfix=1&adurl=
Frame ID: C94E984B0F9593C8F95C4BAE621DC08E
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js
Frame ID: 398F4DABA18A43336C57ADE0BD18314D
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrFvnWd1uDwUkmuwOjUWZkI8ZtbFRUMrb1xPyAEEHwIwgx6GzLGIvHRu9oJ46c4PHXSeVbDtJqNh8YUM_FxHqwHLRqN3kmPKUHZto-JOmfotdpbPv5RJYjXXMxBMz2SErVcjodNMtZF8DDWfvg_BKzeA7AxHUNPytChxlSo7i_d9Zamld8bQXDvkiL8u8Y9l7Ow9Ffzo8o3Wm0p7lMRWo0dzq4jGNep4YMy0wfZPG6565CgfbObtqTDMBRo8AY6FUkXq6ue70D&sai=AMfl-YTGJfNj54PBjU4rgMhg6kwpVnJUg_4guzrsqIFB59IhoD6-o9RyHdkCcKWy1kmP-_TD3HDVUGAofsoLKsr7zGXVR6nXubTCVzFjyqj99kDadA7fDNVL0qiYPnvV6-g&sig=Cg0ArKJSzJQx5qBN46WaEAE&urlfix=1&adurl=
Frame ID: 74DEAA519DAE37E494D966A4045B46B6
Requests: 6 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=82836&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=e740b4bd-f76a-4151-b5b2-973cfac80dc3&vid=ac24b75b9f499ac29e37fd326eeaf5cebd91cf19&1595848599263
Frame ID: 8D260A3B57FCB390B3AA889592EA7547
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst24YLFHF-b6gvcNmTq-TGlfLWzIGtPoJIBBwyklbz0vQPoCqDF4VtS_HZpUoD175zW5fa_nAblPYmUB9b6NsVRuOvmhpNNWSYgLU4TFoMpIvDb0MzqFXwYylPUiy5ZAsXkPMMByYsJ5qY79Upariy2VFqaaK99V377feYOaHwFYHObVu1jEmwydKsOCdHPT0a43axgqyRGtgD-sxnISBvbdg_2G0fvBqI7eKK6DShwZo9JjhBFjaxPqmST0JHPqaSsMQEcY4ke&sai=AMfl-YTM0TgbP3SXwB7Rzly4y_uudDumDvNzpwUr6MpHuNLwb2o0UxLKlpSpJW2LJk7JuksDUqFp_FEyyw0BZZtzhSuW_h8yPnsbf6PkqJD9YGZC72IU-ccPUbkwquBCmts&sig=Cg0ArKJSzGbifd48RQRiEAE&urlfix=1&adurl=
Frame ID: 5681D7245C2E3D59A65C2C095012BB31
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiAGm-7446mRBWNqv7NtS_NNmGxva8kNzupcc8isv25JbP0E9KjGPDTI096CBaoba3cypgfWgKhdSzTrTdlPlVjrVPhnWGEOcRQ1zZrRr2dUAxz7WYU5EDITo1eaug5ypgka8Z_y3xbJmPpIaSYZLy_pug91lu5P8awGh1256QbQN4W9-nz8oMYhu5Iwmg0wu_T57wFSaVJvx-YOkKeV1CORrA1QoV-z5J53Du0CfLHgvFIRHaz-gmu7m-IWWvgHWKQcuZvaEp&sai=AMfl-YTcz6meud_cLVeXNm74nez386dnC8tdUd-U_dPav0zQGA5tzf6ECqFY6fTkBY3Nyn9H_x5vRdZ1R--kaGGfVRiG73UxI20zMnJSvSsu543KE5NB5CcPx8yeGhkjIBo&sig=Cg0ArKJSzHUaIDUX--ETEAE&urlfix=1&adurl=
Frame ID: 211E026C8E85E78103BC67441633E0CE
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 099F91DE6A66CFD6CD29D1BCAF680FB7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: B9C3A445838114AABC4055B352B0B4AA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

236
Requests

100 %
HTTPS

47 %
IPv6

25
Domains

49
Subdomains

37
IPs

6
Countries

3743 kB
Transfer

10837 kB
Size

2
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: http://www.zdnet.com.cn/
Title: ZDNet China

Search URL Search Domain Scan URL

URL: http://www.zdnet.fr/
Title: ZDNet France

Search URL Search Domain Scan URL

URL: http://www.zdnet.de/
Title: ZDNet Germany

Search URL Search Domain Scan URL

URL: http://www.zdnet.co.kr/
Title: ZDNet Korea

Search URL Search Domain Scan URL

URL: http://japan.zdnet.com/
Title: ZDNet Japan

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/whitepapers/
Title: White Papers

Search URL Search Domain Scan URL

URL: https://downloads.zdnet.com/
Title: Downloads

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/forums/
Title: TechRepublic Forums

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=92rC4x0D1B0
Title: Phone privacy settings: Securing your iPhone and Android phone (ZDNet YouTube)

Search URL Search Domain Scan URL

URL: https://www.cnet.com/how-to/top-cheap-home-security-devices-in-2020-amazon-echo-smart-cam-wyze/?ftag=CMG-01-10aaa1b
Title: Top 6 cheap home security devices in 2020 (CNET)

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/what-are-it-pros-concerned-about-in-the-new-normal-security-and-flexibility/?ftag=CMG-01-10aaa1b
Title: What are IT pros concerned about in the new normal? (TechRepublic)

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2020/07/prometei-botnet-and-its-quest-for-monero.html
Title: a report

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjst1f4XjfMXX3OjSoDcw6oOhntM5_MjqUBjzkQ5V81Gh6WubdbCJ_vWg0L0SWFWTqjibyIUndE0ls_8OR5bODvjZYu376sTlzDacj0WNsBAtp6KokvQYMct1Od73E7pY5En--idh0ZGr_5wEZtvXHICvKW14scIxHI6rh51-oiQy62WCBIwgXENt3hlL3qDHzQW05d2c0M3vGjetsVWJWc_WXK_0wLy0LK80s-hMOZe2OgCpcDBMuOrtbjSJ1B3DvDMBV-44%2526sai%253DAMfl-YSdXzlGmtuME_XNs91GwMfgv9qBOUYPOkW3YAmfAPa-O_iun0lc5EeP1k-7hOAdz2OI9PxPGpD2E884JJ-47hF8cn2OIg3thjkOrm3G6ETMrmfIa4b38MfiuaHbhv0%2526sig%253DCg0ArKJSzP4zdjPorDaREAE%2526urlfix%253D1%2526adurl%253Dhttps://cbslnk.cbsileads.com/redir?edition=en&ursuid=&devicetype=desktop&pagetype=&assettitle=&assettype=&topicguid=&viewguid=&docid=33164070&promo=1065&ftag_cd=TRE-00-10aaa4f&spotname=dfp-in-article&destUrl=https%253A%252F%252Fwww.techrepublic.com%252Fresource-library%252Fwhitepapers%252Fsupercharged-cybersecurity-bundle-2018%252F%253Fpromo%253D1065%2526ftag%253DTRE-00-10aaa4f%2526cval%253Ddfp-in-article%2526source%253Dzdnet%2526tid%253D2707201116386447303&ctag=medc-dfp-in-article&siteId=&rsid=cnetzdnetglobalsite&sl=&sc=us&assetguid=&q=&cval=33164070;1065&ttag=&bhid=&tid=2707201116386447303

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/content-type/training/
Title: Training

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/company/zdnet-academy/
Title: ZDNet Academy

Search URL Search Domain Scan URL

URL: https://www.cnet.com/news/china-aims-to-dominate-the-biggest-technologies-in-our-lives/?ftag=CMG-01-10aaa1b
Title: China aims to dominate the biggest technologies in our lives

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/phishing-attacks-hiding-in-google-cloud-to-steal-microsoft-account-credentials/?ftag=CMG-01-10aaa1b
Title: Phishing attacks hiding in Google Cloud to steal Microsoft account credentials

Search URL Search Domain Scan URL

URL: http://cbsi.force.com/CBSi/zdnetcommunityfaq
Title: Community Guidelines

Search URL Search Domain Scan URL

URL: http://www.cbsinteractive.com/legal/cbsi/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.cbsinteractive.com/legal/cbsi/privacy-policy/highlights
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ZDNet/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/zdnet
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/zdnet-com
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCr9QWb5RKLfaunjKHJZAdQQ
Title:

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/cookies
Title: Cookies

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/adchoice
Title: Ad Choice

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/eula
Title: Mobile User Agreement

Search URL Search Domain Scan URL

URL: http://narratives.zdnet.com/
Title: Sponsored Narratives

Search URL Search Domain Scan URL

URL: https://ca.privacy.cbs/
Title: CA Privacy/Info We Collect

Search URL Search Domain Scan URL

URL: https://ca.privacy.cbs/donotsell
Title: CA Do Not Sell My Info

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/knowledgehome?referer=zdnet.com
Title: Site Assistance

Search URL Search Domain Scan URL

URL: https://academy.zdnet.com/
Title: ZDNet Academy

Search URL Search Domain Scan URL

URL: https://www.cbsinteractive.com/legal/cbsi/privacy-policy/cookies-and-beacons
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://privacy.cbs/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 129

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 131

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 133

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 149

https://creatives.cbsileads.com/images/doctype/expertGroup_125x100.jpg HTTP 301
https://static.cbsileads.com/direct/images/doctype/expertGroup_125x100.jpg

Request Chain 161

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1595848599055&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=24218103&cs_ucfr= HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1595848599055&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=24218103&cs_ucfr=&cs_ak_ss=1

Request Chain 233

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p81kwcn0h HTTP 302
https://uxty4jaccc5ewxy6w6qa-p81kwc-0ac8026a7-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 234

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p81kwcn0h HTTP 302
https://fiaqj6absjkbikqbasqbgoaafbpr5n5a-p81kwc-29fe3c570-clienttons-s.akamaihd.net/eum/results.txt

236 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/ 528 KB
150 KB 253ms
235ms Document
text/html 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

30daefe8344e9de3c628b7e4b5fd262b548ebb662875a5bd75353214d30cf872

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.zdnet.com
:scheme: https
:path: /article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-type: text/html; charset=UTF-8
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
last-modified: Mon, 27 Jul 2020 10:47:47 GMT
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-tx-id: 440e3796-b840-4f76-8264-0d3397f13c10
x-xss-protection: 1; mode=block
date: Mon, 27 Jul 2020 11:16:34 GMT
cache-control: max-age=5400, private
expires: Mon, 27 Jul 2020 12:17:47 GMT
set-cookie: fly_geo={"countryCode": "de"}; max-age=604800; path=/; domain=.zdnet.com; Secure; fly_device=desktop; max-age=604800; path=/; domain=.zdnet.com; Secure; fly_preferred_edition=eu; path=/; domain=.zdnet.com; Secure; fly_default_edition=eu; path=/; domain=.zdnet.com; Secure;
vary: Accept-Encoding, User-Agent
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 152664

GET
H2 200 main-b884c5148f-rev.css
zdnet2.cbsistatic.com/fly/css/core/ 352 KB
59 KB 64ms
9ms Stylesheet
text/css 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/css/core/main-b884c5148f-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

5f1c003de00900209a78e16fa095d1cf1ecd336ce33887167c18dd19bf3d96b5

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414154
status: 200
vary: Accept-Encoding
content-length: 59606
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jul 2020 16:11:40 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "fe3dd370c2ef83d08cc13ac1b52279b6"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jul 2020 16:13:45 GMT

GET
H2 200 controls-a75fde5ca5-rev.css
zdnet3.cbsistatic.com/fly/css/video/htmlPlayerControls/ 19 KB
4 KB 62ms
8ms Stylesheet
text/css 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/css/video/htmlPlayerControls/controls-a75fde5ca5-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

4d7d83ce48809f2a03b71f8a6f4a0d983123cf4541a54fa2efacb3f9277362ff

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414154
status: 200
vary: Accept-Encoding
content-length: 3951
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jul 2020 16:11:40 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "4d7a14bf75b26e0f237da1a1b5375ae5"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jul 2020 16:13:45 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 11 KB
4 KB 37ms
6ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FE8) /
Resource Hash: fb8dda9221a64450a8195dc4e776a3dcc0770c56bfa05ef2372ca87a0e841d74

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Jul 2020 11:16:35 GMT
content-encoding: gzip
content-md5: OOK/C86/SF3E9/9qL6l4dw==
age: 9055
x-cache: HIT
status: 200
content-length: 3771
x-ms-lease-status: unlocked
last-modified: Tue, 21 Jul 2020 01:34:30 GMT
server: ECAcc (frc/8FE8)
etag: 0x8D82D1636CCC95C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6c866148-c01e-0122-4cf2-63f085000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Mon, 27 Jul 2020 15:16:35 GMT

GET
H2 200 optanon.js Show response
production-cmp.isgprivacy.cbsi.com/dist/ 35 KB
10 KB 62ms
5ms Script
application/x-javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://production-cmp.isgprivacy.cbsi.com/dist/optanon.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

57f3f0379ec83f9bed92275bbd303a4eb7eb67a7d6b10599183695173c41a3ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1086
x-cache: HIT
status: 200
x-cache-hits: 121
vary: Accept-Encoding
content-length: 10092
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4024-HHN
access-control-allow-origin: *
last-modified: Fri, 12 Jun 2020 13:29:10 GMT
x-timer: S1595848595.132870,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "8e9faa49cc6bfa03cb9e6fb89f81ef59"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish
access-control-expose-headers: X-CDN
accept-ranges: bytes
x-amz-id-2: Sr6UFXbML3nkbPkm+MIRq7xZ5ZknmzJq69va2xQbUd9mfbJAm38rCWEwC53IgkjrjMcvPB5XFpY=

GET
H2 200 charlie-osborne.jpg
zdnet2.cbsistatic.com/hub/i/r/2014/07/22/36b8334d-1175-11e4-9732-00505685119a/thumbnail/40x40/d95deacb5e6bd3a9d82988a322877f5b/ 930 B
1 KB 47ms
7ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2014/07/22/36b8334d-1175-11e4-9732-00505685119a/thumbnail/40x40/d95deacb5e6bd3a9d82988a322877f5b/charlie-osborne.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

b4b2d45758098ad4513cbcb4b8d2ea58c84f37ab1642b9aefd81818da523e8c6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:35 GMT
x-content-type-options: nosniff
age: 9150644
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 930
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "1cc3633c579a90cfdd895e64021e2163"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ransomware-phorpiex-botnet-surges-in-act-5f0eea329c89f47042ed18aa-1-jul-20-2020-9-43-48-poster.jpg
zdnet2.cbsistatic.com/hub/i/r/2020/07/20/5df7b904-ed6d-425c-aa4f-37acf5cfba21/thumbnail/570x322/b510c8e2b86ce01b44435a96d8d3c221/ 14 KB
14 KB 47ms
8ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2020/07/20/5df7b904-ed6d-425c-aa4f-37acf5cfba21/thumbnail/570x322/b510c8e2b86ce01b44435a96d8d3c221/ransomware-phorpiex-botnet-surges-in-act-5f0eea329c89f47042ed18aa-1-jul-20-2020-9-43-48-poster.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

699a6949abe002dcf9264cb0bd3d8910b3252c60b0092ba235937601e5765028

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415238
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 14196
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"60bba73587de9c81e7eb9a508ef928b7"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 advertisement.js Show response
zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/utils/ 53 B
221 B 11ms
9ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/utils/advertisement.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

07b69027231d985f5bdcd4d5a539f120d26003feef6e9dc0a6b77a4b43a9b21f

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360575
status: 200
vary: Accept-Encoding
content-length: 83
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jul 2020 16:11:48 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "4a19b91fd5fea92fe0337673e09ecdf4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jul 2020 07:06:43 GMT

GET
H2 200 require-2.1.2.js Show response
zdnet2.cbsistatic.com/fly/js/libs/ 16 KB
6 KB 46ms
7ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389831
status: 200
vary: Accept-Encoding
content-length: 6169
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jul 2020 16:11:38 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "569ae8558fe396457eb2bb2658dc3696"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jul 2020 22:57:47 GMT

GET
H/1.1 200
OK YZ2TK-PC7PJ-K64DL-L53CR-P2G4E Show response
c.go-mpulse.net/boomerang/ Frame 3574 202 KB
51 KB 56ms
11ms Script
application/javascript 2a02:26f0:6c00:192::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 27 Jul 2020 11:16:35 GMT
Content-Encoding: br
Last-Modified: Mon, 22 Jun 2020 19:29:51 GMT
Server: Akamai Resource Optimizer
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, s-maxage=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 51580

GET
DATA 200
OK truncated
/ 31 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 917 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 mag-white01.png
zdnet4.cbsistatic.com/fly/1595433838-asset/bundles/zdnetcss/images/core/ 1 KB
2 KB 16ms
6ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/fly/1595433838-asset/bundles/zdnetcss/images/core/mag-white01.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet2.cbsistatic.com/fly/css/core/main-b884c5148f-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:35 GMT
x-content-type-options: nosniff
age: 414145
status: 200
vary: Accept-Encoding
content-length: 1265
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jul 2020 16:11:48 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jul 2020 16:13:46 GMT

GET
H2 200 ring-animated.svg
zdnet1.cbsistatic.com/fly/1595433838-asset/bundles/zdnetcss/images/video/ 704 B
512 B 28ms
5ms Image
image/svg+xml 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/fly/1595433838-asset/bundles/zdnetcss/images/video/ring-animated.svg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0025565f0cddfceb7ebdbc4b21d2552c894998e443153f97a6e8b353dfd9bebd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet3.cbsistatic.com/fly/css/video/htmlPlayerControls/controls-a75fde5ca5-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414122
status: 200
vary: Accept-Encoding
content-length: 364
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jul 2020 14:59:11 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5f87ac7f571b5a0b1cdc101b49cdc8de"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jul 2020 15:56:53 GMT

GET
H2 200 Semibold.woff2
zdnet2.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 28ms
6ms Font
font/woff2 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/Semibold.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zdnet2.cbsistatic.com/fly/css/core/main-b884c5148f-rev.css
Origin: https://www.zdnet.com

Response headers

date: Mon, 27 Jul 2020 11:16:35 GMT
x-content-type-options: nosniff
age: 13036594
status: 200
vary: Accept-Encoding
content-length: 20344
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Feb 2020 13:35:38 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5e57c5aa-4f78"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Feb 2021 13:59:59 GMT

