www.darkreading.com Open in urlscan Pro
2400:cb00:2048:1::6811:7863 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Submission: On July 18 via api (July 18th 2018, 1:30:01 pm UTC) from US

Summary HTTP 263 Redirects Links 76 Behaviour Indicators

Summary

This website contacted 61 IPs in 7 countries across 41 domains to perform 263 HTTP transactions. The main IP is 2400:cb00:2048:1::6811:7863, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.darkreading.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on March 2nd 2018. Valid for: 6 months.

This is the only time www.darkreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2400:cb00:204... 2400:cb00:2048:1::6811:7863	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:400e:803::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
16	2400:cb00:204... 2400:cb00:2048:1::681b:85c7	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2400:cb00:204... 2400:cb00:2048:1::6818:7875	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2400:cb00:204... 2400:cb00:2048:1::6818:452	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2620:103::192... 2620:103::192:155:48:22	19994 (RACKSPACE) (RACKSPACE - Rackspace Hosting)
1	151.139.239.5 151.139.239.5	54104 (AS-STACKPATH) (AS-STACKPATH - netDNA)
1 3	52.25.33.8 52.25.33.8	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE - Google LLC)
44	2400:cb00:204... 2400:cb00:2048:1::681c:1636	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
8	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	104.111.240.34 104.111.240.34	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
12	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY - Fastly)
2	2620:103::192... 2620:103::192:155:48:48	19994 (RACKSPACE) (RACKSPACE - Rackspace Hosting)
2	172.82.228.18 172.82.228.18	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	66.117.29.3 66.117.29.3	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
2	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
10	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
11	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE - Google LLC)
1	23.111.11.217 23.111.11.217	54104 (AS-STACKPATH) (AS-STACKPATH - netDNA)
2 3	34.241.222.191 34.241.222.191	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2a00:1148:db0... 2a00:1148:db00::18	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	185.33.223.210 185.33.223.210	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2 5	104.111.214.103 104.111.214.103	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
5	159.122.87.148 159.122.87.148	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
2	46.105.202.39 46.105.202.39	16276 (OVH) (OVH)
15	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.33.200.77 52.33.200.77	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a03:2880:f11... 2a03:2880:f11c:8186:face:b00c:0:50fb	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	159.122.87.153 159.122.87.153	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
4	2a00:1450:400... 2a00:1450:400e:803::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.203.24.244 52.203.24.244	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:817::200d	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.50.88.138 52.50.88.138	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2400:cb00:204... 2400:cb00:2048:1::6819:f763	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2620:103::192... 2620:103::192:155:48:119	19994 (RACKSPACE) (RACKSPACE - Rackspace Hosting)
1	104.111.238.191 104.111.238.191	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2606:2800:234... 2606:2800:234:1a46:1c04:1676:610:129d	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	2.18.234.227 2.18.234.227	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	54.221.226.172 54.221.226.172	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	54.192.94.74 54.192.94.74	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	142.0.160.13 142.0.160.13	7160 (NETDYNAMICS) (NETDYNAMICS - Oracle Corporation)
1 3	209.167.231.17 209.167.231.17	7160 (NETDYNAMICS) (NETDYNAMICS - Oracle Corporation)
18	54.192.94.49 54.192.94.49	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
22	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	52.210.103.2 52.210.103.2	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	54.72.188.174 54.72.188.174	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	184.72.232.165 184.72.232.165	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	54.76.26.3 54.76.26.3	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
8	52.202.3.209 52.202.3.209	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	176.34.134.245 176.34.134.245	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	54.192.94.110 54.192.94.110	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	54.195.254.9 54.195.254.9	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
263	61

9 2400:cb00:2048:1::6811:7863 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:803::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2400:cb00:2048:1::681b:85c7 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

twimgs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:cb00:2048:1::6818:7875 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

i.ubm-us.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:cb00:2048:1::6818:452 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

epromos.ubmcanon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:103::192:155:48:22 (United States)

ASN19994 (RACKSPACE - Rackspace Hosting, US)

dsimg.ubm-us.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.239.5 (Dallas, United States)

ASN54104 (AS-STACKPATH - netDNA, US)

static.adsnative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.25.33.8 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-25-33-8.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2400:cb00:2048:1::681c:1636 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

img.deusm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.240.34 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-240-34.deploy.static.akamaitechnologies.com

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.14.109 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

f1.media.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:103::192:155:48:48 (United States)