GET
H2 200 Regular.woff2
zdnet2.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 28ms
7ms Font
font/woff2 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/Regular.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zdnet2.cbsistatic.com/fly/css/core/main-b884c5148f-rev.css
Origin: https://www.zdnet.com

Response headers

date: Mon, 27 Jul 2020 11:16:35 GMT
x-content-type-options: nosniff
age: 13036595
status: 200
vary: Accept-Encoding
content-length: 20256
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Feb 2020 13:35:38 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5e57c5aa-4f20"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Feb 2021 13:59:59 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 logo.png
zdnet2.cbsistatic.com/fly/1595433838-asset/bundles/zdnetcss/images/core/ 4 KB
4 KB 15ms
6ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/fly/1595433838-asset/bundles/zdnetcss/images/core/logo.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet2.cbsistatic.com/fly/css/core/main-b884c5148f-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:35 GMT
x-content-type-options: nosniff
age: 414153
status: 200
vary: Accept-Encoding
content-length: 4105
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jul 2020 14:59:12 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jul 2020 15:40:20 GMT

GET
H2 200 bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c.json Show response
cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/ 3 KB
2 KB 27ms
7ms XHR
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c.json
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA3) /
Resource Hash: 021e085771e1962ecb4f56e42a7be237fb12555d628e484058cd1759bc5239e0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Jul 2020 11:16:35 GMT
content-encoding: gzip
content-md5: ONmhfc7PDf6ydRZS0bCciQ==
age: 1712
x-cache: HIT
status: 200
content-length: 1148
x-ms-lease-status: unlocked
last-modified: Mon, 13 Jul 2020 14:00:35 GMT
server: ECAcc (frc/8EA3)
etag: 0x8D827351D582E3D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4b548a03-101e-016f-4503-643667000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Mon, 27 Jul 2020 15:16:35 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 199 B
553 B 101ms
67ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39b12879b984bcd9b78d8b9d7a0e5773015d521ec4cd60ba2b987eb17ca8099b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:35 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5b95f2f9f9a9d6f9-FRA
cf-request-id: 04319630360000d6f9b1012200000001

GET
H2 200 main.default.js Show response
zdnet3.cbsistatic.com/fly/7e1a59-fly/js/ 687 KB
210 KB 16ms
16ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/7e1a59-fly/js/main.default.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

360bcaf459f5f84a37a75ef8a701027dd3b1c8c282c1a8791165f9df41f11519

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 374384
status: 200
vary: Accept-Encoding
content-length: 214823
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jul 2020 16:11:31 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "28fdf40a6abe161710648eeef9d16282"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jul 2020 03:14:33 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 3574 2 KB
1 KB 280ms
257ms XHR
application/json 2a02:26f0:6c00:192::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&d=www.zdnet.com&t=5319495&v=1.632.0&if=&sl=0&si=zqkfd4ntxvl-qe4knn&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: c14005cb17c274cd63b6e4c355ef06cbbd5a3691e62e83a062a38407efc9df06

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 27 Jul 2020 11:16:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 824

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.3.0/ 320 KB
66 KB 7ms
7ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/6.3.0/otBannerSdk.js
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F7B) /
Resource Hash: dface7334524d5b6f437b40f2c99ed3ae0dbea4e663cf6ee0b4ef0e37c4588d8

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Jul 2020 11:16:35 GMT
content-encoding: gzip
content-md5: 5FfJphrAkG9jYPwi2DZiag==
age: 12754
x-cache: HIT
status: 200
content-length: 67902
x-ms-lease-status: unlocked
last-modified: Fri, 10 Jul 2020 04:11:06 GMT
server: ECAcc (frc/8F7B)
etag: 0x8D8248744EB3F23
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8abe0c8d-401e-0051-49e9-63c613000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Mon, 27 Jul 2020 15:16:35 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 48 KB
17 KB 257ms
91ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/7e1a59-fly/js/main.default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e51744548b52ea765aaea50961869fe41b8102efc1e84f8ebc340c3ca13e17f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "583 / 901 of 1000 / last-modified: 1595801233"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16533
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:35 GMT

GET
H2 200 diff Show response
at.cbsi.com/lib/api/v1/zdnet/prod/config/ 13 KB
3 KB 56ms
34ms Fetch
application/json 151.101.129.188
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.cbsi.com/lib/api/v1/zdnet/prod/config/diff

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/7e1a59-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.188 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

f2739db43b50c56a15acbf088b8a560e3de462eb1590b8f0982ce02cda932182

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
cat: JVtlA0Lkw
Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
version: v2.16.1
variant: minified
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Jul 2020 11:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354
x-dns-prefetch-control: off
x-cache: HIT
status: 200
ttl: 900s
content-length: 3126
x-xss-protection: 1; mode=block
x-served-by: cache-bma1641-BMA
access-control-allow-origin: https://www.zdnet.com
server: Google Frontend
x-timer: S1595848596.109359,VS0,VE0
x-frame-options: SAMEORIGIN
etag: W/7498201888f1fbe703a3e89afe4bf40c4eba9233
x-download-options: noopen
vary: Accept-Encoding, Origin
strict-transport-security: max-age=300
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 514d063bd1ff7b94b3d5343c7e1ff73e
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 2

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/bac19328-3673-4434-b575-5b669b4d361d/ 110 KB
20 KB 8ms
6ms Fetch
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/bac19328-3673-4434-b575-5b669b4d361d/en.json
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.3.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FE1) /
Resource Hash: 182a89465b41184e94a9c883fda672d21dd4c878e3405985f645f7b0bc3f82d3

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Jul 2020 11:16:35 GMT
content-encoding: gzip
content-md5: FqhHQP05LXdL1OQ//o8fQA==
age: 13266
x-cache: HIT
status: 200
content-length: 19893
x-ms-lease-status: unlocked
last-modified: Mon, 13 Jul 2020 14:00:43 GMT
server: ECAcc (frc/8FE1)
etag: 0x8D827352273183B
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: aef74197-d01e-0093-7fe8-634ead000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Mon, 27 Jul 2020 15:16:35 GMT

GET
H2 200 urs.js Show response
urs.zdnet.com/sdk/ 50 KB
50 KB 267ms
161ms Script
application/javascript 34.102.213.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://urs.zdnet.com/sdk/urs.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.213.242 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127

Security Headers

Name	Value
Strict-Transport-Security	max-age=4096; includeSubDomains

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:36 GMT
via: 1.1 google
last-modified: Mon, 13 Apr 2020 17:57:02 GMT
etag: "5e94a7ee-c803"
strict-transport-security: max-age=4096; includeSubDomains
content-type: application/javascript
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 51203

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.3.0/assets/ 22 KB
4 KB 17ms
7ms Fetch
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/6.3.0/assets/otFlat.json
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.3.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F6F) /
Resource Hash: ebcd5e90336ad4d1e139c96c1966ad56be1f7af66f1cabe9fc2d9a770bd70d6f

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Jul 2020 11:16:35 GMT
content-encoding: gzip
content-md5: 7ob+U7nSauu0/WQuSXf/fw==
age: 2171
x-cache: HIT
status: 200
content-length: 3630
x-ms-lease-status: unlocked
last-modified: Fri, 10 Jul 2020 04:10:59 GMT
server: ECAcc (frc/8F6F)
etag: 0x8D824874044870D
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 9cc5476a-701e-00bc-5802-64cf97000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Mon, 27 Jul 2020 15:16:35 GMT

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.3.0/assets/ 96 KB
20 KB 18ms
8ms Fetch
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/6.3.0/assets/otPcPanel.json
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.3.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC5) /
Resource Hash: 9aa297430269a62d1bd64fdd71e54bcdeb2ef17c2cbd4b621f5f5d8d625e0706

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Jul 2020 11:16:35 GMT
content-encoding: gzip
content-md5: FKy8VkFGOWWUv2dW4Daepw==
age: 14015
x-cache: HIT
status: 200
content-length: 20098
x-ms-lease-status: unlocked
last-modified: Fri, 10 Jul 2020 04:10:59 GMT
server: ECAcc (frc/8FC5)
etag: 0x8D8248740A46B9B
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c6f3cd67-d01e-013d-26e6-632b95000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Mon, 27 Jul 2020 15:16:35 GMT

GET
H2 200 mpulse-1.0.2.js Show response
zdnet1.cbsistatic.com/fly/js/libs/ 61 KB
12 KB 12ms
10ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238194
status: 200
vary: Accept-Encoding
content-length: 12449
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jul 2020 16:11:38 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "123e0bd8f5af0d4bc63351f62520b44b"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jul 2020 17:06:27 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/v2/ 2 KB
1 KB 230ms
226ms XHR
application/json 2a02:26f0:6c00:192::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/v2/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&t=1595848596224&s=0e5054430716046201eb637066350927119d41040357abd0010a844d068104a1
Requested by: Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: b291917b6213d67d95fd4fdb48cb539508f34d65c0eaeb6939f3ba1a893a10da

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 27 Jul 2020 11:16:36 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 782

GET
H2 200 integrator.js Show response
adservice.google.ee/adsid/ 109 B
829 B 129ms
19ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ee/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
829 B 55ms
21ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020072001.js Show response
securepubads.g.doubleclick.net/gpt/ 253 KB
89 KB 98ms
96ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31e539be75870ad6cec377525eb196ea9fbc423ea53d68c03b2c94b96701bc47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Jul 2020 13:10:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91349
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:36 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/cbsprebidheader506831276743/ 237 KB
82 KB 204ms
73ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Requested by: Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/7e1a59-fly/js/main.default.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e764c0338622fe508734a36d660bdb5b6faebcba7051042265ce89fad96dd8d4

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:36 GMT
content-encoding: gzip
last-modified: Mon, 20 Jul 2020 17:36:30 GMT
server: AmazonS3
x-amz-request-id: 8B9BF001BFAED278
etag: "12935e4414ef0d327e56883bfafc3067"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=7802
accept-ranges: bytes
content-length: 83084
x-amz-id-2: Mj6yVNBpBWNRzMrAUDFgy1zsTm3iWo6p4s5GvOktuyJYCXj7Q34g48thYStsoowsjgzkmAK9dDU=

GET
H/1.1 204
No Content / Show response
6852bd0a.akstat.io/ 0
354 B 273ms
246ms XHR
image/gif 2a02:26f0:eb:18c::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://6852bd0a.akstat.io/?h.pg=article&when=1595848596475&cdim.Site_View=desktop&t_other=custom4%7C273&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=045d6317ff06b34e8d2b9f7428dd47d51daf54ea&h.t=1595848596347&http.initiator=api&rt.start=api&rt.si=eecbe64f-f82c-4ba9-b872-41aebe940baa&rt.ss=1595848597784&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1

Requested by

Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:eb:18c::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:36 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Mon, 27 Jul 2020 11:16:36 GMT

GET
H2 200 article-d35fe36fe4-rev.js Show response
zdnet4.cbsistatic.com/fly/js/pages/ 146 KB
38 KB 10ms
7ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/js/pages/article-d35fe36fe4-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

bd162f540d2ced39e73b10c5c7d51e84db1b90242419de4ffbe983a3f487affd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 516966
status: 200
vary: Accept-Encoding
content-length: 39185
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jul 2020 17:06:23 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "60cf4a2f95abc635dc7cde77a85902b8"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jul 2020 11:40:21 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/ 126 KB
30 KB 228ms
93ms Script
text/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Requested by: Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/7e1a59-fly/js/main.default.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c650f7fb4536b8b2d46b8b368d53bff8143fe2abef906a4a4c5b8fc0b4e6766e

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 27 Jul 2020 11:16:36 GMT
Content-Encoding: gzip
Age: 2073
X-Cache: HIT
Connection: keep-alive
Content-Length: 29663
x-amz-id-2: RMN4CAqzclW4DL7WazJa86wS2KTq0vGtdBKQ8PamlPHITJE+XjDoeEDzliTEJCJK5ERXdmwKmKI=
X-Served-By: cache-fra19143-FRA
Last-Modified: Mon, 27 Jul 2020 10:02:21 GMT
Server: AmazonS3
X-Timer: S1595848597.794231,VS0,VE0
ETag: "33a732768a02cb4b027fe1c7d6ac501d"
x-amz-request-id: 11E0BA68910BE357
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 35

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 237 KB
51 KB 581ms
580ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1017227381211636&correlator=4327022468840827&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200727&iu_parts=8264%2Caw-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=5x5%2C728x90%7C970x250%7C970x66%2C300x250%7C300x600%7C300x1050%2C300x250%2C371x771%2C641x321%2C320x50%7C11x11%2C300x250%2C728x90%7C970x250%7C970x66&fluid=0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0&prev_scp=pos%3Dnav%26sl%3Dnav-ad%253FT-1000%7Cpos%3Dtop%26sl%3Dleader-plus-top%253FT-1000%7Cpos%3Dtop%26sl%3Dmpu-plus-top%253FT-1000%7Cpos%3Dmiddle%26sl%3Dmpu-middle%253FT-1000%7Cpos%3Dtop%26sl%3Ddynamic-showcase-top%253FT-1000%7Cpos%3Dtop%26sl%3Dinpage-video-top%253FT-1000%7Cpos%3Dtop%26strnativekey%3D8ec3a4f3%26sl%3Dsharethrough-top%253FT-1000%7Cpos%3Dbottom%26sl%3Dmpu-bottom%253FT-1000%7Cpos%3Dbottom%26sl%3Dleader-plus-bottom%253FT-1000&eri=1&cust_params=buyingcycle%3Ddiscover%26topic%3Dsecurity%252Cblockchain%252Cwindows%26tag%3Dcisco%252Ccryptocurrency%252Cgoogle-cloud%252Cmalware%252Ctarget%252Cmicrosoft%26mfr%3Dcisco%252Cmicrosoft%252Cgoogle%26pid%3Dmicrosoft-windows%252Ccisco%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%26type%3Dgpt%26region%3Daw%26subses%3D3%26session%3Dc%26pv%3D1%26vguid%3Ddb5d1bf2-5a9a-43ef-bae2-2907b150d22f&cookie_enabled=1&bc=31&abxe=1&lmt=1595846867&dt=1595848596641&dlt=1595848594924&idt=1587&frm=20&biw=1600&bih=1200&oid=3&adxs=0%2C-20%2C1050%2C1050%2C1015%2C215%2C215%2C1050%2C436&adys=0%2C285%2C405%2C2424%2C1623%2C1599%2C2142%2C3306%2C3881&adks=301620764%2C3718565486%2C2729011605%2C98901274%2C1613073059%2C3026684552%2C2975533918%2C1799513408%2C2382923186&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&dssz=32&icsg=134220416&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x4341%7C1600x90%7C370x250%7C370x250%7C370x771%7C770x3083%7C770x11%7C370x250%7C1210x90&msz=1600x5%7C1600x90%7C370x250%7C370x250%7C370x771%7C770x321%7C770x11%7C370x250%7C1210x90&ga_vid=426463761.1595848597&ga_sid=1595848597&ga_hid=425073429&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17ad12c736ff182aad46e63f6381a9912068530dafaefab304773ed4ff6c93be

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10934955946110018919/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10934955946110018919/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COio56Wn7eoCFZSrdwodjncAcw&gqi=&layout=/sadbundle/%24csp%253Der3%24/10934955946110018919/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10934955946110018919/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10934955946110018919/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COio56Wn7eoCFZSrdwodjncAcw&gqi=&layout=/sadbundle/%24csp%253Der3%24/10934955946110018919/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
google-creative-id: 138239468890,-1,-1,-1,138247024569,138244614252,101222456769,-1,138316228418
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50590
x-xss-protection: 0
google-lineitem-id: 4745699004,-1,-1,-1,4825966980,4801344630,316148409,-1,5416102949
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Mon, 27 Jul 2020 11:16:37 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
677756612204b02249613994bc3a06d0.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 80ms
23ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://677756612204b02249613994bc3a06d0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 33ms
6ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 CBSI-PLAYER.js Show response
vidtech.cbsinteractive.com/uvpjs/0.42.297/ 1 MB
281 KB 61ms
6ms Script
application/javascript 2a04:4e42:1b::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidtech.cbsinteractive.com/uvpjs/0.42.297/CBSI-PLAYER.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:36 GMT
content-encoding: gzip
age: 2167487
x-cache: HIT, HIT
status: 200
content-length: 286838
x-amz-id-2: YmEdZEkhvtcaKtWJzPhrbeTnKi2dD8okBxKGaOcUgVO3dBsi7eoJ7fBL+w1iLBOTDsSfJVRSGxo=
x-served-by: cache-dca17722-DCA, cache-hhn4071-HHN
last-modified: Fri, 01 Feb 2019 18:20:56 GMT
server: AmazonS3
x-timer: S1595848597.792357,VS0,VE0
etag: "eb5dd4ed3dcb7641ebbcb604d7ddb038"
vary: Accept-Encoding
x-amz-request-id: CB7609C493EDD6BC
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 2

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 315 B
489 B 309ms
147ms Script
text/html 18.132.99.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&callback=MoatNadoAllJsonpRequest_70672730
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.99.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: TornadoServer/4.5.3 /
Resource Hash: b241cd19eb72e4a462e83913abd20a8362a1a9abe45f824fbc04aec01bafc494

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:37 GMT
server: TornadoServer/4.5.3
etag: "f8c8bb8768d63d8242bde7f60fb6ce4072a07d02"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 315

GET
H2 200 n.js Show response
geo.moatads.com/ 124 B
299 B 239ms
79ms Script
text/html 3.11.4.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&i=CBS_PREBID_HEADER1&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1595848596789&de=882059129336&rx=462308731682&m=0&ar=07599ed-clean&iw=6494274&q=1&cb=0&cu=1595848596789&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&bo=undefined&bp=undefined&bd=undefined&dfp=0%2C1&la=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=Not%20Specified&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A551%3A551%3A0%3A651&fs=183156&na=72954730&cs=0&callback=DOMlessLLDcallback_70672730
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.4.3 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: TornadoServer/4.5.3 /
Resource Hash: 53cb93f06deb9d0d5dd43bb2a71a5a20203fe8c0b60dbeb8818d354cd322123e

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:37 GMT
server: TornadoServer/4.5.3
etag: "7b9be8e7c49903c8fd567e959e958842f619039b"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 124

GET
H2 200 n.js Show response
geo.moatads.com/ 128 B
302 B 238ms
80ms Script
text/html 3.11.4.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&i=CBS_PREBID_HEADER1&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1595848596789&de=882059129336&rx=462308731682&m=0&ar=07599ed-clean&iw=6494274&q=2&cb=0&cu=1595848596789&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&bo=undefined&bp=undefined&bd=undefined&dfp=0%2C1&la=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=Not%20Specified&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A551%3A551%3A0%3A651&fs=183156&na=1535534091&cs=0&callback=MoatDataJsonpRequest_70672730
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.4.3 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: TornadoServer/4.5.3 /
Resource Hash: 8f72f37148f16c497a9446258e5f8a80495f5e8c3adc408a9d63bf4574511c46

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:37 GMT
server: TornadoServer/4.5.3
etag: "ea7b9f12ae39b88f74437f8123fbce521869639e"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 128

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 141ms
69ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1595848596789&de=893047112608&d=CBS_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=07599ed-clean&iw=6494274&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=zdnet.com&bd=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&ac=1&bq=11&f=0&na=450366634&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:37 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202007221317/ 154 KB
49 KB 95ms
80ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007221317/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ec10371d71af57fb87dbabef77b350d1832c359d895ee48c574fd563adffec1

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 27 Jul 2020 11:16:37 GMT
Content-Encoding: gzip
Age: 532
X-Cache: HIT
Connection: keep-alive
Content-Length: 49458
x-amz-id-2: XyXAeoMyDdHZFdsLNTiaFa5rSFfeMAm0Efrl/BJG5CNVZKwPOXqH8Hr8XFbjr4F6VXfx6WMR+yU=
X-Served-By: cache-fra19143-FRA
Last-Modified: Wed, 22 Jul 2020 17:17:38 GMT
Server: AmazonS3
X-Timer: S1595848597.112100,VS0,VE0
ETag: "e71cf8325f3ef2a4012c2f60369a1bcb"
x-amz-request-id: F2036DB36696B2C5
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 350

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/202007221317/ 72 KB
23 KB 192ms
74ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202007221317/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b292ccf57070159c7547539f735f83284bb4ac998c898796907c99aaf2a1754

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 27 Jul 2020 11:16:37 GMT
Content-Encoding: gzip
Age: 529
X-Cache: HIT
Connection: keep-alive
Content-Length: 23382
x-amz-id-2: wi0cWJPixeqZ9qZ1YnREU1VQlwmwf2GcJ32nB592oNnlhJ1vhYU8p2E7GMwpNOgOTxsK01R/Jo8=
X-Served-By: cache-fra19143-FRA
Last-Modified: Wed, 22 Jul 2020 17:17:40 GMT
Server: AmazonS3
X-Timer: S1595848597.213312,VS0,VE0
ETag: "b822fbda361cd372d0f2f8df6f1e2809"
x-amz-request-id: 9A5A5866749023F3
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 304

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame DB3F 0
0 98ms
97ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunJT1KiWaT7QP1Ahe2sKdBcluQ2LCfFLyCeZY-wM85Q2pwqJzdlbKFu8zhR79301g7lsNuJgH8Xq7IHYch_zQuAzdCFVvyD4gWtRL9ramr540cDyo1ImNJYj56TOeh64oXL8KZfqeAN5Ok770w6mr2C8eM-UBFfrgY3qzNkOPsJ234E95vi_uHDBwhw36v8O-kK-2oyb8T4VO4uhwP5JHr1DH8lqpuBz8whdrT-pWOPR-riZ51vfw8JSUMqUC8ozZwBisTszWu&sai=AMfl-YQHG6dNWlTLtlFIn8Qm_lR4_eFbO4Vb2nkWWSxATMgt8kMxVdjUt3KL6k34apoXZ4Vf4SomS7HR2JPhkjcqWaY23HijdKMEm8OOQfS4pZNgpJhVQp18YY8A7iaVOs8&sig=Cg0ArKJSzJ6M1DzHHWNzEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:37 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:37 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB3F 73 KB
28 KB 96ms
69ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:37 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame DB3F 321 KB
107 KB 95ms
89ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:37 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=20946
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/032007210634000/ Frame 8B2A 206 KB
56 KB 112ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f14d0b5bdba6df0ce559261f0a5dae89e6def28580f94e3689a8753b9dca0bd7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291507
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57397
x-xss-protection: 0
server: sffe
date: Fri, 24 Jul 2020 02:18:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4f0584f1caea2f79"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jul 2021 02:18:10 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/032007210634000/v0/ Frame 8B2A 16 KB
6 KB 111ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007210634000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66f14ced94dbd60cb3c1f8fc74f67f01d05b4cbeee93c877a2e86ad31847eb44

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291545
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5902
x-xss-protection: 0
server: sffe
date: Fri, 24 Jul 2020 02:17:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ed761c4f9176d72d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jul 2021 02:17:32 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/032007210634000/v0/ Frame 8B2A 96 KB
29 KB 106ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007210634000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb199303a3c6c4ec7d96d3135a9798cf63f52e829aba12d2ae8c30f01425281a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291535
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29699
x-xss-protection: 0
server: sffe
date: Fri, 24 Jul 2020 02:17:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff583ae049a1bccf"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jul 2021 02:17:42 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/032007210634000/v0/ Frame 8B2A 4 KB
2 KB 105ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007210634000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

360a25e0b7ac5376a0c319d1eac76df31ffcce5b82faa2f3a0b3ef70f370d151

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291516
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1786
x-xss-protection: 0
server: sffe
date: Fri, 24 Jul 2020 02:18:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fe8a226332f994d7"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jul 2021 02:18:01 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/032007210634000/v0/ Frame 8B2A 48 KB
16 KB 103ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007210634000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0847fb2a4b12a2cfd5b8775ebf0a1ca59c1d8c34894ee2f3f26e827969f39567

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291543
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15001
x-xss-protection: 0
server: sffe
date: Fri, 24 Jul 2020 02:17:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f044ff03265d7aa3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jul 2021 02:17:34 GMT

GET
DATA 200
OK truncated
/ Frame 8B2A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e049f1f45902c381e0c411bb989f63d51bb482ec5951037a48be2aef08ab2fd

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 7736773485993583959
tpc.googlesyndication.com/simgad/ Frame 8B2A 139 KB
139 KB 61ms
57ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7736773485993583959?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkF6RFi6gvnO2JCco_iAc0bLgNffg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32aecfed610dc7dbbd9de8af1b2b358ad8d35db7b4ac4e06a5ed5a9f607021d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 21 Jul 2020 16:15:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jun 2020 09:34:45 GMT
server: sffe
age: 500474
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142081
x-xss-protection: 0
expires: Wed, 21 Jul 2021 16:15:23 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8B2A 3 KB
3 KB 60ms
57ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 07:17:37 GMT
x-content-type-options: nosniff
server: cafe
age: 14340
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Tue, 28 Jul 2020 07:17:37 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8B2A 344 B
568 B 59ms
56ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:09:07 GMT
x-content-type-options: nosniff
server: cafe
age: 450
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 28 Jul 2020 11:09:07 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8B2A 0
0 98ms
95ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLZtSlLceX-aOL5TX3gOO74GYB8zPhLVe1-W3udELFBABIMyRriJg6gGgAaXjhdkDyAEC4AIAqAMByAMIqgSvAk_Q-4wNK2kdXPyfJyjvtCeU_xx_8ZnQc_dS13-xOZpLHFBjAnXnt2JpwAiLrVjwm4cRtoXMeBsaUMhY84Ipk5YQsPEY-9fo1Ln1jAuZP0AD27KQ9Ros6Als1OIJQWYTlS5tz9gdwwsfMrKfGfUWX4E088-o2yMzdTDJCBhsCKddzqHkFeG51XgjkW0Bg_AIJ180DlvN4c09fLBju3WxLUxP3OmahbjEc52iiewQHm3-yxKjw3hNeiB0B8ZN3VkK6DcSrU3oiT_svFS0eXNjWs9GDLytAPoTbKvWsKv89P3gfzY8T85cJzTidQg5S_5dQgKEiD_PT3VjdaHvKOSR5W6rjY97ZOaF043ypxdUYIYKKMWPM8wZCuZzkEQvdujS_tuARWh0Fd-g6NS6QC1b4cAEv5fGqvUC4AQBkgUECAQYAZIFBAgFGASgBgKAB-fw2pQBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEELGWF9IICQiA4YBwEAEYHYAKA8gLAdgTDA&sigh=JeLtJN6shbA&tpd=AGWhJmvks771vACZnHxA7OxLMcVMWzleZmuRaCKOgUUujwCMaw
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 67ms
64ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5df4cbe089972488f66c3dc318c74ff2467967db69f87d00e54948ad0ca2b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27216
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:37 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 98ms
89ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1595848596789&de=720001079047&rx=462308731682&m=0&ar=07599ed-clean&iw=6494274&q=3&cb=0&cu=1595848596789&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&zMoatAType=content_article&zMoatTest=zdnet&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A551%3A551%3A0%3A651&fs=183156&na=25954039&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:37 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/032007210634000/ Frame F100 206 KB
56 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f14d0b5bdba6df0ce559261f0a5dae89e6def28580f94e3689a8753b9dca0bd7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291507
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57397
x-xss-protection: 0
server: sffe
date: Fri, 24 Jul 2020 02:18:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4f0584f1caea2f79"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jul 2021 02:18:10 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/032007210634000/v0/ Frame F100 16 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007210634000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66f14ced94dbd60cb3c1f8fc74f67f01d05b4cbeee93c877a2e86ad31847eb44

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291545
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5902
x-xss-protection: 0
server: sffe
date: Fri, 24 Jul 2020 02:17:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ed761c4f9176d72d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jul 2021 02:17:32 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/032007210634000/v0/ Frame F100 96 KB
29 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007210634000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb199303a3c6c4ec7d96d3135a9798cf63f52e829aba12d2ae8c30f01425281a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291535
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29699
x-xss-protection: 0
server: sffe
date: Fri, 24 Jul 2020 02:17:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff583ae049a1bccf"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jul 2021 02:17:42 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/032007210634000/v0/ Frame F100 4 KB
2 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007210634000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

360a25e0b7ac5376a0c319d1eac76df31ffcce5b82faa2f3a0b3ef70f370d151

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291516
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1786
x-xss-protection: 0
server: sffe
date: Fri, 24 Jul 2020 02:18:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fe8a226332f994d7"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jul 2021 02:18:01 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/032007210634000/v0/ Frame F100 48 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007210634000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0847fb2a4b12a2cfd5b8775ebf0a1ca59c1d8c34894ee2f3f26e827969f39567

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291543
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15001
x-xss-protection: 0
server: sffe
date: Fri, 24 Jul 2020 02:17:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f044ff03265d7aa3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jul 2021 02:17:34 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F100 3 KB
3 KB 9ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 07:17:37 GMT
x-content-type-options: nosniff
server: cafe
age: 14340
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Tue, 28 Jul 2020 07:17:37 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F100 344 B
401 B 10ms
9ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:09:07 GMT
x-content-type-options: nosniff
server: cafe
age: 450
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 28 Jul 2020 11:09:07 GMT

GET
DATA 200
OK truncated
/ Frame F100 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4cdfa0fecc63b6ca25aa37dff86bd420364c21fb0fbaafad755bb85e5cdfebc

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html
677756612204b02249613994bc3a06d0.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame D8CD 0
0 7ms
7ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://677756612204b02249613994bc3a06d0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 677756612204b02249613994bc3a06d0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Mon, 27 Jul 2020 11:16:36 GMT
expires: Tue, 27 Jul 2021 11:16:36 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F5F3 0
0 97ms
96ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMJtg7P7IGQ2i1aYOdmGVJMhsKdIX0JPe0t_3pwQgVIMPSkua3c0pagBWAYM9Glv9kQF73L-EyhNbCRoJeqM0rzlbqNtPxW6WJPqWuVZpokNTZZK59etWFfCntjt6FXnVBwicfDL0lpowxbnOxtiesKuTH6tELCNrdhDZoc9KR5CaOb0MP7yxXv_OrvW_Npt2A2Lbou0eV5eGIX4OePANGZ_cqL46yqe6BIJa2lK769yoJHNWI1BigKaHlqc_b_8kwh5Bj0SBs&sai=AMfl-YS8ePO05MDxa5Own7UeUiHfMSrHF-54cmjgz3Kql2noG1QmcMZY4RDhyfCw2OFwl0Rm7bDmn0uh6q9nroHUkPbQBLVfFAnaNJwFJRz0EUeDBwbhqx-HdoCR3SofpuE&sig=Cg0ArKJSzABHs9wdRByBEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:37 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK adKit.min.js Show response
rev.cbsi.com/common/js/ Frame F5F3 6 KB
2 KB 289ms
98ms Script
application/x-javascript 95.100.118.141
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rev.cbsi.com/common/js/adKit.min.js?1644407603
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.118.141 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 27 Jul 2020 11:16:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2019 18:29:20 GMT
Server: AkamaiNetStorage
ETag: "e524dc608d5c7c30eef57b6ed95dc6a8:1557772160"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2149

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5F3 73 KB
28 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:37 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame F5F3 321 KB
107 KB 84ms
84ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:37 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=20946
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9CDF 0
0 94ms
92ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqGEZWBU4Cj-Z8ZqMuFNAO0ablA31Gq6PS8vsHCGrzh5aBuiClkVOKYevhT6I92aU00jJAyBl-xN0I8myZvHj0JP2OpL_f5SqCuwt5UqINkNySMzQGyPJFHWIrb7IUKhcZFtH4LVz7iCBSab8ymdzPi86vVESYzSayJwzwtBsqGVAgFsgBs-s8q5lypNMRGcRyxauiI4WwxZOjIM4Q-aDHqb0v6CQOAj5r1KYbgA1ruCokgZoHWWwmn1PNgRpw0zuxCyRDx4Mt&sai=AMfl-YQUL05GyH05vg9cSBqWmQ2lMO9ZuLSktOrAreJOAjAZ3T2_MUTF-F56eure9kfkiTmZqYeRnact0HUKfR5NlEvGL9AFThTzFvaDFRe1c7JEhOY4ST3LJkvfsBgIm20&sig=Cg0ArKJSzC3bGP0gVT7tEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:37 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 tag Show response
a.teads.tv/page/11425/ Frame 9CDF 1016 B
840 B 304ms
124ms Script
application/javascript 2.21.37.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/11425/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.37.179 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 5b262ba67cbc58425a4ab92cc469447f6fc02bd9782a879d4efab473cd467d77

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:37 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 590
expires: Mon, 27 Jul 2020 12:16:37 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9CDF 73 KB
28 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:37 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 9CDF 321 KB
107 KB 79ms
78ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:37 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=20946
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C94E 0
0 96ms
93ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssXViB6kytxDjigQw_NZ3gYj5eoN03vwIrh5I5sWMRebHOHxaMgv3SdAomqmVHsKOeGAvezOMS9gJIgFxGIf7l4DeDWAJvidZNjAOQ-RRruEHnzUgEXEhNYA_eE-0qIc6VvyVx4JYvb0XY6sLwcfD5rM7NHPw0M8M93Vm6DzELSrtZXMKG0xYfq8P3ZgeLLDMIqNqNJKR18g-uXbM9DB-hfEarATdL8bJVW14-Nw0L5VSZ-BMcysTy8fT11PTOpDlSEud1zjqE&sai=AMfl-YRuyUU4L8MajCRhzuAS5wZjTB64i0g3qcJ7PtZUBis4Hq7Czb-4-7__Y9DDqcoOJOy3GTfb8Y3SUPAfJ9dxPgDc7qLOcvr-dmaHaFrQfQcCTgyKc4R3fhX1k9BYnuI&sig=Cg0ArKJSzGgOBC6HmprbEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:37 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ Frame C94E 92 KB
33 KB 91ms
4ms Script
text/javascript 2a00:1450:4001:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 22 Jul 2020 21:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 396354
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33333
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jul 2021 21:10:43 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C94E 73 KB
28 KB 74ms
72ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:37 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame C94E 321 KB
107 KB 89ms
87ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:37 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=20946
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 4152293380393464882
tpc.googlesyndication.com/simgad/ Frame F100 42 KB
42 KB 8ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4152293380393464882?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql4Ddjlwb_OEvyFv-aOPA9wXFQgfg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a42afa5f0e28f65e17da62e0166350ce416d029390a7eed371780b58b166eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 21:23:59 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Jul 2017 18:47:17 GMT
server: sffe
age: 1605158
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43024
x-xss-protection: 0
expires: Thu, 08 Jul 2021 21:23:59 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F100 0
0 96ms
95ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuAPMlLceX-eOL5TX3gOO74GYB7yk8ehb2MXpxZoMxPeW078JEAEgzJGuImDqAaAB2PecyQPIAQLgAgCoAwHIAwiqBK4CT9AfAa-kYgYdWiKMp34oIzvuX13tta4FmZXklkhau482qeiAf7yeidhKfM4XqHt9MXPXUP7jedlSG8Ce1kym08eoQ7zFOJZgvKq5_cRLCy90LKRitO1qC5zh-6k3bZ07F0xvt9CigJbvOKmOYguC4g-wemZa00-6DD4tyK5mmuKTbyTkRI-wRKf_HWqkDCWg9br2_R_c-dXazZKvtdCCe1aniXug1-awXI6BYih76f3b3J2WVxY0_43iVtEFw6dT_dy6GqZxFNuV7S854_K44H_6yPKoSW__wOzt6iPiHwaKlepaV6i2bTehlY_frF5a5ngSsLZyH6tukGrkg20xbHcRpTI4EGgmDqB7YgNDQh16Kq7NVHxNCH43FXq69-Z2TAUZDG0Y_As9zKJwXovABPGzgYr6AeAEAZIFBAgEGAGSBQQIBRgEoAYCgAee_f4TqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEMXvLtIICQiA4YBwEAEYHYAKA8gLAdgTDA&sigh=R5Wb3uSOjTQ&tpd=AGWhJmtTwGVVt3-Br0dfLNCp98ytJKPElYBairdzfZ6C121WQw
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/032007210634000/ Frame 398F 206 KB
56 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007221317/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f14d0b5bdba6df0ce559261f0a5dae89e6def28580f94e3689a8753b9dca0bd7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291507
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57397
x-xss-protection: 0
server: sffe
date: Fri, 24 Jul 2020 02:18:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4f0584f1caea2f79"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jul 2021 02:18:10 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/032007210634000/v0/ Frame 398F 16 KB
6 KB 23ms
16ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007210634000/v0/amp-ad-exit-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007221317/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66f14ced94dbd60cb3c1f8fc74f67f01d05b4cbeee93c877a2e86ad31847eb44