ASN19994 (RACKSPACE - Rackspace Hosting, US)

ins.techweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.82.228.18 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.d3.sc.omtrdc.net

ubmtech.d3.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (Lehi, United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.29.3 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)

ubm.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.16.194 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f194.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.11.217 (Phoenix, United States)

ASN54104 (AS-STACKPATH - netDNA, US)

api-cache.adsnative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.241.222.191 (United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-241-222-191.eu-west-1.compute.amazonaws.com

rudy.adsnative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::18 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.210 (European Union) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.214.103 (Amsterdam, Netherlands) 2 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-214-103.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 159.122.87.148 (Frankfurt, Germany)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 94.57.7a9f.ip4.static.sl-reverse.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.202.39 (France)

ASN16276 (OVH, FR)

u.heatmap.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:81c::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.33.200.77 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-33-200-77.us-west-2.compute.amazonaws.com

ubm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8186:face:b00c:0:50fb (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.122.87.153 (Frankfurt, Germany)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 99.57.7a9f.ip4.static.sl-reverse.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.79.197.200 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:803::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (European Union)

ASN20940 (AKAMAI-ASN1, US)

static.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.24.244 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-203-24-244.compute-1.amazonaws.com

ads.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.88.138 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-88-138.eu-west-1.compute.amazonaws.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6819:f763 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:103::192:155:48:119 (United States)

ASN19994 (RACKSPACE - Rackspace Hosting, US)

ng.techweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.238.191 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-238-191.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:1a46:1c04:1676:610:129d (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (San Francisco, United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.227 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-227.deploy.static.akamaitechnologies.com

cdn.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.221.226.172 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-221-226-172.compute-1.amazonaws.com

polo-v1.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.94.74 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-94-74.fra2.r.cloudfront.net

marco.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.0.160.13 (Redwood City, United States) 1 redirects

ASN7160 (NETDYNAMICS - Oracle Corporation, US)

s657486201.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.167.231.17 (United States) 1 redirects

ASN7160 (NETDYNAMICS - Oracle Corporation, US)
PTR: e017.en25.com

s2150.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 54.192.94.49 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-94-49.fra2.r.cloudfront.net

cache-ssl.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.103.2 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-103-2.eu-west-1.compute.amazonaws.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.188.174 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-188-174.eu-west-1.compute.amazonaws.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.72.232.165 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-184-72-232-165.compute-1.amazonaws.com

polo-v1.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.26.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-26-3.eu-west-1.compute.amazonaws.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.202.3.209 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-202-3-209.compute-1.amazonaws.com

track.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.134.245 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-176-34-134-245.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.94.110 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-94-110.fra2.r.cloudfront.net

cache-ssl.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.40 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.254.9 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-195-254-9.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	deusm.com img.deusm.com	539 KB
29	celtra.com ads.celtra.com cache-ssl.celtra.com track.celtra.com	595 KB
23	twimg.com cdn.syndication.twimg.com pbs.twimg.com ton.twimg.com	151 KB
23	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	606 KB
16	twimgs.com twimgs.com	315 KB
12	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	94 KB
12	brightcove.com f1.media.brightcove.com	58 KB
10	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	118 KB
9	darkreading.com 1 redirects www.darkreading.com	50 KB
7	feathr.co cdn.feathr.co polo-v1.feathr.co marco.feathr.co	23 KB
7	teads.tv 1 redirects a.teads.tv cdn.teads.tv t.teads.tv sync.teads.tv	178 KB
7	google.com www.google.com apis.google.com accounts.google.com	98 KB
6	eloqua.com 2 redirects s657486201.t.eloqua.com s2150.t.eloqua.com	3 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	112 KB
6	ubm-us.net i.ubm-us.net dsimg.ubm-us.net	203 KB
5	facebook.com www.facebook.com staticxx.facebook.com	390 B
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com	3 KB
5	adsnative.com 2 redirects static.adsnative.com api-cache.adsnative.com rudy.adsnative.com	19 KB
4	adroll.com s.adroll.com d.adroll.com	64 KB
4	demdex.net 1 redirects dpm.demdex.net ubm.demdex.net	2 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	89 KB
3	facebook.net connect.facebook.net	91 KB
3	omtrdc.net ubmtech.d3.sc.omtrdc.net ubm.tt.omtrdc.net	1 KB
3	techweb.com ins.techweb.com ng.techweb.com	6 KB
3	ubmcanon.com epromos.ubmcanon.com	69 KB
2	bing.com bat.bing.com	7 KB
2	heatmap.it u.heatmap.it	11 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	google.de adservice.google.de www.google.de	282 B
2	google-analytics.com ssl.google-analytics.com	17 KB
2	linkedin.com platform.linkedin.com	47 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	ytimg.com s.ytimg.com	8 KB
1	youtube.com www.youtube.com	931 B
1	adsrvr.org 1 redirects match.adsrvr.org	461 B
1	en25.com img.en25.com	3 KB
1	licdn.com static.licdn.com	41 KB
1	mail.ru 1 redirects ad.mail.ru	361 B
1	googletagservices.com www.googletagservices.com	8 KB
1	everesttech.net 1 redirects cm.everesttech.net	527 B
1	googleadservices.com www.googleadservices.com	7 KB
263	41