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291545
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5902
x-xss-protection: 0
server: sffe
date: Fri, 24 Jul 2020 02:17:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ed761c4f9176d72d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jul 2021 02:17:32 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/032007210634000/v0/ Frame 398F 96 KB
29 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007210634000/v0/amp-analytics-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007221317/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb199303a3c6c4ec7d96d3135a9798cf63f52e829aba12d2ae8c30f01425281a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291535
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29699
x-xss-protection: 0
server: sffe
date: Fri, 24 Jul 2020 02:17:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff583ae049a1bccf"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jul 2021 02:17:42 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/032007210634000/v0/ Frame 398F 4 KB
2 KB 18ms
12ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007210634000/v0/amp-fit-text-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007221317/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

360a25e0b7ac5376a0c319d1eac76df31ffcce5b82faa2f3a0b3ef70f370d151

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291516
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1786
x-xss-protection: 0
server: sffe
date: Fri, 24 Jul 2020 02:18:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fe8a226332f994d7"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jul 2021 02:18:01 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/032007210634000/v0/ Frame 398F 48 KB
15 KB 17ms
11ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007210634000/v0/amp-form-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007221317/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0847fb2a4b12a2cfd5b8775ebf0a1ca59c1d8c34894ee2f3f26e827969f39567

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291543
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15001
x-xss-protection: 0
server: sffe
date: Fri, 24 Jul 2020 02:17:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f044ff03265d7aa3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jul 2021 02:17:34 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 398F 3 KB
3 KB 10ms
5ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007221317/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 07:17:37 GMT
x-content-type-options: nosniff
server: cafe
age: 14340
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Tue, 28 Jul 2020 07:17:37 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 398F 344 B
401 B 11ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007221317/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:09:07 GMT
x-content-type-options: nosniff
server: cafe
age: 450
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 28 Jul 2020 11:09:07 GMT

GET
DATA 200
OK truncated
/ Frame 398F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e62d1867c634428f40afbe1021ccb29c83c420b0f55d672521448e07f3d2eeb1

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 74DE 0
0 96ms
95ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrFvnWd1uDwUkmuwOjUWZkI8ZtbFRUMrb1xPyAEEHwIwgx6GzLGIvHRu9oJ46c4PHXSeVbDtJqNh8YUM_FxHqwHLRqN3kmPKUHZto-JOmfotdpbPv5RJYjXXMxBMz2SErVcjodNMtZF8DDWfvg_BKzeA7AxHUNPytChxlSo7i_d9Zamld8bQXDvkiL8u8Y9l7Ow9Ffzo8o3Wm0p7lMRWo0dzq4jGNep4YMy0wfZPG6565CgfbObtqTDMBRo8AY6FUkXq6ue70D&sai=AMfl-YTGJfNj54PBjU4rgMhg6kwpVnJUg_4guzrsqIFB59IhoD6-o9RyHdkCcKWy1kmP-_TD3HDVUGAofsoLKsr7zGXVR6nXubTCVzFjyqj99kDadA7fDNVL0qiYPnvV6-g&sig=Cg0ArKJSzJQx5qBN46WaEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:37 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74DE 73 KB
28 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:37 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 74DE 321 KB
107 KB 76ms
76ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:37 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=20946
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 9487076343211315954
tpc.googlesyndication.com/simgad/ Frame 398F 32 KB
32 KB 84ms
84ms Image
image/gif 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9487076343211315954

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be015548a7a85eeae6137f843f5e76cf69ed99d2e989eb76c045431f2f712d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:37 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 08:51:37 GMT
server: sffe
status: 200
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32312
x-xss-protection: 0
expires: Tue, 27 Jul 2021 11:16:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 398F 0
0 70ms
69ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR8BZrjt7T50CnmDBrJc4Kf6eRyZdiJdNWCj9mW0I_Tfj0N6BJ3p4p2t01pFswvXR8YjyBf
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 398F 0
0 95ms
94ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZuG7lLceX-mOL5TX3gOO74GYB42myfxd0N7spZEMv-EeEAEgzJGuImDqAaAB45rp1gPIAQOpAlU1ED5apLM-4AIAqAMByAMIqgSoAk_Q1IleQEYQZE09mLuwmHZ-3CjjI2t7zCSCN5enLUOzS4ewfuuOJeMHBEPBbED3Vivv4sNtVSQe8LeHb-geYcYCKdcKpYp3RQK8fcFdIkzxZ6RlfJHUH87lg0YfCpHHmyUuGNbothjUEyUtDlm14V1H66ZG6QRPOpd1x6J_Lx-v-MXI2_VPjKV_pMA5bPxffIYSMm0mKRpoT6m_qY2QdHAAxF9Prc8rkQ2TA_tqTlz9teJij150mm5CFo6fMZ0U1ETyUA3r5DIsc2yxyEQnXUgX4hVd_b5xshnUf_Y0if08HufwfadQ4LTCSaXRVRghVFLyN1X968X95yVKVgnTfZ0u3n3CFcuutk2YQiTHwUbKiHB_pbVAqYSAhXuWaX64CMu4VFsBn78vwASp9PfPjgPgBAGSBQQIBBgBkgUECAUYBKAGA4AHheWWKagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBDB9gvSCAkIgOGAcBABGB2ACgPICwHYEw2YFgE&sigh=cXckCFsxQoE&tpd=AGWhJmt7gXDS5GNg7Nit4o7NBrorE3ZFtdX8P0XUudIJ8IY3PA
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 18316741427266338429
tpc.googlesyndication.com/simgad/ Frame 74DE 43 KB
43 KB 65ms
65ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18316741427266338429?

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43bb80859836eb8547cbeec75495b055ab996d2252b8b945af0ff8c4cb0730ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 22 Jul 2020 21:55:44 GMT
x-content-type-options: nosniff
age: 393653
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43679
x-xss-protection: 0
last-modified: Mon, 06 Jul 2020 15:10:48 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jul 2021 21:55:44 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame DB3F 0
54 B 94ms
93ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsua4HoP57liiYuEbO1RLbwlxrpZNzZwx1bzJ0LCF_Agx0uKm-aU2Dnb-CdMvak0Os7DdFLzWQBP8BXkIbf5bkPJU2qo23BsCFmMUeoNAPWdqEYlzzbgxnZVt1dUSgFUw9CMCfWUgi3ITHH-7eeQnHXoeLRpUKpi7AdrQKtB7EqBVdIgxLZYBaHmAehKwy-ccDc9G1VrN0ymhMIWvLfTl3ZcdFxyYChL77i0qnZ5qXBqlbIV-f7Z1Nj2OD28QwAlIB-zwsynS5rT_GU&sai=AMfl-YRa87z-CI08q2itu4-Wp_UnV52LIYmZy2EnH7fjRBEh_xgYyYkXQjAltpgIA2URGbaFZ0M3SElxJFyOW01oy9pX3017VRZH37jb-ftPe_W7BjVYnMkTAeP1w7HO9cQ&sig=Cg0ArKJSzNt0qPHm3p3hEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:38 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 67ms
66ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1595848596789&de=839325218696&rx=462308731682&m=0&ar=07599ed-clean&iw=6494274&q=4&cb=0&cu=1595848596789&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&zMoatAType=content_article&zMoatTest=zdnet&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A551%3A551%3A0%3A651&fs=183156&na=86429101&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 249ms
70ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=126&fi=1&apd=252&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=aw-zdnet&S2id=security&ord=1595848596789&r=720001079047&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=0&zMoatPT=0&bedc=1&q=1&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:38 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 250ms
70ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=126&fi=1&apd=252&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=aw-zdnet&S2id=security&ord=1595848596789&r=720001079047&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=0&zMoatPT=0&bedc=1&q=2&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:38 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 250ms
71ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=126&fi=1&apd=252&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=aw-zdnet&S2id=security&ord=1595848596789&r=720001079047&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=0&zMoatPT=0&bedc=1&q=3&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:38 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
DATA 200
OK truncated
/ Frame 9CDF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d31486ee7824e091c31b8404a326b83455b3981e8b34aa192e19f02b838fc42e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C94E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 347ad6a072d4d8e03def375332f660160a0de95dff953d1dc575476b1975681d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C94E 0
54 B 96ms
96ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteSDB4XdEcTTSFCpktTD78V7PDtwotHJmzE3OE9fuS_15J_NRUD53rFXO5f6Im4d-Mi0fm-XnjU6EBcGe9hLPKwfq8Rgg2wVPcltH29zlL85Zy17T01KRPPo2Ehf38xnAfPjI7xVbJ84_2x934UhW9Mxg324dV-FG5baOL47l-bQR9dYXZdWG5HxUJTFnNiJNEsJ3GJj6IKgcwy6nEUYIX7vg0dRJ4MgGkWxoiok0PJlWlQqp-7HJRHXhpsJ50grkhsuAYozA1yMk&sai=AMfl-YTxV1vBFDIkrmPAFkvjSt0rk33HPG_GYJQM8W3UlKEaxHUWI0til476d1FPlaRQ4Qc35cJXEPEa3v8EGDj93IBrGBi87xIBuSh--pYm8nmPM2TnTlzaVPixMlKAcl8&sig=Cg0ArKJSzB_afN9zGr4rEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:38 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame F5F3 48 KB
16 KB 44ms
39ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: rev.cbsi.com
URL: https://rev.cbsi.com/common/js/adKit.min.js?1644407603

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5e5742593fb85b25251acdb96a2f0d31ee17b2eb8b6b8c737714ea1efc56a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "583 / 286 of 1000 / last-modified: 1595801233"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 16533
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 139ms
74ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=320&fi=1&apd=446&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=aw-zdnet&S2id=security&ord=1595848596789&r=720001079047&t=hdn&os=1&fi2=0&div1=0&ait=97&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=0&zMoatPT=0&bedc=1&q=4&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:38 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 140ms
74ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=97&fi=1&apd=194&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=aw-zdnet&S2id=security&ord=1595848596789&r=839325218696&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=0&zMoatPT=0&bedc=1&q=1&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:38 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 140ms
75ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=97&fi=1&apd=194&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=aw-zdnet&S2id=security&ord=1595848596789&r=839325218696&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=0&zMoatPT=0&bedc=1&q=2&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:38 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 147ms
69ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=97&fi=1&apd=194&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=aw-zdnet&S2id=security&ord=1595848596789&r=839325218696&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=0&zMoatPT=0&bedc=1&q=3&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:38 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 151ms
73ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=109&fi=1&apd=206&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=aw-zdnet&S2id=security&ord=1595848596789&r=839325218696&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=0&zMoatPT=0&bedc=1&q=4&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:38 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 147ms
70ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=12&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=aw-zdnet&S2id=security&ord=1595848596789&r=860373476147&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=0&zMoatPT=0&bedc=1&q=1&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:38 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 74ms
73ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=12&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=aw-zdnet&S2id=security&ord=1595848596789&r=860373476147&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=0&zMoatPT=0&bedc=1&q=2&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:38 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 74ms
73ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=16&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=aw-zdnet&S2id=security&ord=1595848596789&r=860373476147&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=0&zMoatPT=0&bedc=1&q=3&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:38 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 74DE 0
54 B 94ms
93ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttKeHs4HESxobkKircVc2SQOzG7Ix8THloEcTJv4PSmbNSyR5W0OvGzCMjm3Nm_KVX1nUy-qoD9t-9Rzlnta9xcK5eDx1CotLoKhaxQLHgH-4srKN_T2TAUCRkthDJd0PfiaHh_sZhUIIpQxrBH_o6w_1gRTxOjpsRPg-Bej2UWRlj-HLYiZC8Y8sqLOlNskvT-xVNJ4gG2yqzDObLVAqslq25-hgjbJZrQzTKrY3pSVKj93Fk4teHAa36nN8dtCWWj0I8VZpHLdY&sai=AMfl-YQ_uoyWdLwsbIMIV6_fgUF-uN-SghEh7JZ0HaFpVJHptSmDK4Huxb77O_GMpx34nzLlTTinIqoBydkeK82P-gZGZ_WWHSUZqYFyOAgGEM5HMq2hQ1p8xTx9YWembd0&sig=Cg0ArKJSzK_kQKRGwQyCEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:38 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 74DE 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdf525091995fe88f6f738cd3448210984bd9f9530b29dd8f0da3a76f79d416e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 73ms
72ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=11&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25477209&L2id=2495342617&L3id=5416102949&L4id=138316228418&S1id=23586489&S2id=23600769&ord=1595848598486&r=502771068409&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=bottom&zMoatPT=article&bedc=1&q=1&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:38 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 72ms
71ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=11&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25477209&L2id=2495342617&L3id=5416102949&L4id=138316228418&S1id=23586489&S2id=23600769&ord=1595848598486&r=502771068409&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=bottom&zMoatPT=article&bedc=1&q=2&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:38 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:38 GMT

POST
H2 200 / Show response
www.zdnet.com/m3d0s1/recommend/dfp-in-article/ 9 KB
3 KB 186ms
185ms XHR
application/json 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/m3d0s1/recommend/dfp-in-article/

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/7e1a59-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7fdf1018ffa2b362209347cc2a17cb7d8eb4aeea8e1897e5068ea922cc786384

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
date: Mon, 27 Jul 2020 11:16:38 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
vary: Accept-Encoding, User-Agent
x-tx-id: 34edd00f-3995-4c47-b5f3-0975fe9b525d
content-type: application/json
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Mon, 27 Jul 2020 12:46:38 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 72ms
71ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=120&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=aw-zdnet&S2id=security&ord=1595848596789&r=21120925712&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=0&zMoatPT=0&bedc=1&q=1&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:38 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 72ms
71ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=120&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=aw-zdnet&S2id=security&ord=1595848596789&r=21120925712&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=0&zMoatPT=0&bedc=1&q=2&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:38 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8B2A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
39ms

Image
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Mon, 27 Jul 2020 11:16:38 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 675 KB
182 KB 50ms
10ms Script
text/javascript 2a02:26f0:f1:1a1::36f1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/11425/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f1:1a1::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 00d39d18d8f1c6b914c95896a407ec3343b866ad7d57313d7e27508a4c6daab7

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:38 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: FEA1E1146B445220
status: 200
content-length: 185592
x-amz-id-2: Ezsa/W9Vi+CSIbJ35vTOWWPhFdOPRuAYsjp+c5lltLgQUSApLzydBfYfkO5TjvkzdFsHjSDyc58=
last-modified: Mon, 27 Jul 2020 10:40:28 GMT
etag: "0305ad8e86d490993fefefa2c79805f7"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 6
accept-ranges: bytes
access-control-allow-headers: *
expires: Mon, 27 Jul 2020 11:46:38 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F100
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

43ms
42ms

Image
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Mon, 27 Jul 2020 11:16:38 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 61ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1595848596789&de=860373476147&rx=462308731682&m=0&ar=07599ed-clean&iw=6494274&q=5&cb=0&cu=1595848596789&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&zMoatAType=content_article&zMoatTest=zdnet&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A551%3A551%3A0%3A651&fs=183156&na=2027951174&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 398F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
39ms

Image
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Mon, 27 Jul 2020 11:16:38 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 7736773485993583959
tpc.googlesyndication.com/simgad/ Frame 8B2A 139 KB
139 KB 10ms
6ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7736773485993583959?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkF6RFi6gvnO2JCco_iAc0bLgNffg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32aecfed610dc7dbbd9de8af1b2b358ad8d35db7b4ac4e06a5ed5a9f607021d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 21 Jul 2020 16:15:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jun 2020 09:34:45 GMT
server: sffe
age: 500475
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142081
x-xss-protection: 0
expires: Wed, 21 Jul 2021 16:15:23 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8B2A 3 KB
3 KB 17ms
13ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 07:17:37 GMT
x-content-type-options: nosniff
server: cafe
age: 14341
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Tue, 28 Jul 2020 07:17:37 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8B2A 344 B
413 B 16ms
12ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:09:07 GMT
x-content-type-options: nosniff
server: cafe
age: 451
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 28 Jul 2020 11:09:07 GMT

GET
H2 200 4152293380393464882
tpc.googlesyndication.com/simgad/ Frame F100 42 KB
42 KB 13ms
11ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4152293380393464882?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql4Ddjlwb_OEvyFv-aOPA9wXFQgfg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a42afa5f0e28f65e17da62e0166350ce416d029390a7eed371780b58b166eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 21:23:59 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Jul 2017 18:47:17 GMT
server: sffe
age: 1605159
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43024
x-xss-protection: 0
expires: Thu, 08 Jul 2021 21:23:59 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F100 3 KB
3 KB 15ms
13ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 07:17:37 GMT
x-content-type-options: nosniff
server: cafe
age: 14341
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Tue, 28 Jul 2020 07:17:37 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F100 344 B
417 B 13ms
12ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:09:07 GMT
x-content-type-options: nosniff
server: cafe
age: 451
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 28 Jul 2020 11:09:07 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9CDF 0
54 B 108ms
92ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssue7eK4meDWRpPK3MPRo7NG_le_G2fkK2835j3A2AeAFXSFgOSWjXxbSKUs7TDg9kz6_nI1LzRxjklqlNd4yh36TcilRZaadTwfBHx3PXVWjVcGAC4_A57L4mqPIJNMgSglKIHt4UpYtfI_h3dUQot00RXoIGDspSNOExuRJT7Uh71XXy1Hf5O4Iwh1vJjb-1vx35H4CiWC54pfOv4jeU7kaRqYgXhGiXZ2ZQ1v-zReMFlEuhA-z-dEyfhLaqXTf7Kd2HAhjAOwI4&sai=AMfl-YQVnE9B0GXk4Wp-03GRaH7IDqquZuCFlZgMnyRafAgLUUnTnS1T10U8ScdgbMKJyr99J4DeWtFuplHWDhfhckaWJmi_2vFhW86Dq0PteTaHb7Clwz7ugmP4TTNbgfg&sig=Cg0ArKJSzDrDkwpSKBuWEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:38 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 75ms
73ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=308&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=aw-zdnet&S2id=security&ord=1595848596789&r=21120925712&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=0&zMoatPT=0&bedc=1&q=3&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:38 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 71ms
69ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=290&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25477209&L2id=2495342617&L3id=5416102949&L4id=138316228418&S1id=23586489&S2id=23600769&ord=1595848598486&r=502771068409&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=bottom&zMoatPT=article&bedc=1&q=3&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:38 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame F5F3 109 B
168 B 17ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame F5F3 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020072001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F5F3 253 KB
89 KB 93ms
92ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31e539be75870ad6cec377525eb196ea9fbc423ea53d68c03b2c94b96701bc47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Jul 2020 13:10:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91349
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H2 200 9487076343211315954
tpc.googlesyndication.com/simgad/ Frame 398F 32 KB
32 KB 10ms
9ms Image
image/gif 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9487076343211315954