	Domain	Requested by
44	img.deusm.com	www.darkreading.com tpc.googlesyndication.com
20	cache-ssl.celtra.com	ads.celtra.com www.darkreading.com
19	pbs.twimg.com	www.darkreading.com
16	twimgs.com	www.darkreading.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.darkreading.com
12	f1.media.brightcove.com	www.darkreading.com
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.darkreading.com
9	www.darkreading.com	1 redirects www.darkreading.com
8	track.celtra.com	www.darkreading.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.darkreading.com
8	platform.twitter.com	www.darkreading.com platform.twitter.com
6	dev.visualwebsiteoptimizer.com	www.darkreading.com dev.visualwebsiteoptimizer.com
5	polo-v1.feathr.co	cdn.feathr.co www.darkreading.com
5	sb.scorecardresearch.com	2 redirects www.darkreading.com
4	apis.google.com	www.darkreading.com apis.google.com
4	www.facebook.com	www.darkreading.com connect.facebook.net
4	i.ubm-us.net	www.darkreading.com
3	ton.twimg.com	platform.twitter.com www.darkreading.com
3	s2150.t.eloqua.com	1 redirects www.darkreading.com img.en25.com
3	s657486201.t.eloqua.com	1 redirects img.en25.com www.darkreading.com
3	connect.facebook.net	www.darkreading.com connect.facebook.net
3	rudy.adsnative.com	2 redirects www.darkreading.com
3	dpm.demdex.net	1 redirects epromos.ubmcanon.com www.darkreading.com
3	epromos.ubmcanon.com	www.darkreading.com
2	d.adroll.com	s.adroll.com
2	s.adroll.com	www.darkreading.com s.adroll.com
2	sync.teads.tv	1 redirects cdn.teads.tv
2	t.teads.tv	www.darkreading.com
2	syndication.twitter.com	1 redirects www.darkreading.com
2	a.teads.tv	securepubads.g.doubleclick.net cdn.teads.tv
2	fonts.gstatic.com	www.darkreading.com
2	bat.bing.com	www.darkreading.com
2	u.heatmap.it	www.darkreading.com u.heatmap.it
2	ib.adnxs.com	2 redirects
2	ssl.google-analytics.com	www.darkreading.com
2	www.google.com	dsimg.ubm-us.net www.darkreading.com
2	ubmtech.d3.sc.omtrdc.net	epromos.ubmcanon.com www.darkreading.com
2	ins.techweb.com	www.darkreading.com ins.techweb.com
2	platform.linkedin.com	www.darkreading.com platform.linkedin.com
2	dsimg.ubm-us.net	www.darkreading.com
2	fonts.googleapis.com	www.darkreading.com
1	s.ytimg.com	www.youtube.com
1	www.youtube.com	www.darkreading.com
1	match.adsrvr.org	1 redirects
1	marco.feathr.co	www.darkreading.com
1	cdn.teads.tv	a.teads.tv
1	cdn.syndication.twimg.com	platform.twitter.com
1	img.en25.com	twimgs.com
1	ng.techweb.com	twimgs.com
1	cdn.feathr.co	www.darkreading.com
1	accounts.google.com	apis.google.com
1	ads.celtra.com	www.darkreading.com
1	static.licdn.com	www.darkreading.com
1	staticxx.facebook.com	connect.facebook.net
1	www.google.de	www.darkreading.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.gstatic.com	www.google.com
1	ubm.demdex.net	epromos.ubmcanon.com
1	ad.mail.ru	1 redirects
1	api-cache.adsnative.com	static.adsnative.com
1	adservice.google.de	www.googletagservices.com
1	www.googletagservices.com	www.darkreading.com
1	ubm.tt.omtrdc.net	epromos.ubmcanon.com
1	cm.everesttech.net	1 redirects
1	www.googleadservices.com	www.darkreading.com
1	static.adsnative.com	www.darkreading.com
263	66

This site contains links to these domains. Also see Links.

Domain
www.informationweek.com
www.networkcomputing.com
ng.techweb.com
createyournextcustomer.techweb.com
reports.informationweek.com
www.facebook.com
twitter.com
www.linkedin.com
plus.google.com
insecurity.com
teads.tv
securelist.com
www.mcafee.com
adclick.g.doubleclick.net
event.darkreading.com
webinar.informationweek.com
webinar.darkreading.com
reg.interop.com
www.blackhat.com
web.nvd.nist.gov
www.wrightsreprints.com
www.ubmtechweb.com
contentmarketinginstitute.com
www.contentmarketingworld.com
www.enterpriseconnect.com
www.gdconf.com
www.gamasutra.com
www.thinkhdi.com
www.icmi.com
www.interop.com
www.nojitter.com
www.smworld.com
www.xrdconf.com
tech.ubm.com
events.ubm.com
wrightsmedia.com
legal.us.ubm.com
reg.ubmamevents.com

Subject Issuer	Validity	Valid
ssl764998.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-03-02` - `2018-09-08`	6 months	crt.sh
sni137786.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-07-06` - `2019-01-12`	6 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.apis.google.com Google Internet Authority G3	`2018-07-03` - `2018-09-11`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
accounts.google.com Google Internet Authority G3	`2018-06-19` - `2018-08-28`	2 months	crt.sh
ng.techweb.com Let's Encrypt Authority X3	`2018-06-18` - `2018-09-16`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2017-12-02` - `2018-12-05`	a year	crt.sh
ins.techweb.com Let's Encrypt Authority X3	`2018-06-18` - `2018-09-16`	3 months	crt.sh
*.teads.tv Gandi Standard SSL CA 2	`2018-04-13` - `2019-05-06`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Frame ID: E88D36113169FDDE12FD6800890E2B17
Requests: 193 HTTP requests in this frame

Frame: https://ubm.demdex.net/dest5.html?d_nsid=0
Frame ID: BC8D1DFC974036F7FB1DBF1B0733318F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180711/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: 33506B0E393D87EB55F2DA7D206F4E1D
Requests: 5 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fwww.darkreading.com&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 2C1E7D43AFFE4E0D2482C3AE6B41DEE2
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/LnGK1eIuZ8c.js?version=42
Frame ID: FDDAD7DE434D5550E7D495C162B0848E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180711/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: C83F0F6BCCC0B17BFB66AD892453870F
Requests: 5 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.darkreading.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: CF1C59F3A7D6510377DF85BBCEDFCA87
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180711/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: 62ABD3642CF05DF8EA616D7310591C4B
Requests: 4 HTTP requests in this frame

Frame: https://ng.techweb.com/authds/login/login.jsp?type=iframe&cdsocket_client=https://www.darkreading.com/cdsocket_proxy.html
Frame ID: 009CBD7F0384D1B42342D1D58D727994
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7a5ca036ea5299f1d2ebb2234731e35e.html?origin=https%3A%2F%2Fwww.darkreading.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 7506FFC34926793A6AA16955DE939A55
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/connect/ping?client_id=640989409269461&domain=www.darkreading.com&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FLnGK1eIuZ8c.js%3Fversion%3D42%23cb%3Df96b1a019c1f3%26domain%3Dwww.darkreading.com%26origin%3Dhttps%253A%252F%252Fwww.darkreading.com%252Ff301b4a1f8ae4d%26relation%3Dparent&response_type=token%2Csigned_request%2Ccode&sdk=joey&version
Frame ID: 63A8652E9A5574A5A38E457E122CF652
Requests: 1 HTTP requests in this frame