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be015548a7a85eeae6137f843f5e76cf69ed99d2e989eb76c045431f2f712d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:37 GMT
x-content-type-options: nosniff
age: 1
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32312
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 08:51:37 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jul 2021 11:16:37 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 398F 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 07:17:37 GMT
x-content-type-options: nosniff
server: cafe
age: 14341
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Tue, 28 Jul 2020 07:17:37 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 398F 344 B
413 B 6ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:09:07 GMT
x-content-type-options: nosniff
server: cafe
age: 451
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 28 Jul 2020 11:09:07 GMT

GET
H2

200

expertGroup_125x100.jpg
static.cbsileads.com/direct/images/doctype/
Redirect Chain

https://creatives.cbsileads.com/images/doctype/expertGroup_125x100.jpg
https://static.cbsileads.com/direct/images/doctype/expertGroup_125x100.jpg

4 KB
4 KB

118ms
35ms

Image
image/jpeg

35.190.21.111
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cbsileads.com/direct/images/doctype/expertGroup_125x100.jpg
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.21.111 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c2d107b2b6fd34efc47d3ee61f5a41eb49548e0788beed0a16705f292d31702c

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 10:37:51 GMT
x-goog-meta-goog-reserved-file-mtime: 1553141219
age: 2328
x-guploader-uploadid: AAANsUl4RrvKp2CQktYU1LY18mpTBi6GnC0mS2B6JGvW7kGN30zJ4Ofwi2MRSBKd9PXBe_DO5B1IPj8FyrsA5osvBw0
x-goog-storage-class: REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 3639
last-modified: Sat, 24 Aug 2019 01:05:59 GMT
server: UploadServer
etag: "c97a073917dd5295aab139330be15303"
x-goog-hash: crc32c=xc5N/Q==, md5=yXoHORfdUpWqsTkzC+FTAw==
content-language: en
x-goog-generation: 1566608759879532
cache-control: public, max-age=3600
x-goog-stored-content-length: 3639
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 27 Jul 2020 11:37:51 GMT

Redirect headers

date: Mon, 27 Jul 2020 11:16:39 GMT
via: 1.1 google
server: nginx
status: 301
content-type: text/html
location: https://static.cbsileads.com/direct/images/doctype/expertGroup_125x100.jpg
alt-svc: clear
content-length: 162

GET
H2 200 0.13251944142253613
saa.cbsi.com/b/ss/cbsib2bleadgen/1/G.4--NS/ 43 B
395 B 351ms
62ms Image
image/gif 15.236.175.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://saa.cbsi.com/b/ss/cbsib2bleadgen/1/G.4--NS/0.13251944142253613?AQB=1&ce=UTF%2D8&events=event66&v0=ftag_cd:TRE-00-10aaa4f&v2=en&v3=desktop&v4=dfp-in-article&v5=zdnet&v10=&v20=&v22=&v23=&v24=&v30=&v60=33164070&v64=1065&v69=&c0=D%3Dv0&c2=D%3Dv2&c3=D%3Dv3&c4=D%3Dv4&c5=D%3Dv5&c10=D%3Dv10&c20=D%3Dv20&c22=D%3Dv22&c23=D%3Dv23&c24=D%3Dv24&c30=D%3Dv30&c60=D%3Dv60&c64=D%3Dv64&c69=D%3Dv69&pe=lnk_o&pev2=medusa_impression&vid=202007273-leadgen-zdnet&mid=90240133173074011141898988208131324462&aid=2D535D450507F28B-40000106A0001145&AQE=1

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.175.233 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:39 GMT
x-content-type-options: nosniff
x-c: master-1315.Ia06625.M0-426
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 28 Jul 2020 11:16:39 GMT
server: jag
xserver: anedge-7447d85976-mdlbg
etag: 3427058771121504256-4614336510373933610
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 26 Jul 2020 11:16:39 GMT

GET
H2 200 pixel.png
im.cbsileads.com/ 609 B
1 KB 271ms
202ms Image
image/png 34.120.132.76
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.cbsileads.com/pixel.png?spotname=dfp-in-article&docid=33164070&pagetype=&topicname=Security&devicetype=desktop&lon=1500008513&promo=1065&site=zdnet&ursid=&tid=2707201116386447303
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.132.76 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0b960c8f9b3fb4ca1d0b1f43e40b5defd11dbf0fd60ebad49ad50ecc06119170

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:39 GMT
x-guploader-uploadid: AAANsUnWjV-p1iO2DwarqSDDK511QqO8VbqxMGSPv9QO4y2gsAEuaNRLgQ4pHaT2svjWOcQLvUSZiMeW8SIsnw4khmdTGNtaVQ
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 609
last-modified: Tue, 23 Jun 2020 01:31:20 GMT
server: UploadServer
etag: "6802175f61adc40617e8ba87a30aa6bd"
x-goog-hash: crc32c=Yf0PfA==, md5=aAIXX2GtxAYX6LqHowqmvQ==
content-language: en
x-goog-generation: 1592875880921192
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 609
accept-ranges: bytes
content-type: image/png
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1595848596789&de=21120925712&rx=462308731682&m=0&ar=07599ed-clean&iw=6494274&q=6&cb=0&cu=1595848596789&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&zMoatAType=content_article&zMoatTest=zdnet&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A551%3A551%3A0%3A651&fs=183156&na=2012472835&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:38 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 341ms
195ms Image
image/gif 23.202.53.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-bts&ts=1595848599025&pageId=11425&pid=82836&env=js-web&pfid=[pfid]&f=1&slot=native&auctid=e740b4bd-f76a-4151-b5b2-973cfac80dc3&debug_metadata=wb&fv=465&referer=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.124 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 27 Jul 2020 11:16:39 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 290ms
145ms Image
image/gif 23.202.53.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&ts=1595848599022&pageId=11425&pid=82836&env=js-web&pfid=[pfid]&f=1&auctid=e740b4bd-f76a-4151-b5b2-973cfac80dc3&fv=465&referer=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.124 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 27 Jul 2020 11:16:39 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ZaVnC4dhaV3tMuL-jxvu514sKTR1JLPJH0zZLzvxn3qMwWPdO_mBRbSGTyZgi2P4CqAJ4tfCX6IriPgecDkMFRxDm1GAGUben7xo9S92iY-h9z-o4eCwqg==
s8t.teads.tv/sumo/receiver/v1/http/ 0
0 119ms
118ms Image
text/plain 2a02:26f0:f1:1a1::36f1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/sumo/receiver/v1/http/ZaVnC4dhaV3tMuL-jxvu514sKTR1JLPJH0zZLzvxn3qMwWPdO_mBRbSGTyZgi2P4CqAJ4tfCX6IriPgecDkMFRxDm1GAGUben7xo9S92iY-h9z-o4eCwqg==?%5B465%7Cd%7CMac%20OS%7C10.14%7CChrome%7C83%7Cweb%7C%7C%5D%5B82836%7C%7C%5D%5Binfo%5D%20f11
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f1:1a1::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-max-age: 86400
access-control-allow-methods: GET,POST

GET
H2 200 ZaVnC4dhaV3tMuL-jxvu514sKTR1JLPJH0zZLzvxn3qMwWPdO_mBRbSGTyZgi2P4CqAJ4tfCX6IriPgecDkMFRxDm1GAGUben7xo9S92iY-h9z-o4eCwqg==
s8t.teads.tv/sumo/receiver/v1/http/ 0
0 120ms
119ms Image
text/plain 2a02:26f0:f1:1a1::36f1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/sumo/receiver/v1/http/ZaVnC4dhaV3tMuL-jxvu514sKTR1JLPJH0zZLzvxn3qMwWPdO_mBRbSGTyZgi2P4CqAJ4tfCX6IriPgecDkMFRxDm1GAGUben7xo9S92iY-h9z-o4eCwqg==?%5B465%7Cd%7CMac%20OS%7C10.14%7CChrome%7C83%7Cweb%7C%7C%5D%5B82836%7C%7C%5D%5Binfo%5D%20tagtype%203
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f1:1a1::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-max-age: 86400
access-control-allow-methods: GET,POST

GET
H2 200 track
t.teads.tv/ 23 B
143 B 296ms
151ms Image
image/gif 23.202.53.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&ts=1595848599023&pageId=11425&pid=82836&env=js-web&pfid=[pfid]&f=1&slot=native&auctid=e740b4bd-f76a-4151-b5b2-973cfac80dc3&fv=465&referer=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.124 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 27 Jul 2020 11:16:39 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ZaVnC4dhaV3tMuL-jxvu514sKTR1JLPJH0zZLzvxn3qMwWPdO_mBRbSGTyZgi2P4CqAJ4tfCX6IriPgecDkMFRxDm1GAGUben7xo9S92iY-h9z-o4eCwqg==
s8t.teads.tv/sumo/receiver/v1/http/ 0
0 121ms
119ms Image
text/plain 2a02:26f0:f1:1a1::36f1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/sumo/receiver/v1/http/ZaVnC4dhaV3tMuL-jxvu514sKTR1JLPJH0zZLzvxn3qMwWPdO_mBRbSGTyZgi2P4CqAJ4tfCX6IriPgecDkMFRxDm1GAGUben7xo9S92iY-h9z-o4eCwqg==?%5B465%7Cd%7CMac%20OS%7C10.14%7CChrome%7C83%7Cweb%7C%7C%5D%5B82836%7C%7C%5D%5Binfo%5D%20f24
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f1:1a1::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-max-age: 86400
access-control-allow-methods: GET,POST

GET
H2 200 ZaVnC4dhaV3tMuL-jxvu514sKTR1JLPJH0zZLzvxn3qMwWPdO_mBRbSGTyZgi2P4CqAJ4tfCX6IriPgecDkMFRxDm1GAGUben7xo9S92iY-h9z-o4eCwqg==
s8t.teads.tv/sumo/receiver/v1/http/ 0
0 120ms
120ms Image
text/plain 2a02:26f0:f1:1a1::36f1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/sumo/receiver/v1/http/ZaVnC4dhaV3tMuL-jxvu514sKTR1JLPJH0zZLzvxn3qMwWPdO_mBRbSGTyZgi2P4CqAJ4tfCX6IriPgecDkMFRxDm1GAGUben7xo9S92iY-h9z-o4eCwqg==?%5B465%7Cd%7CMac%20OS%7C10.14%7CChrome%7C83%7Cweb%7C%7C%5D%5B82836%7C%7C%5D%5Binfo%5D%20ccpa-iab-consent%200%202
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f1:1a1::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-max-age: 86400
access-control-allow-methods: GET,POST

GET
H2 200 ad Show response
a.teads.tv/page/11425/ 493 B
595 B 200ms
199ms XHR
application/json 2.21.37.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/11425/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&page=%7B%22id%22%3A11425%2C%22placements%22%3A%5B%7B%22id%22%3A82836%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A770%2C%22height%22%3A433%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%7D&auctid=e740b4bd-f76a-4151-b5b2-973cfac80dc3&formatVersion=2.22.61&env=js-web&netBw=10&ttfb=235
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.37.179 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 61a0236fccc11095a6452df96ad33d58f7f0a340d5c7e2653e306770cba11a25

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:39 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 339
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1595848599055&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1595848599055&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...

43 B
589 B

74ms
70ms

Image
image/gif

23.42.18.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1595848599055&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=24218103&cs_ucfr=&cs_ak_ss=1
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.42.18.223 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:39 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1595848599055&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=24218103&cs_ucfr=&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:39 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ZaVnC4dhaV3tMuL-jxvu514sKTR1JLPJH0zZLzvxn3qMwWPdO_mBRbSGTyZgi2P4CqAJ4tfCX6IriPgecDkMFRxDm1GAGUben7xo9S92iY-h9z-o4eCwqg==
s8t.teads.tv/sumo/receiver/v1/http/ 0
0 95ms
94ms Image
text/plain 2a02:26f0:f1:1a1::36f1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/sumo/receiver/v1/http/ZaVnC4dhaV3tMuL-jxvu514sKTR1JLPJH0zZLzvxn3qMwWPdO_mBRbSGTyZgi2P4CqAJ4tfCX6IriPgecDkMFRxDm1GAGUben7xo9S92iY-h9z-o4eCwqg==?%5B465%7Cd%7CMac%20OS%7C10.14%7CChrome%7C83%7Cweb%7C%7C%5D%5B82836%7C%7C%5D%5Binfo%5D%20gdpr-iab-consent%200
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f1:1a1::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-max-age: 86400
access-control-allow-methods: GET,POST

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 70ms
69ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=770&tet=1005&fi=1&apd=1131&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=aw-zdnet&S2id=security&ord=1595848596789&r=720001079047&t=iv&os=1&fi2=0&div1=1&ait=782&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=0&zMoatPT=0&bedc=1&q=5&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:39 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F5F3 16 KB
5 KB 144ms
143ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1768000596071800&correlator=3629107028021745&output=ldjh&impl=fifs&adsid=NT&eid=20194813%2C44723444%2C21066533&vrg=2020072001&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200727&iu_parts=8264%2Caw-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=372x142%2C372x142&prev_scp=env%3Dprod%26session%3Dc%26subses%3D3%26ptype%3Darticle%26vguid%3Ddb5d1bf2-5a9a-43ef-bae2-2907b150d22f%7Cenv%3Dprod%26session%3Dc%26subses%3D3%26ptype%3Darticle%26vguid%3Ddb5d1bf2-5a9a-43ef-bae2-2907b150d22f&cookie_enabled=1&cdm=www.zdnet.com&bc=31&abxe=1&lmt=1595848599&dt=1595848599141&dlt=1595848597569&idt=1561&frm=23&biw=1600&bih=1200&isw=371&ish=771&oid=3&adxs=-12245933%2C-12245933&adys=-12245933%2C-12245933&adks=2442809372%2C2442809371&ucis=y3i1qgyadi3u%7Ccu3gzix5xfby&ifi=1&ifk=2838586990&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&top=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&dssz=12&icsg=10888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0%7C0x0&msz=0x0%7C0x0&ga_vid=751315277.1595848599&ga_sid=1595848599&ga_hid=222692607&fws=256%2C256&ohw=0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a410bd43ec069d948ea1fb0b294698b05233d03a16994be034e2bc6c51f316b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4914
x-xss-protection: 0
google-lineitem-id: 4746066197,4746066197
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138239479696,138239375180
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
668ef347673356d422d82b246a815195.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame F5F3 0
0 49ms
14ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://668ef347673356d422d82b246a815195.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame F5F3 0
0 6ms
5ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1595848598097&de=64822715875&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=10&cb=0&ym=0&cu=1595848598097&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745699004%3A138239468890&zMoatPS=nav&zMoatPT=article&zMoatW=5&zMoatH=5&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatSN=c&zMoatSL=nav-ad%3FT-1000&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&bo=23586489&bp=23600769&bd=nav&dfp=0%2C1&la=23600769&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23586489&zMoatOrigSlicer2=23600769&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A551%3A551%3A0%3A651&iq=na&tt=na&tu=&tp=&fs=182322&na=188131992&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F5F3 0
172 B 94ms
93ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPX2XKBBN73bzJAfOAWzqzEhuKvR6eJfXiyRHWKv6aP7NA5Pfro_mMt-5rdfTWj6qIgesbLhoo5F_nklRVr4ySFkZlDl858Vldq5k_s8uy4GAMRbpp-TO7nNSioKvRHJ1ix6YCVwK0DBaauOe_5HWS7R1iGlewIjDn3qDNPkUjZE8j2iBrlhzo4YGJb-bbPiASoWCTYQGaA-YXalm3ftCJBXxfhXTb28CAcpOUA3npZ1s62tEIGChp6pw5t41HLV2Z_L91QT3Fdtg&sai=AMfl-YTI5jpEmfucs0-ZZQ7sI65hPD9qOxRlrXNuntf_32m6xGU8l_FDNrscHdixqq0mnNO2XxWZZSx9WDiGWfnvu1r6X22mgfpU-pbFH0vNECM4Zm42FzWUqzw293VOChE&sig=Cg0ArKJSzL4Uw0eTETbaEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:39 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 63ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F7736773485993583959%3Fsqp%3D4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4%26rs%3DAOga4qkF6RFi6gvnO2JCco_iAc0bLgNffg&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=720001079047&rx=462308731682&cu=1595848596789&m=1433&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4712&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=0&ag=126&an=0&gf=126&gg=0&ix=126&ic=126&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=126&bx=0&dj=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=252&cd=0&ah=252&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=leader-plus-top&tc=0&fs=183156&na=417408909&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 iframe
sync.teads.tv/ Frame 8D26 0
0 221ms
94ms Document
text/html 23.210.248.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?pid=82836&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=e740b4bd-f76a-4151-b5b2-973cfac80dc3&vid=ac24b75b9f499ac29e37fd326eeaf5cebd91cf19&1595848599263
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: akka-http/10.1.9 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /iframe?pid=82836&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=e740b4bd-f76a-4151-b5b2-973cfac80dc3&vid=ac24b75b9f499ac29e37fd326eeaf5cebd91cf19&1595848599263
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cs=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: akka-http/10.1.9
vary: Accept-Encoding
content-encoding: gzip
expires: Mon, 27 Jul 2020 11:16:39 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 27 Jul 2020 11:16:39 GMT
content-length: 593
set-cookie: tt_bluekai=; Expires=Tue, 28 Jul 2020 11:16:39 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Tue, 28 Jul 2020 11:16:39 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Tue, 28 Jul 2020 11:16:39 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Tue, 28 Jul 2020 11:16:39 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Tue, 28 Jul 2020 11:16:39 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Tue, 28 Jul 2020 11:16:39 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Tue, 28 Jul 2020 11:16:39 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Tue, 28 Jul 2020 11:16:39 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Tue, 28 Jul 2020 11:16:39 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5681 0
0 93ms
92ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst24YLFHF-b6gvcNmTq-TGlfLWzIGtPoJIBBwyklbz0vQPoCqDF4VtS_HZpUoD175zW5fa_nAblPYmUB9b6NsVRuOvmhpNNWSYgLU4TFoMpIvDb0MzqFXwYylPUiy5ZAsXkPMMByYsJ5qY79Upariy2VFqaaK99V377feYOaHwFYHObVu1jEmwydKsOCdHPT0a43axgqyRGtgD-sxnISBvbdg_2G0fvBqI7eKK6DShwZo9JjhBFjaxPqmST0JHPqaSsMQEcY4ke&sai=AMfl-YTM0TgbP3SXwB7Rzly4y_uudDumDvNzpwUr6MpHuNLwb2o0UxLKlpSpJW2LJk7JuksDUqFp_FEyyw0BZZtzhSuW_h8yPnsbf6PkqJD9YGZC72IU-ccPUbkwquBCmts&sig=Cg0ArKJSzGbifd48RQRiEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:39 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5681 73 KB
28 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 5681 321 KB
107 KB 62ms
62ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:39 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=20944
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 211E 0
0 94ms
93ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiAGm-7446mRBWNqv7NtS_NNmGxva8kNzupcc8isv25JbP0E9KjGPDTI096CBaoba3cypgfWgKhdSzTrTdlPlVjrVPhnWGEOcRQ1zZrRr2dUAxz7WYU5EDITo1eaug5ypgka8Z_y3xbJmPpIaSYZLy_pug91lu5P8awGh1256QbQN4W9-nz8oMYhu5Iwmg0wu_T57wFSaVJvx-YOkKeV1CORrA1QoV-z5J53Du0CfLHgvFIRHaz-gmu7m-IWWvgHWKQcuZvaEp&sai=AMfl-YTcz6meud_cLVeXNm74nez386dnC8tdUd-U_dPav0zQGA5tzf6ECqFY6fTkBY3Nyn9H_x5vRdZ1R--kaGGfVRiG73UxI20zMnJSvSsu543KE5NB5CcPx8yeGhkjIBo&sig=Cg0ArKJSzHUaIDUX--ETEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:39 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 211E 73 KB
28 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 211E 321 KB
107 KB 65ms
64ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:39 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=20944
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5F3 72 KB
27 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5df4cbe089972488f66c3dc318c74ff2467967db69f87d00e54948ad0ca2b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27216
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F5F3 7 KB
6 KB 44ms
21ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020072001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ace91527c04b3ba5ab5cf6be2c152161c55479e8f02ecb357bc0d3d16a8f014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5665
x-xss-protection: 0