Frame: https://ins.techweb.com/beacon/record.do?a=bfb712d4d19ed922a019f653ef0d27df3e8dac70570cb4ba0be8b5d8c49e00ac&u=https%253A%252F%252Fwww.darkreading.com%252Fthreat-intelligence%252Fcoin-miner-malware-spikes-629--in-telling-q1%252Fd%252Fd-id%252F1332166&t=P
Frame ID: 610697E7AFB9845696BF15D39236E559
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=640989409269461&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FLnGK1eIuZ8c.js%3Fversion%3D42%23cb%3Df39e71366e688f%26domain%3Dwww.darkreading.com%26origin%3Dhttps%253A%252F%252Fwww.darkreading.com%252Ff301b4a1f8ae4d%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&layout=button&locale=en_US&sdk=joey&send=false&show_faces=false&width=87
Frame ID: C4638718068700D4176287352B51294D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.7a5ca036ea5299f1d2ebb2234731e35e.en.html
Frame ID: 9DB66AE664F5A55B041A8D56CB6C6717
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1018936628084133889/tbrZmAf1?format=jpg&name=144x144_2
Frame ID: 16D3E7988D77AB1B431B438F85FF4140
Requests: 25 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe/redirect
Frame ID: 88D3626888B41078857C0EDA9071A1A7
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:400&text=VIDEOTWRBLGSUC
Frame ID: F7BC97AF10995B10061B5F3BFAC4B5AD
Requests: 24 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 1EEBBA157F72437E23ACA3874CBAFDBF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

JavaScript Infovis Toolkit (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

script /jit.*\.js/i

jQuery Mobile (Mobile Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /jquery\.mobile(?:-([\d.]+rc\d))?.*\.js(?:\?ver=([\d.]+))?/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^adroll_/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Eloqua (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

env /^elq(?:SiteID|Load|CurESite)$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i

SiteCatalyst (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^s_(?:account|objectID|code|INST)$/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
env /^_?COMSCORE$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i
script /jquery\.mobile(?:-([\d.]+rc\d))?.*\.js(?:\?ver=([\d.]+))?/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

env /^Recaptcha$/i

Page Statistics

263
Requests

8 %
HTTPS

42 %
IPv6

41
Domains

66
Subdomains

61
IPs

7
Countries

3633 kB
Transfer

7373 kB
Size

7
Cookies

76 Outgoing links

These are links going to different origins than the main page.

URL: http://www.informationweek.com/

Search URL Search Domain Scan URL

URL: https://www.networkcomputing.com/
Title: Network Computing

Search URL Search Domain Scan URL

URL: https://ng.techweb.com/authds/gateway?gateway=true&return=https%3A%2F%2Fwww%2Edarkreading%2Ecom%2Fthreat%2Dintelligence%2Fcoin%2Dminer%2Dmalware%2Dspikes%2D629%2D%2Din%2Dtelling%2Dq1%2Fd%2Fd%2Did%2F1332166%3FngAction%3Dregister
Title: Register

Search URL Search Domain Scan URL

URL: http://createyournextcustomer.techweb.com/contact-us/
Title: Advertise

Search URL Search Domain Scan URL

URL: http://reports.informationweek.com/search?search=security
Title: Reports

Search URL Search Domain Scan URL

URL: http://www.informationweek.com/whitepaper/Security
Title: White Papers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/darkreadingcom
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/DarkReading
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/groups?home=&gid=3193466&trk=anet_ug_hm
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://plus.google.com/+darkreading
Title: Google+

Search URL Search Domain Scan URL

URL: https://insecurity.com/?_mc=we_x_dr_le_tsnr_intplv_x_x-drheader

Search URL Search Domain Scan URL

URL: http://www.informationweek.com/whitepaper
Title: Tech Library

Search URL Search Domain Scan URL

URL: http://twitter.com/kellymsheridan

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/pub/kelly-sheridan/30/488/893/

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/2/112528145340130144811/posts

Search URL Search Domain Scan URL

URL: http://teads.tv/inread-outstream/
Title: inRead invented by Teads

Search URL Search Domain Scan URL

URL: https://securelist.com/ransomware-and-malicious-crypto-miners-in-2016-2018/86238/
Title: further supports

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/enterprise/en-us/assets/reports/rp-quarterly-threats-jun-2018.pdf
Title: Quarterly Threat Report