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 71ms
70ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=879&tet=1008&fi=1&apd=1105&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=aw-zdnet&S2id=security&ord=1595848596789&r=839325218696&t=iv&os=1&fi2=0&div1=1&ait=835&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=0&zMoatPT=0&bedc=1&q=5&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:39 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1595848598274&de=225389690643&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=14&cb=0&ym=0&cu=1595848598274&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=71852289%3A469476969%3A4801344630%3A138244614252&zMoatPS=top&zMoatPT=article&zMoatW=641&zMoatH=321&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatSN=c&zMoatSL=inpage-video-top%3FT-1000&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&bo=23586489&bp=23600769&bd=top&dfp=0%2C1&la=23600769&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=641x321&zMoatSZPS=641x321%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23586489&zMoatOrigSlicer2=23600769&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A551%3A551%3A0%3A651&iq=na&tt=na&tu=&tp=&fs=182322&na=398970028&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F5F3 14 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5681 0
54 B 94ms
93ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBrDBoj5XEG6kprkDZ2ZDMbPqfJ5wjzSger6j7bFsASNDTRoIFPn2yzVPzzrZ47bGQRa6XlFjOjQWSe365VgGYHGVY7iQvagV4Ut2rVgZTAY4YkZ9nn8LUqW-qpYQTOIkEeh2RJHGhQo-oSl4Ac_1dcBE9T_CwdpuILWiJ0xzPujcP1dbSuniCE4EdCPnfz_hnmoTFT9REYFheJX5WTgh7vQcdTGa-sqGt5Z4keEPsPRmK7qk-5pmJZ4f3gg4nM_mlANKjBbuQcqY&sai=AMfl-YQyAX16887XUCF54FYsqaqFhgKK8YbGj7GpkdiLyOgU0I6roNsvmBJ9qoyTEV11IH5VE4KvXpYavJjbIibOjQB2hLWjuqEo-2JM-delAL5TMUOHHiL8anAAI9aqfoA&sig=Cg0ArKJSzGkYle9DnoVsEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:39 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 211E 0
54 B 128ms
128ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZg-NXRqQ7rF9dH9fVpAd6ifPyMyQzKejn6qD2pJJny3y82ycZ2CgSbMlGqEG241nCAxRoZeY5IVZHeA1fKelqd9qQVPWzIgW9mtfasaGyldfk6zn2TkXao-jsvsPf4InKDJkuROFA1deb-UDJMJG28kwXZ-x5cu3HFTi0q3Lh0LeWgz-_3TMa-aSzwSmlS5bNW4pDf6PC20_2VI_nTnqvF8CAHyHx_0BIftdIK-CXfyiK0gQ7kIfgAMERaoDhe2LT1EehDaMvdkM&sai=AMfl-YTnxuDAAcWAJWs97olAVKdfE-c4xzv1fP835NSxlRzPttnVUddz_bzcrjLS3j9VKXxbC1W6F3sbkV_0tqDgH8R9SXmOuuDOAMwLbb8x58cf4vaubHvQjVilf-skPo0&sig=Cg0ArKJSzIwZmVs3OaQfEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:39 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 86ms
85ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=98&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=29307369&L2id=452196489&L3id=316148409&L4id=101222456769&S1id=23586489&S2id=23600769&ord=1595848598289&r=297062090411&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=top&zMoatPT=article&bedc=1&q=1&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:39 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 86ms
84ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=98&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=29307369&L2id=452196489&L3id=316148409&L4id=101222456769&S1id=23586489&S2id=23600769&ord=1595848598289&r=297062090411&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=top&zMoatPT=article&bedc=1&q=2&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:39 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 84ms
83ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1595848598289&de=297062090411&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=18&cb=0&ym=0&cu=1595848598289&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=29307369%3A452196489%3A316148409%3A101222456769&zMoatPS=top&zMoatPT=article&zMoatW=11&zMoatH=11&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatSN=c&zMoatSL=sharethrough-top%3FT-1000&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&bo=23586489&bp=23600769&bd=top&dfp=0%2C1&la=23600769&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=11x11&zMoatSZPS=11x11%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23586489&zMoatOrigSlicer2=23600769&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A551%3A551%3A0%3A651&iq=na&tt=na&tu=&tp=&fs=182322&na=1229941198&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 099F 0
0 7ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Mon, 27 Jul 2020 09:21:27 GMT
expires: Tue, 27 Jul 2021 09:21:27 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6912
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 75ms
69ms Image
image/gif 23.202.53.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=203&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=29307369&L2id=452196489&L3id=316148409&L4id=101222456769&S1id=23586489&S2id=23600769&ord=1595848598289&r=297062090411&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatPS=top&zMoatPT=article&bedc=1&q=3&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.53.245 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:39 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 64ms
62ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1595848598381&de=834916891859&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=22&cb=0&ym=0&cu=1595848598381&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4825966980%3A138247024569&zMoatPS=top&zMoatPT=article&zMoatW=371&zMoatH=771&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatSN=c&zMoatSL=dynamic-showcase-top%3FT-1000&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&bo=23586489&bp=23600769&bd=top&dfp=0%2C1&la=23600769&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=371x771&zMoatSZPS=371x771%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23586489&zMoatOrigSlicer2=23600769&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A551%3A551%3A0%3A651&iq=na&tt=na&tu=&tp=&fs=182322&na=1609628172&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
62ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F4152293380393464882%3Fsqp%3D4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4%26rs%3DAOga4ql4Ddjlwb_OEvyFv-aOPA9wXFQgfg&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=839325218696&rx=462308731682&cu=1595848596789&m=1620&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4712&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=0&ag=97&an=0&gf=97&gg=0&ix=97&ic=97&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=97&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=194&cd=0&ah=194&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=mpu-plus-top&tc=0&fs=183156&na=818705105&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 63ms
62ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F677756612204b02249613994bc3a06d0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=1050&gp=2128&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=860373476147&rx=462308731682&cu=1595848596789&m=1630&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2128&lb=4712&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=12&cd=0&ah=12&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=mpu-middle&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tz=mpu-middle&tc=0&fs=183156&na=1410199554&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F5F3 0
233 B 39ms
39ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020072001&jk=1768000596071800&bg=!q6ilqLBYvDlYykyvCI8CAAAAZlIAAAATmQGKOnHkP1rSx7bVt0j4YgQchjqlL_DD1ZGRxzGqrNDvkOjKO7ht3wmlSnkFIgxhpjVI1QUoNsPMpG4hM_QXrZQr4Mq5pCQsaPXiibNX0KajC8TCgFtcI9qe1IMUcDg_XUL91SkhlgMBOewLj05-_aoFweulHxUJwDIkg15q9shp886YJ1SGBTmdY8LcGVRXMucUIoEavKWTnGl7UeXBtebxb40Fq6609_nZty818dxPPrid09dxVFQgcc_0eDAB4vg175tQuOLPyhix-7bKMOVtSWMCeWqR9XRmQqdJV6h7-pVWQjAucgxEC5qf6IGund6nBr8QtjiV3J0o5MXrK2PIBhx6G5ZlIkc3ESM6mVbsoKc7pDd1qnEea3X4cOKkhL8belBqseWuhjNTeQ_AQctbkXYECdgu00tuGS3HssZr2iHLqo-34IIIX4L7v_Q_cSAzYUcxsoqhnNuKMRvNZseq6BMGMxMj1L-9JAMoxbdjkpudI-ZXTbBjlhv4_EdlXriSJUBlAEB_dqBUrg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1595848598486&de=502771068409&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=26&cb=0&ym=0&cu=1595848598486&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2495342617%3A5416102949%3A138316228418&zMoatPS=bottom&zMoatPT=article&zMoatW=728&zMoatH=90&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatSN=c&zMoatSL=leader-plus-bottom%3FT-1000&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&bo=23586489&bp=23600769&bd=bottom&dfp=0%2C1&la=23600769&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23586489&zMoatOrigSlicer2=23600769&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A551%3A551%3A0%3A651&iq=na&tt=na&tu=&tp=&fs=182322&na=973582486&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 64ms
63ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F18316741427266338429%3F&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848598486&de=502771068409&cu=1595848598486&m=28&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4712&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=11&cd=0&ah=11&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25477209%3A2495342617%3A5416102949%3A138316228418&bo=23586489&bp=23600769&bd=bottom&dfp=0%2C1&la=23600769&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=bottom&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23586489&zMoatOrigSlicer2=23600769&zMoatW=728&zMoatH=90&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatSN=c&zMoatSL=leader-plus-bottom%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-bottom&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=707223728&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
62ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F9487076343211315954&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=21120925712&rx=462308731682&cu=1595848596789&m=1756&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4712&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=120&cd=0&ah=120&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=mpu-bottom&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tz=mpu-bottom&tc=0&fs=183156&na=2012501692&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F100 42 B
112 B 45ms
44ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbLsXzgWDS-tiB5_JDoQRIaaZN7psZEgwAKL1OncC6BJwYPcg-3tj1mKyy57N7V3_Rr1G5FSwiLOMmMcLEHQd2m85EprhEye_19FGY0TvTwYOBDx-AOlU8guMCR2zSK4dBmMohNPr-z5DTxMxHuR0T&sai=AMfl-YQ7rg8D6ip5QPReSgWoELn7jtUPl2V8IzPqAAfV1D1j2jg688v_f9KBF4gK9GSrKu8qJOHkWq78pJuz8balGlHlcB7c-27rtbyMZL2hZngea0Ux6_krSWIfZb-t5kw&sig=Cg0ArKJSzBy8XV0s58ZMEAE&cid=CAASPeRo1C2rPevOBz5C2gaKGECDf7E5pVbBb69sBkn2T3r6-KhdRkqSUEnJBFRGx9FOAn-szwdPYEXm14H1I3o&id=ampim&o=1050,560&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=473&tls=1474&g=100&h=100&tt=1474&r=v&avms=ampa&adk=2729011605

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=720001079047&rx=462308731682&cu=1595848596789&m=2302&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4306&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=1&ag=1005&an=126&gi=1&gf=1005&gg=126&ix=1005&ic=1005&ez=1&ck=1005&kw=770&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1005&bx=126&ci=1005&jz=770&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=770&cd=252&ah=770&am=252&rf=0&re=1&ft=782&fv=0&fw=782&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=leader-plus-top&tc=0&fs=183156&na=868990974&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 66ms
65ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=720001079047&rx=462308731682&cu=1595848596789&m=2303&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4306&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=1&ag=1005&an=1005&gi=1&gf=1005&gg=1005&ix=1005&ic=1005&ez=1&ck=1005&kw=770&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1005&bx=1005&ci=1005&jz=770&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=770&cd=770&ah=770&am=770&rf=0&re=1&ft=782&fv=782&fw=782&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=leader-plus-top&tc=0&fs=183156&na=916992605&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:40 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8B2A 42 B
107 B 41ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqapTqSef6LtszJJ8nZeuwO-SBSucIj9_wLegjAod9QRro2EU1u9dG-u4yz8pHUagd071tp_CDa2Ssmj-HyQzDP9ext9FocNWxTOZ7aBNbc3Flpcvuz-fo6X4oOw&sai=AMfl-YTeuw_CXXB1XDl6VL98_QW_HW0ucnLWTgpv5XgMjhTX8kxsI3mFsxLT_ZLX1rni3zFSOpNSexCGAiR-KSkKsxD2oCQR5L97Bwb5riW_w_RnBJ2CBKJ6ZHJlbVF2p48&sig=Cg0ArKJSzBbbUiPD50pwEAE&cid=CAASPeRoP9GaAuUHQKCRkMyt7-GE5SJSAHyBd_-dT8woAA0_hPjv8KghCwmDDBFbMAwlSaQKj_uYPXAY0Jg_xEw&id=ampim&o=315,280&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,0,1002,1002&tos=0,0,0,1002,0&tfs=668&tls=1670&g=100&h=100&tt=1670&r=v&avms=ampa&adk=3718565486

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 64ms
63ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=720001079047&rx=462308731682&cu=1595848596789&m=2303&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4306&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=1&ag=1005&an=1005&gi=1&gf=1005&gg=1005&ix=1005&ic=1005&ez=1&ck=1005&kw=770&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1005&bx=1005&ci=1005&jz=770&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=770&cd=770&ah=770&am=770&rf=0&re=1&ft=782&fv=782&fw=782&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=leader-plus-top&tc=0&fs=183156&na=891843908&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 73ms
72ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=839325218696&rx=462308731682&cu=1595848596789&m=2528&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4306&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=1&ag=1008&an=97&gi=1&gf=1008&gg=97&ix=1008&ic=1008&ez=1&ck=1008&kw=879&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1008&bx=97&ci=1008&jz=879&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=879&cd=194&ah=879&am=194&rf=0&re=1&ft=835&fv=0&fw=835&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=mpu-plus-top&tc=0&fs=183156&na=925311679&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=839325218696&rx=462308731682&cu=1595848596789&m=2529&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4306&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=1&ag=1008&an=1008&gi=1&gf=1008&gg=1008&ix=1008&ic=1008&ez=1&ck=1008&kw=879&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1008&bx=1008&ci=1008&jz=879&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=879&cd=879&ah=879&am=879&rf=0&re=1&ft=835&fv=835&fw=835&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=mpu-plus-top&tc=0&fs=183156&na=1108653861&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=839325218696&rx=462308731682&cu=1595848596789&m=2530&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4306&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=1&ag=1008&an=1008&gi=1&gf=1008&gg=1008&ix=1008&ic=1008&ez=1&ck=1008&kw=879&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1008&bx=1008&ci=1008&jz=879&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=879&cd=879&ah=879&am=879&rf=0&re=1&ft=835&fv=835&fw=835&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=mpu-plus-top&tc=0&fs=183156&na=1000564092&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1595848599391&de=627317252118&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=30&cb=0&ym=0&cu=1595848599391&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4746066197%3A138239479696&zMoatPT=article&zMoatW=372&zMoatH=142&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatSN=c&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&bo=23586489&bp=23600769&bd=-&dfp=0%2C1&la=23600769&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=372x142&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23586489&zMoatOrigSlicer2=23600769&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A551%3A551%3A0%3A651&iq=na&tt=na&tu=&tp=&fs=182322&na=178549243&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 61ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1595848599420&de=226401287073&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=34&cb=0&ym=0&cu=1595848599420&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4746066197%3A138239375180&zMoatPT=article&zMoatW=372&zMoatH=142&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatSN=c&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&bo=23586489&bp=23600769&bd=-&dfp=0%2C1&la=23600769&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=372x142&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23586489&zMoatOrigSlicer2=23600769&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A551%3A551%3A0%3A651&iq=na&tt=na&tu=&tp=&fs=182322&na=248938361&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 64ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=9&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.zdnet.com%2F%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F%20%20https%3A%2F%2Fcreatives.cbsileads.com%2Fimages%2Fdoctype%2FexpertGroup_125x100.jpg&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=80&w=100&fy=220&gp=2011.125&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848598289&de=297062090411&cu=1595848598289&m=1181&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2011.125&lb=4306&le=1&lf=0&lg=1&lh=254&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=98&cd=0&ah=98&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=29307369%3A452196489%3A316148409%3A101222456769&bo=23586489&bp=23600769&bd=top&dfp=0%2C1&la=23600769&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=11x11&zMoatPS=top&zMoatSZPS=11x11%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23586489&zMoatOrigSlicer2=23600769&zMoatW=11&zMoatH=11&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatSN=c&zMoatSL=sharethrough-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=sharethrough-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=sharethrough-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=423166564&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 63ms
62ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=720001079047&rx=462308731682&cu=1595848596789&m=6406&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4306&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=1&ag=5110&an=1005&gi=1&gf=5110&gg=1005&ix=5110&ic=5110&ez=1&ck=1005&kw=770&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5110&bx=1005&ci=1005&jz=770&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5034&cd=770&ah=5034&am=770&rf=0&re=1&ft=4887&fv=782&fw=782&wb=2&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=leader-plus-top&tc=0&fs=183156&na=689805965&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
62ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=839325218696&rx=462308731682&cu=1595848596789&m=6609&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4306&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=1&ag=5089&an=1008&gi=1&gf=5089&gg=1008&ix=5089&ic=5089&ez=1&ck=1008&kw=879&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5089&bx=1008&ci=1008&jz=879&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4984&cd=879&ah=4984&am=879&rf=0&re=1&ft=4916&fv=835&fw=835&wb=2&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=mpu-plus-top&tc=0&fs=183156&na=984659514&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=1050&gp=2128&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=860373476147&rx=462308731682&cu=1595848596789&m=7015&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2128&lb=4306&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5194&cd=12&ah=5194&am=12&rf=0&re=1&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=mpu-middle&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tz=mpu-middle&tc=0&fs=183156&na=578110157&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 64ms
62ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=21120925712&rx=462308731682&cu=1595848596789&m=7016&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4306&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5178&cd=120&ah=5178&am=120&rf=0&re=1&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=mpu-bottom&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tz=mpu-bottom&tc=0&fs=183156&na=1725077456&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 61ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848598486&de=502771068409&cu=1595848598486&m=5323&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4306&le=1&lf=0&lg=1&lh=175&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A551%3A551%3A0%3A651&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5111&cd=11&ah=5111&am=11&rf=0&re=1&wb=1&cl=0&at=0&d=25477209%3A2495342617%3A5416102949%3A138316228418&bo=23586489&bp=23600769&bd=bottom&dfp=0%2C1&la=23600769&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=bottom&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23586489&zMoatOrigSlicer2=23600769&zMoatW=728&zMoatH=90&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatSN=c&zMoatSL=leader-plus-bottom%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-bottom&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=416740742&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 63ms
62ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=9&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=80&w=100&fy=220&gp=2011.125&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848598289&de=297062090411&cu=1595848598289&m=6332&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2011.125&lb=4306&le=1&lf=0&lg=1&lh=254&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A551%3A551%3A0%3A651&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5047&cd=98&ah=5047&am=98&rf=0&re=0&wb=1&cl=0&at=0&d=29307369%3A452196489%3A316148409%3A101222456769&bo=23586489&bp=23600769&bd=top&dfp=0%2C1&la=23600769&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=11x11&zMoatPS=top&zMoatSZPS=11x11%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23586489&zMoatOrigSlicer2=23600769&zMoatW=11&zMoatH=11&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatSN=c&zMoatSL=sharethrough-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=sharethrough-top&hv=iframe%20parent%20findAd&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=sharethrough-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=1240637901&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:44 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:44 GMT