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssLyue9xH35DxRWX0wUAhW4ZAXqguAyPwQXMXFma96FNuxRwd9kguxfbGYHyD1E_9rckB6ikNXlZ7DzJ5r8J06PzVQV628PKRynu8gchH_YzhVQ5aghQUHK_C-prkshSkxaysGzAjXWwkOfonN4_A9Y3B6NRmi9dsVfa8SSIoWel1GfnE-AMdEQHpRBCT1v8mQd-M_ssntdq3m7VNYuZgQRLPV4w4-mYnKiXP-PGeoANsr7qwbGrbIYgH4lKHRXKJNib_5Ih0M7onGg7rE%2526sai%253DAMfl-YT9cwWMJzceoUbgYmJVYCl5yEdik5OZg7aj9zvJ6NIi6c2cN3QErmjcg0MHFHHZ8ji4U2hFAdsdCHeUJumj-wHcpuxGqCk1jpvRlC30FA%2526sig%253DCg0ArKJSzNEDQtuJzzPEEAE%2526urlfix%253D1%2526adurl%253Dhttps://insecurity.com/%3F_mc%3Dwe_x_dr_le_tsnr_intplv_x_x-nativead

Search URL Search Domain Scan URL

URL: https://event.darkreading.com/3453?keycode=sbx&cid=smartbox_techweb_upcoming_webinars_8.500000825
Title: here

Search URL Search Domain Scan URL

URL: https://webinar.informationweek.com/3423?keycode=sbx&cid=smartbox_techweb_webcast_8.500000839
Title: Active Archive & Data Repository with Hadoop

Search URL Search Domain Scan URL

URL: https://webinar.darkreading.com/3580?keycode=sbx&cid=smartbox_techweb_webcast_8.500000837
Title: The Latest In Domain Fraud Trends And How To Secure Your Brand's Domain Footprint

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/security-monitoring/security-management-and-analytics/ironclad-apis-an-approach-for-application-security-testing/397333?cid=smartbox_techweb_whitepaper_14.500003284
Title: Ironclad APIs: An Approach for App Security Testing

Search URL Search Domain Scan URL

URL: http://www.informationweek.com/whitepaper/mobile-devices/mobile/mobile-devices-the-new-support-frontier-for-it-(idg-report)/396903?cid=smartbox_techweb_whitepaper_14.500003244
Title: Mobile Devices: The New Support Frontier for IT (IDG Report)

Search URL Search Domain Scan URL

URL: http://www.informationweek.com/whitepaper/cybersecurity/security-management-and-analytics/the-state-of-it-and-cybersecurity/398533?cid=smartbox_techweb_analytics_7.300005745
Title: The State of IT and Cybersecurity

Search URL Search Domain Scan URL

URL: http://reg.interop.com/stateofcloud_2018?kcode=ncsite_sbx&cid=smartbox_techweb_analytics_7.300005743
Title: 2018 State of the Cloud Report

Search URL Search Domain Scan URL

URL: http://reports.informationweek.com/search?search=security/
Title: More Reports

Search URL Search Domain Scan URL

URL: https://insecurity.com/?cid=smartbox_techweb_session_16.500200
Title: INsecurity Conference - An Event Like No Other

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/tr-18?cid=smartbox_techweb_session_16.500202
Title: Black Hat Trainings - October 22 & 23

Search URL Search Domain Scan URL

URL: https://insecurity.com/?cid=smartbox_techweb_session_16.500201
Title: Are You Looking to Learn About New Cybersecurity Threats & Challenges? Then INsecurity Is For You!

Search URL Search Domain Scan URL

URL: https://webinar.darkreading.com/3715?keycode=sbx&cid=smartbox_techweb_webcast_8.500000838
Title: The Authentication Problem - Solved

Search URL Search Domain Scan URL

URL: http://www.informationweek.com/whitepaper/endpoint-security/security/the-fileless-attack-checklist/398743?download=true&cid=smartbox_techweb_whitepaper_14.500003290
Title: The Fileless Attack Checklist

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/security-management-and-analytics/security-platforms/five-days-to-setting-up-an-application-security-program/397353?cid=smartbox_techweb_whitepaper_14.500003286
Title: [Guide] Setting Up an Application Security Program

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/security-management-and-analytics/security-platforms/getting-the-board-onboard-with-application-security/397343?cid=smartbox_techweb_whitepaper_14.500003285
Title: App Security: Getting the Board Onboard

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/cybersecurity/security-management-and-analytics/the-state-of-it-and-cybersecurity/398533?cid=mp_rptbx&_mc=mp_rptbx

Search URL Search Domain Scan URL

URL: http://www.informationweek.com/whitepaper/cybersecurity/risk-management-security/[strategic-security-report]-navigating-the-threat-intelligence-maze/393933?cid=mp_rptbx&_mc=mp_rptbx
Title: [Strategic Security Report] Navigating the Threat Intelligence Maze