GET
H2 200 nr-1169.min.js Show response
js-agent.newrelic.com/ 27 KB
10 KB 183ms
59ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1169.min.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cddee6bb37cab7b576ddf080fd6ba00fa8420d0afc0531f413633175e9e5f9c8

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:48 GMT
content-encoding: gzip
x-amz-request-id: 0F29A27F753E1AFD
x-cache: HIT
status: 200
content-length: 10276
x-amz-id-2: RTyRtbPoVluljTtYOi1PDmzXZ0EgpPGsJyhbvz8bvk6ESiFaefFHrKBOySEZQ3f3qaja+cszoxA=
x-served-by: cache-hhn4026-HHN
last-modified: Wed, 20 May 2020 21:16:15 GMT
server: AmazonS3
x-timer: S1595848608.208611,VS0,VE0
etag: "7e312620a90879b595db1bff9c42ed57"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 20122

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020072001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7377e9442f06a6f093bcfead340f0215ecd20b01026e70c7ccc86f2da70a93a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 11:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5601
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Mon, 27 Jul 2020 11:16:48 GMT

GET
H2 200 / Show response
www.zdnet.com/components/breaking-news/xhr/ 1 KB
625 B 122ms
122ms XHR
application/json 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/components/breaking-news/xhr/?slug=breaking-news-banner

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/7e1a59-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

89aedee42af8366b26ec80311a5e5c6443f822105d478b5c85034f04130876c9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 27 Jul 2020 11:08:52 GMT
x-frame-options: SAMEORIGIN
date: Mon, 27 Jul 2020 11:16:48 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
vary: Accept-Encoding, User-Agent
x-tx-id: 945ca3e0-f679-4ddb-8a2a-79767873e78e
content-type: application/json
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Mon, 27 Jul 2020 12:38:52 GMT

GET
H2 200 image-gallery-modal-426b98fe1d-rev.js Show response
zdnet1.cbsistatic.com/fly/js/components/ 5 KB
2 KB 8ms
8ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/components/image-gallery-modal-426b98fe1d-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

744ae87db00be85a6a482a3e8036f81aafaa7754be29b05a2330d0fbc8fea803

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317861
status: 200
vary: Accept-Encoding
content-length: 1860
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jul 2020 16:11:44 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "e3fd434984d0f12b311d2bfe92e432ba"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jul 2020 18:58:54 GMT

GET
H2 200 6.jpg
zdnet1.cbsistatic.com/hub/i/r/2020/05/28/35549c4c-2e31-47ee-94f5-614627982a1a/thumbnail/170x128/dd114373851ab7b99ecf739c5aca59bf/ 6 KB
5 KB 10ms
8ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2020/05/28/35549c4c-2e31-47ee-94f5-614627982a1a/thumbnail/170x128/dd114373851ab7b99ecf739c5aca59bf/6.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

b14f7717e055b155df7db760367261795bac2c2b2dafeff913024f4c5460eac3

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4523347
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 5135
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"78421a2e0e1168e5cd1b7a8d23773ce6"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 7.jpg
zdnet1.cbsistatic.com/hub/i/r/2020/05/28/c6ff1f6b-8315-4568-8797-fb05f52ef729/thumbnail/170x128/b582c95df031ac8be3d6f1f8e0bd61f2/ 11 KB
10 KB 10ms
8ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2020/05/28/c6ff1f6b-8315-4568-8797-fb05f52ef729/thumbnail/170x128/b582c95df031ac8be3d6f1f8e0bd61f2/7.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7c379ab81534f51d713095c0f9fba8184c26b0114bf13e84c3a7a6ef97c9e32a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455653
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 9876
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"8e03849e6e9b743611d4f3d35aca26cc"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 8.jpg
zdnet3.cbsistatic.com/hub/i/r/2020/05/28/9e7dcd17-4e23-4e82-a16a-94b9ca2e0c51/thumbnail/170x128/0d17e15a89fbf20fbddabb2d3486aa3a/ 12 KB
11 KB 11ms
9ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2020/05/28/9e7dcd17-4e23-4e82-a16a-94b9ca2e0c51/thumbnail/170x128/0d17e15a89fbf20fbddabb2d3486aa3a/8.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a3f2d3d73b3d7b16aae1e36f9e2b57cc1c4446429744de0dfadbeb58f125df0c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2805407
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 11145
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"7b497aa1b2a83ec63d1777a88676b0c2"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 9.jpg
zdnet1.cbsistatic.com/hub/i/r/2020/05/28/5ae7f51a-11ef-42d2-913e-66677eeb5190/thumbnail/170x128/6db048b17632da39f75e586485e243d3/ 12 KB
11 KB 9ms
7ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2020/05/28/5ae7f51a-11ef-42d2-913e-66677eeb5190/thumbnail/170x128/6db048b17632da39f75e586485e243d3/9.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

c685cd3b9c590dfc4183cf174235bdbc9a6096a8caf0004feb5e14329105a71e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2178772
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 10972
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"2fa8af078803491746235057c546c1b6"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 disqus-loader-e3cab293df-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 1 KB
810 B 7ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/disqus-loader-e3cab293df-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2b1068aa007abf0e405b0840844c67718204a0073dc392337d78427a0dba6854

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 516985
status: 200
vary: Accept-Encoding
content-length: 665
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jul 2020 17:06:21 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "b1834b35cdad1e5b7bfa1221000ce5b1"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jul 2020 11:40:21 GMT

GET
H2 200 sap.jpg
zdnet1.cbsistatic.com/hub/i/r/2020/07/13/91d541bc-417c-4b5c-b052-84f88e7cf9c5/thumbnail/170x128/5fb3c14ab7170205ca3a785adda9b176/ 4 KB
4 KB 12ms
7ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2020/07/13/91d541bc-417c-4b5c-b052-84f88e7cf9c5/thumbnail/170x128/5fb3c14ab7170205ca3a785adda9b176/sap.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2df264be1d0fde45c9f387f878bf485a2335f38cea23ca3bf65c0d429585ad88

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1155398
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 4309
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"f2c3b258e9cd8ba16e18f319b3c88c66"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 screenshot-2020-07-23-at-07-17-37.png
zdnet4.cbsistatic.com/hub/i/r/2020/07/23/26fa5562-6bad-41f5-ac66-45eb08764f1b/thumbnail/170x128/ea1c4445309545be64dee4ee335c9144/ 44 KB
44 KB 13ms
8ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2020/07/23/26fa5562-6bad-41f5-ac66-45eb08764f1b/thumbnail/170x128/ea1c4445309545be64dee4ee335c9144/screenshot-2020-07-23-at-07-17-37.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

5d02919d8d67d0fb9bcc89e863ead4e3dad82bc0e10f034886b136a79a638ee0

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344804
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 44600
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"283189e6b18db7d0c10f3887a2366a0e"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
www.zdnet.com/newsletter/xhr/widget-login/ 2 KB
1 KB 211ms
208ms XHR
application/json 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/newsletter/xhr/widget-login/?topic=security

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/7e1a59-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b19b8e731c648f249f3746e367a3acf953d92c4e29df37d9224e82b154c70af3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Mon, 27 Jul 2020 11:16:48 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
x-tx-id: ce36cbfa-a89f-494e-b6b8-fbf1c3dc7fa8
content-type: application/json
status: 200
cache-control: no-cache
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-xss-protection: 1; mode=block

GET
H2 200 front-door-carousel-d989216481-rev.js Show response
zdnet1.cbsistatic.com/fly/js/components/ 5 KB
2 KB 8ms
7ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/components/front-door-carousel-d989216481-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a0aa48808ddef7604ba969db62e4af3a2ba001b7a8751823cf0ab2d430308ea5

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317876
status: 200
vary: Accept-Encoding
content-length: 1542
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jul 2020 16:11:43 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "a63358483d92b8fff33b3e67b03c7506"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jul 2020 18:58:36 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
62ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=720001079047&rx=462308731682&cu=1595848596789&m=11419&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4306&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=1&ag=10123&an=5110&gi=1&gf=10123&gg=5110&ix=10123&ic=10123&ez=1&ck=1005&kw=770&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10123&bx=5110&ci=1005&jz=770&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9928&cd=5034&ah=9928&am=5034&rf=0&re=1&ft=6003&fv=4887&fw=782&wb=2&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=leader-plus-top&tc=0&fs=183156&na=1976042748&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:48 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2020/07/13/91d541bc-417c-4b5c-b052-84f88e7cf9c5/thumbnail/170x128/5fb3c14ab7170205ca3a785adda9b176/sap.jpg

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/7e1a59-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2df264be1d0fde45c9f387f878bf485a2335f38cea23ca3bf65c0d429585ad88

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1155398
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 4309
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"f2c3b258e9cd8ba16e18f319b3c88c66"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2020/07/23/26fa5562-6bad-41f5-ac66-45eb08764f1b/thumbnail/170x128/ea1c4445309545be64dee4ee335c9144/screenshot-2020-07-23-at-07-17-37.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/7e1a59-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

5d02919d8d67d0fb9bcc89e863ead4e3dad82bc0e10f034886b136a79a638ee0

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344804
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 44600
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"283189e6b18db7d0c10f3887a2366a0e"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame B9C3 0
0 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Mon, 27 Jul 2020 09:21:27 GMT
expires: Tue, 27 Jul 2021 09:21:27 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6921
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 show-hide-1.0-7bf562809f-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 2 KB
1001 B 9ms
9ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/show-hide-1.0-7bf562809f-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

cd715c0fa7d69e85432e8b08d0a02b9613edf40212cca2040bde31670167638e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 11:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303739
status: 200
vary: Accept-Encoding
content-length: 671
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jul 2020 16:11:44 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "865b50ea1b25f4b616b527faa21a1c89"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jul 2020 22:54:20 GMT

GET
H/1.1 200
OK 36c1ca5070 Show response
bam.nr-data.net/1/ 57 B
275 B 587ms
147ms Script
text/javascript 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/36c1ca5070?a=396312832&v=1169.7b094c0&to=NV1TZ0MHXxUFWxBYWQwXcFBFD14IS1kWRV8BVFRsQg9fAQhd&rst=13599&ck=1&ref=https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/&ap=801&be=277&fe=13391&dc=652&perf=%7B%22timing%22:%7B%22of%22:1595848594663,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:2,%22c%22:2,%22s%22:7,%22ce%22:17,%22rq%22:17,%22rp%22:253,%22rpe%22:326,%22dl%22:261,%22di%22:651,%22ds%22:651,%22de%22:651,%22dc%22:13391,%22l%22:13391,%22le%22:13406%7D,%22navigation%22:%7B%7D%7D&fp=550&fcp=550&at=GRpEEQsdTEpGWUYLTR9F&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1169.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H/1.1

200
OK

results.txt Show response
uxty4jaccc5ewxy6w6qa-p81kwc-0ac8026a7-clientnsv4-s.akamaihd.net/eum/ Frame 3574
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p81kwcn0h
https://uxty4jaccc5ewxy6w6qa-p81kwc-0ac8026a7-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
302 B

232ms
61ms

XHR
text/plain

2.16.186.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://uxty4jaccc5ewxy6w6qa-p81kwc-0ac8026a7-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 27 Jul 2020 11:16:48 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: Apache
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://uxty4jaccc5ewxy6w6qa-p81kwc-0ac8026a7-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Mon, 27 Jul 2020 11:16:48 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqj6absjkbikqbasqbgoaafbpr5n5a-p81kwc-29fe3c570-clienttons-s.akamaihd.net/eum/ Frame 3574
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p81kwcn0h
https://fiaqj6absjkbikqbasqbgoaafbpr5n5a-p81kwc-29fe3c570-clienttons-s.akamaihd.net/eum/results.txt

8 B
302 B

60ms
4ms

XHR
text/plain

2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqj6absjkbikqbasqbgoaafbpr5n5a-p81kwc-29fe3c570-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Apache /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 27 Jul 2020 11:16:48 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: Apache
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqj6absjkbikqbasqbgoaafbpr5n5a-p81kwc-29fe3c570-clienttons-s.akamaihd.net/eum/results.txt
Date: Mon, 27 Jul 2020 11:16:48 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 61ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=839325218696&rx=462308731682&cu=1595848596789&m=11622&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4359&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=98&vx=98%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=1&ag=10102&an=5089&gi=1&gf=10001&gg=5089&ix=10001&ic=10001&ez=1&ck=1008&kw=879&aj=1&pg=100&pf=100&ib=1&cc=1&bw=10102&bx=5089&ci=1008&jz=879&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9997&cd=4984&ah=9997&am=4984&rf=0&re=1&ft=5017&fv=4916&fw=835&wb=2&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=mpu-plus-top&tc=0&fs=183156&na=1313593603&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:48 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020072001&jk=1017227381211636&bg=!ICOlIztYj6rTSDbNtskCAAAAcVIAAAATCgAptzev0L1Y8TD4h49TEjFNmYvFLi8_5m3YHAuOSCMmUD7LGMtCPGVbjIiZAYQZx8WkaCz889s2-O-_58NLE9EUeIxNicaSTszj2wP-5fvwer5YB0vo9-JL4bnduEbAa2xvYDkjaTxd0BhizeOj0nNdfsPp-NRpP097wkWHeC-zz3LxNClCkrokElFniHAObQjKHfF__13e1wXAnybGQISTb56h66jGMreTMuyet2pbhxv5EIPvTfYJUVJCtkr3sl17CjHU6yqrgcMTRTcu4zOLk9SOqNtgC8CFbHeTRJkT-MgZXz63eFMtcKUeo9RPtJh8eGJvqc3QMOWChAqrdLREwaxL03Hl67spWs2jvaf4BQdVEbSuNqz55bheEPjqohUEO1soZgRGxxy69hcbMzc2lhF9SdyZacoAtWS3uMqYoX24fGrHewOEAIqimZEXb9x8RKjlJ25Tss3VhVsjwrOOlHwDUVTUfPchziotC8pPL4VV73xMmTfTxwBCrWbUIhvUrrg8UAIjerza13S6F_BJ9agWjMAUYozeSuAbJkBzawmYx19CkDGkdFLSCH5DA3I3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content /
6852bd07.akstat.io/ 0
354 B 394ms
258ms Other
image/gif 2a02:26f0:eb:189::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://6852bd07.akstat.io/

Requested by

Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:eb:189::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 27 Jul 2020 11:16:48 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Mon, 27 Jul 2020 11:16:48 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=21120925712&rx=462308731682&cu=1595848596789&m=12025&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4359&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10191&cd=5178&ah=10191&am=5178&rf=0&re=1&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=mpu-bottom&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tz=mpu-bottom&tc=0&fs=183156&na=2099555026&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:48 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 63ms
62ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848598486&de=502771068409&cu=1595848598486&m=10334&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4359&le=1&lf=0&lg=1&lh=175&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A551%3A551%3A0%3A651&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10129&cd=5111&ah=10129&am=5111&rf=0&re=1&wb=1&cl=0&at=0&d=25477209%3A2495342617%3A5416102949%3A138316228418&bo=23586489&bp=23600769&bd=bottom&dfp=0%2C1&la=23600769&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=bottom&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23586489&zMoatOrigSlicer2=23600769&zMoatW=728&zMoatH=90&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatSN=c&zMoatSL=leader-plus-bottom%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-bottom&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=1346879890&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:48 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 63ms
62ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=9&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=80&w=100&fy=220&gp=2064.125&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848598289&de=297062090411&cu=1595848598289&m=11338&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2064.125&lb=4359&le=1&lf=0&lg=1&lh=254&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A551%3A551%3A0%3A651&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10057&cd=5047&ah=10057&am=5047&rf=0&re=0&wb=1&cl=0&at=0&d=29307369%3A452196489%3A316148409%3A101222456769&bo=23586489&bp=23600769&bd=top&dfp=0%2C1&la=23600769&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=11x11&zMoatPS=top&zMoatSZPS=11x11%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23586489&zMoatOrigSlicer2=23600769&zMoatW=11&zMoatH=11&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatSN=c&zMoatSL=sharethrough-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=sharethrough-top&hv=iframe%20parent%20findAd&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=sharethrough-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=1498621701&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:49 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:49 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 61ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F7736773485993583959%3Fsqp%3D4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4%26rs%3DAOga4qkF6RFi6gvnO2JCco_iAc0bLgNffg&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=720001079047&rx=462308731682&cu=1595848596789&m=16462&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4359&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=1&ag=15166&an=10123&gi=1&gf=15166&gg=10123&ix=15166&ic=15166&ez=1&ck=1005&kw=770&aj=1&pg=100&pf=100&ib=0&cc=1&bw=15166&bx=10123&ci=1005&jz=770&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15091&cd=9928&ah=15091&am=9928&rf=0&re=1&ft=6003&fv=6003&fw=782&wb=2&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=leader-plus-top&tc=0&fs=183156&zsqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&zrs=AOga4qkF6RFi6gvnO2JCco_iAc0bLgNffg&na=1057353403&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:53 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 76ms
75ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=3&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=7&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=970&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=720001079047&rx=462308731682&cu=1595848596789&m=16664&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4359&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=1&ag=15368&an=15166&gi=1&gf=15368&gg=15166&ix=15368&ic=15368&ez=1&ck=1005&kw=770&aj=1&pg=100&pf=100&ib=0&cc=1&bw=15368&bx=15166&ci=1005&jz=770&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15292&cd=15091&ah=15292&am=15091&rf=0&re=1&ft=6003&fv=6003&fw=782&wb=2&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=leader-plus-top&tc=0&fs=183156&na=1950242459&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:53 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
62ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F4152293380393464882%3Fsqp%3D4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4%26rs%3DAOga4ql4Ddjlwb_OEvyFv-aOPA9wXFQgfg&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=839325218696&rx=462308731682&cu=1595848596789&m=16666&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4359&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=98&vx=98%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=1&ag=15145&an=10102&gi=1&gf=10001&gg=10001&ix=10001&ic=10001&ez=1&ck=1008&kw=879&aj=1&pg=100&pf=100&ib=1&cc=1&bw=15145&bx=10102&ci=1008&jz=879&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15040&cd=9997&ah=15040&am=9997&rf=0&re=1&ft=5017&fv=5017&fw=835&wb=2&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=mpu-plus-top&tc=0&fs=183156&zsqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&zrs=AOga4ql4Ddjlwb_OEvyFv-aOPA9wXFQgfg&na=2126852236&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:53 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=3&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=7&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=839325218696&rx=462308731682&cu=1595848596789&m=16870&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4359&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=98&vx=98%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=1&ag=15350&an=15145&gi=1&gf=10001&gg=10001&ix=10001&ic=10001&ez=1&ck=1008&kw=879&aj=1&pg=100&pf=100&ib=1&cc=1&bw=15350&bx=15145&ci=1008&jz=879&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15242&cd=15040&ah=15242&am=15040&rf=0&re=1&ft=5017&fv=5017&fw=835&wb=2&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=mpu-plus-top&tc=0&fs=183156&na=858689606&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:53 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
61ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=aw-zdnet&zMoatAdUnit2=security&wf=1&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=1050&gp=2189&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848596789&de=860373476147&rx=462308731682&cu=1595848596789&m=16872&ar=07599ed-clean&iw=6494274&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2189&lb=4359&le=1&lf=743&lg=1&lh=48&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A551%3A551%3A0%3A651&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15048&cd=5194&ah=15048&am=5194&rf=0&re=1&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=aw-zdnet&bp=security&bd=security&dfp=0%2C1&la=security&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsprebidheader506831276743&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=mpu-middle&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tz=mpu-middle&tc=0&fs=183156&na=227025348&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:53 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
62ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F18316741427266338429%3F&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848598486&de=502771068409&cu=1595848598486&m=15378&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4359&le=1&lf=0&lg=1&lh=175&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A551%3A551%3A0%3A651&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15173&cd=10129&ah=15173&am=10129&rf=0&re=1&wb=1&cl=0&at=0&d=25477209%3A2495342617%3A5416102949%3A138316228418&bo=23586489&bp=23600769&bd=bottom&dfp=0%2C1&la=23600769&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=bottom&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23586489&zMoatOrigSlicer2=23600769&zMoatW=728&zMoatH=90&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatSN=c&zMoatSL=leader-plus-bottom%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-bottom&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=1141005772&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:53 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 63ms
62ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&vb=9&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.zdnet.com%2F%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F%20%20https%3A%2F%2Fcreatives.cbsileads.com%2Fimages%2Fdoctype%2FexpertGroup_125x100.jpg&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=80&w=100&fy=220&gp=2064.125&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency%2F&id=1&ii=4&f=0&j=&t=1595848598289&de=297062090411&cu=1595848598289&m=16383&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2064.125&lb=4359&le=1&lf=0&lg=1&lh=254&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A551%3A551%3A0%3A651&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15101&cd=10057&ah=15101&am=10057&rf=0&re=0&wb=1&cl=0&at=0&d=29307369%3A452196489%3A316148409%3A101222456769&bo=23586489&bp=23600769&bd=top&dfp=0%2C1&la=23600769&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=11x11&zMoatPS=top&zMoatSZPS=11x11%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23586489&zMoatOrigSlicer2=23600769&zMoatW=11&zMoatH=11&zMoatVGUID=db5d1bf2-5a9a-43ef-bae2-2907b150d22f&zMoatSN=c&zMoatSL=sharethrough-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fprometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency&zMoatDev=Desktop&zMoatDfpSlotId=sharethrough-top&hv=iframe%20parent%20findAd&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=sharethrough-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=906079463&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 11:16:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 27 Jul 2020 11:16:54 GMT

POST
H/1.1 200
OK 36c1ca5070 Show response
bam.nr-data.net/events/1/ 24 B
180 B 147ms
147ms XHR
image/gif 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/36c1ca5070?a=396312832&v=1169.7b094c0&to=NV1TZ0MHXxUFWxBYWQwXcFBFD14IS1kWRV8BVFRsQg9fAQhd&rst=23605&ck=1&ref=https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1169.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.zdnet.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.zdnet.com/	1970-01-19 11:27:33	Name: RT Value: "z=1&dm=zdnet.com&si=eecbe64f-f82c-4ba9-b872-41aebe940baa&ss=kd4f1sdj&sl=1&tt=ace&bcn=%2F%2F6852bd07.akstat.io%2F&ld=ack"
			www.zdnet.com/	1969-12-31 23:59:59	Name: viewGuid Value: db5d1bf2-5a9a-43ef-bae2-2907b150d22f

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 396) Message: Found registered service worker: [object ServiceWorkerRegistration]
console-api	info	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 381) Message: Registration of service worker /service-worker.js successful with scope:https://www.zdnet.com/
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: _injectQueryStringGCP functional
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_chartbeat_video performance
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_tealium functional
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 94) Message: Loading iframes
console-api	log	(Line 72) Message: blank creative loaded: 138239468890 (5 x 5, pos=nav, slot=nav-ad)
console-api	log	(Line 18) Message: GIF/JPG: 138316228418 (728 x 90)
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 5) Message: Post Message has been triggered! FrameName checked: google_ads_iframe_/8264/aw-zdnet/security_3
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 164) Message: Dynamic Showcase Center container ::: creative id = 138247024569
console-api	info	URL: https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js(Line 421) Message: Powered by AMP ⚡ HTML – Version 2007210634000 https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
console-api	info	URL: https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js(Line 421) Message: Powered by AMP ⚡ HTML – Version 2007210634000 https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
console-api	info	URL: https://cdn.ampproject.org/rtv/032007210634000/amp4ads-v0.js(Line 421) Message: Powered by AMP ⚡ HTML – Version 2007210634000 https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/
console-api	log	(Line 72) Message: blank creative loaded: 138239479696 (372 x 142, pos=, slot=dynamic_showcase__0)
console-api	log	(Line 72) Message: blank creative loaded: 138239375180 (372 x 142, pos=, slot=dynamic_showcase__1)
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_urban_airship targeting
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_sharebar social
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_sharebar social
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_taboola targeting
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_async_load targeting
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

668ef347673356d422d82b246a815195.safeframe.googlesyndication.com
677756612204b02249613994bc3a06d0.safeframe.googlesyndication.com
6852bd07.akstat.io
6852bd0a.akstat.io
a.teads.tv
adservice.google.com
adservice.google.de
adservice.google.ee
ajax.googleapis.com
at.cbsi.com
bam.nr-data.net
c.go-mpulse.net
cbsdfp5832910442.s.moatpixel.com
cdn.ampproject.org
cdn.cookielaw.org
confiant-integrations.global.ssl.fastly.net
creatives.cbsileads.com
fiaqj6absjkbikqbasqbgoaafbpr5n5a-p81kwc-29fe3c570-clienttons-s.akamaihd.net
geo.moatads.com
geolocation.onetrust.com
googleads.g.doubleclick.net
im.cbsileads.com
js-agent.newrelic.com
mb.moatads.com
pagead2.googlesyndication.com
production-cmp.isgprivacy.cbsi.com
px.moatads.com
rev.cbsi.com
s8t.teads.tv
saa.cbsi.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.cbsileads.com
sync.teads.tv
t.teads.tv
tpc.googlesyndication.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
urs.zdnet.com
uxty4jaccc5ewxy6w6qa-p81kwc-0ac8026a7-clientnsv4-s.akamaihd.net
vidtech.cbsinteractive.com
www.google.com
www.googletagservices.com
www.zdnet.com
z.moatads.com
zdnet1.cbsistatic.com
zdnet2.cbsistatic.com
zdnet3.cbsistatic.com
zdnet4.cbsistatic.com
107.178.248.185
15.236.175.233
151.101.114.110
151.101.129.188
151.101.13.194
162.247.242.18
18.132.99.227
2.16.186.75
2.21.37.179
216.58.212.162
23.202.53.124
23.202.53.245
23.210.248.12
23.210.250.213
23.42.18.223
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6814:b944
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:801::2004
2a00:1450:4001:815::2002
2a00:1450:4001:816::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81f::2001
2a00:1450:4001:824::200a
2a01:4a0:1338:28::c38a:ff11
2a01:4a0:1338:28::c38a:ff18
2a02:26f0:6c00:192::11a6
2a02:26f0:eb:189::11a6
2a02:26f0:eb:18c::11a6
2a02:26f0:f1:1a1::36f1
2a04:4e42:1b::444
2a04:4e42:1b::645
3.11.4.3
34.102.213.242
34.120.132.76
35.190.21.111
95.100.118.141
0025565f0cddfceb7ebdbc4b21d2552c894998e443153f97a6e8b353dfd9bebd
00d39d18d8f1c6b914c95896a407ec3343b866ad7d57313d7e27508a4c6daab7
021e085771e1962ecb4f56e42a7be237fb12555d628e484058cd1759bc5239e0
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07b69027231d985f5bdcd4d5a539f120d26003feef6e9dc0a6b77a4b43a9b21f
0847fb2a4b12a2cfd5b8775ebf0a1ca59c1d8c34894ee2f3f26e827969f39567
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0b960c8f9b3fb4ca1d0b1f43e40b5defd11dbf0fd60ebad49ad50ecc06119170
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c
17ad12c736ff182aad46e63f6381a9912068530dafaefab304773ed4ff6c93be
182a89465b41184e94a9c883fda672d21dd4c878e3405985f645f7b0bc3f82d3
1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9
1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b
21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2a410bd43ec069d948ea1fb0b294698b05233d03a16994be034e2bc6c51f316b
2b1068aa007abf0e405b0840844c67718204a0073dc392337d78427a0dba6854
2b292ccf57070159c7547539f735f83284bb4ac998c898796907c99aaf2a1754
2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab
2df264be1d0fde45c9f387f878bf485a2335f38cea23ca3bf65c0d429585ad88
30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280
30daefe8344e9de3c628b7e4b5fd262b548ebb662875a5bd75353214d30cf872
31e539be75870ad6cec377525eb196ea9fbc423ea53d68c03b2c94b96701bc47
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32aecfed610dc7dbbd9de8af1b2b358ad8d35db7b4ac4e06a5ed5a9f607021d7
347ad6a072d4d8e03def375332f660160a0de95dff953d1dc575476b1975681d
360a25e0b7ac5376a0c319d1eac76df31ffcce5b82faa2f3a0b3ef70f370d151
360bcaf459f5f84a37a75ef8a701027dd3b1c8c282c1a8791165f9df41f11519
39b12879b984bcd9b78d8b9d7a0e5773015d521ec4cd60ba2b987eb17ca8099b
43bb80859836eb8547cbeec75495b055ab996d2252b8b945af0ff8c4cb0730ad
4d7d83ce48809f2a03b71f8a6f4a0d983123cf4541a54fa2efacb3f9277362ff
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53cb93f06deb9d0d5dd43bb2a71a5a20203fe8c0b60dbeb8818d354cd322123e
57f3f0379ec83f9bed92275bbd303a4eb7eb67a7d6b10599183695173c41a3ec
5b262ba67cbc58425a4ab92cc469447f6fc02bd9782a879d4efab473cd467d77
5d02919d8d67d0fb9bcc89e863ead4e3dad82bc0e10f034886b136a79a638ee0
5f1c003de00900209a78e16fa095d1cf1ecd336ce33887167c18dd19bf3d96b5
61a0236fccc11095a6452df96ad33d58f7f0a340d5c7e2653e306770cba11a25
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
66f14ced94dbd60cb3c1f8fc74f67f01d05b4cbeee93c877a2e86ad31847eb44
69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c
699a6949abe002dcf9264cb0bd3d8910b3252c60b0092ba235937601e5765028
7377e9442f06a6f093bcfead340f0215ecd20b01026e70c7ccc86f2da70a93a7
744ae87db00be85a6a482a3e8036f81aafaa7754be29b05a2330d0fbc8fea803
7c379ab81534f51d713095c0f9fba8184c26b0114bf13e84c3a7a6ef97c9e32a
7ec10371d71af57fb87dbabef77b350d1832c359d895ee48c574fd563adffec1
7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6
7fdf1018ffa2b362209347cc2a17cb7d8eb4aeea8e1897e5068ea922cc786384
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
89aedee42af8366b26ec80311a5e5c6443f822105d478b5c85034f04130876c9
8ace91527c04b3ba5ab5cf6be2c152161c55479e8f02ecb357bc0d3d16a8f014
8e049f1f45902c381e0c411bb989f63d51bb482ec5951037a48be2aef08ab2fd
8f72f37148f16c497a9446258e5f8a80495f5e8c3adc408a9d63bf4574511c46
95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9a42afa5f0e28f65e17da62e0166350ce416d029390a7eed371780b58b166eb4
9aa297430269a62d1bd64fdd71e54bcdeb2ef17c2cbd4b621f5f5d8d625e0706
a0aa48808ddef7604ba969db62e4af3a2ba001b7a8751823cf0ab2d430308ea5
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a3f2d3d73b3d7b16aae1e36f9e2b57cc1c4446429744de0dfadbeb58f125df0c
a4cdfa0fecc63b6ca25aa37dff86bd420364c21fb0fbaafad755bb85e5cdfebc
a5df4cbe089972488f66c3dc318c74ff2467967db69f87d00e54948ad0ca2b56
a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14f7717e055b155df7db760367261795bac2c2b2dafeff913024f4c5460eac3
b19b8e731c648f249f3746e367a3acf953d92c4e29df37d9224e82b154c70af3
b241cd19eb72e4a462e83913abd20a8362a1a9abe45f824fbc04aec01bafc494
b291917b6213d67d95fd4fdb48cb539508f34d65c0eaeb6939f3ba1a893a10da
b4b2d45758098ad4513cbcb4b8d2ea58c84f37ab1642b9aefd81818da523e8c6
bd162f540d2ced39e73b10c5c7d51e84db1b90242419de4ffbe983a3f487affd
be015548a7a85eeae6137f843f5e76cf69ed99d2e989eb76c045431f2f712d2a
c14005cb17c274cd63b6e4c355ef06cbbd5a3691e62e83a062a38407efc9df06
c2d107b2b6fd34efc47d3ee61f5a41eb49548e0788beed0a16705f292d31702c
c5e5742593fb85b25251acdb96a2f0d31ee17b2eb8b6b8c737714ea1efc56a11
c650f7fb4536b8b2d46b8b368d53bff8143fe2abef906a4a4c5b8fc0b4e6766e
c685cd3b9c590dfc4183cf174235bdbc9a6096a8caf0004feb5e14329105a71e
cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a
cd715c0fa7d69e85432e8b08d0a02b9613edf40212cca2040bde31670167638e
cddee6bb37cab7b576ddf080fd6ba00fa8420d0afc0531f413633175e9e5f9c8
cdf525091995fe88f6f738cd3448210984bd9f9530b29dd8f0da3a76f79d416e
ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41
d31486ee7824e091c31b8404a326b83455b3981e8b34aa192e19f02b838fc42e
dface7334524d5b6f437b40f2c99ed3ae0dbea4e663cf6ee0b4ef0e37c4588d8
dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51744548b52ea765aaea50961869fe41b8102efc1e84f8ebc340c3ca13e17f4
e62d1867c634428f40afbe1021ccb29c83c420b0f55d672521448e07f3d2eeb1
e764c0338622fe508734a36d660bdb5b6faebcba7051042265ce89fad96dd8d4
ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec
ebcd5e90336ad4d1e139c96c1966ad56be1f7af66f1cabe9fc2d9a770bd70d6f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14d0b5bdba6df0ce559261f0a5dae89e6def28580f94e3689a8753b9dca0bd7
f2739db43b50c56a15acbf088b8a560e3de462eb1590b8f0982ce02cda932182
f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0
fb199303a3c6c4ec7d96d3135a9798cf63f52e829aba12d2ae8c30f01425281a
fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127
fb8dda9221a64450a8195dc4e776a3dcc0770c56bfa05ef2372ca87a0e841d74
ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

www.zdnet.com Open in urlscan Pro 2a04:4e42:1b::444 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

236 Requests

100 %HTTPS

47 %IPv6

25 Domains

49 Subdomains

37 IPs

6 Countries

3743 kBTransfer

10837 kBSize

2 Cookies

37 Outgoing links

Redirected requests

236 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.zdnet.com Open in urlscan Pro
2a04:4e42:1b::444 Public Scan

Screenshot
Live screenshot

Full Image

236
Requests

100 %
HTTPS

47 %
IPv6

25
Domains

49
Subdomains

37
IPs

6
Countries

3743 kB
Transfer

10837 kB
Size

2
Cookies

236 HTTP transactions
14 data transactions