Search URL Search Domain Scan URL

URL: http://www.informationweek.com/whitepaper/cybersecurity/security-monitoring/%5bstrategic-security-report%5d-how-enterprises-are-attacking-the-cybersecurity-challenge/390403?cid=mp_rptbx&_mc=mp_rptbx
Title: [Strategic Security Report] How Enterprises Are Attacking the IT Security Problem

Search URL Search Domain Scan URL

URL: http://www.informationweek.com/whitepaper/network-and-perimeter-security/security-management-and-analytics/how-data-breaches-affect-the-enterprise/390563?cid=mp_rptbx&_mc=mp_rptbx
Title: The Impact of a Security Breach 2017

Search URL Search Domain Scan URL

URL: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14379
Title: CVE-2018-14379

Search URL Search Domain Scan URL

URL: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14373
Title: CVE-2018-14373

Search URL Search Domain Scan URL

URL: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14374
Title: CVE-2018-14374

Search URL Search Domain Scan URL

URL: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14375
Title: CVE-2018-14375

Search URL Search Domain Scan URL

URL: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14378
Title: CVE-2018-14378

Search URL Search Domain Scan URL

URL: http://www.wrightsreprints.com/reprints/?magid=2202
Title: Reprints

Search URL Search Domain Scan URL

URL: http://www.ubmtechweb.com/

Search URL Search Domain Scan URL

URL: http://www.blackhat.com/
Title: Black Hat

Search URL Search Domain Scan URL

URL: http://contentmarketinginstitute.com/
Title: Content Marketing Institute

Search URL Search Domain Scan URL

URL: http://www.contentmarketingworld.com/
Title: Content Marketing World

Search URL Search Domain Scan URL

URL: http://www.enterpriseconnect.com/
Title: Enterprise Connect

Search URL Search Domain Scan URL

URL: http://www.gdconf.com/
Title: GDC

Search URL Search Domain Scan URL

URL: http://www.gamasutra.com/
Title: Gamasutra

Search URL Search Domain Scan URL

URL: http://www.thinkhdi.com/
Title: HDI

Search URL Search Domain Scan URL

URL: http://www.icmi.com/
Title: ICMI

Search URL Search Domain Scan URL

URL: http://insecurity.com/
Title: INsecurity

Search URL Search Domain Scan URL

URL: http://www.interop.com/
Title: Interop ITX

Search URL Search Domain Scan URL

URL: http://www.networkcomputing.com/
Title: Network Computing

Search URL Search Domain Scan URL

URL: http://www.nojitter.com/
Title: No Jitter

Search URL Search Domain Scan URL

URL: http://www.smworld.com/
Title: Service Management World

Search URL Search Domain Scan URL

URL: http://www.xrdconf.com/
Title: XRDC

Search URL Search Domain Scan URL

URL: http://tech.ubm.com/community-brands/content-marketing-2/
Title: Content Marketing

Search URL Search Domain Scan URL

URL: http://tech.ubm.com/community-brands/enterprise-it/
Title: Enterprise IT

Search URL Search Domain Scan URL

URL: http://tech.ubm.com/community-brands/enterprise-communications/
Title: Enterprise Communications

Search URL Search Domain Scan URL

URL: http://tech.ubm.com/community-brands/game-and-app-developers/
Title: Game Development

Search URL Search Domain Scan URL

URL: http://tech.ubm.com/community-brands/information-security/
Title: Information Security

Search URL Search Domain Scan URL

URL: http://tech.ubm.com/community-brands/technical-service-and-support/
Title: IT Services & Support

Search URL Search Domain Scan URL

URL: http://events.ubm.com/?company=10
Title: Event Calendar

Search URL Search Domain Scan URL

URL: http://createyournextcustomer.techweb.com/
Title: Tech Marketing

Search URL Search Domain Scan URL

URL: http://tech.ubm.com/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://wrightsmedia.com/sites/ubm/index.cfm
Title: Licensing

Search URL Search Domain Scan URL

URL: http://legal.us.ubm.com/terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: http://legal.us.ubm.com/privacy-policy/
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: http://reg.ubmamevents.com/UBMLegalEntities
Title: Legal Entities

Search URL Search Domain Scan URL

URL: http://twitter.com/share/?text=&url=%3Ff%5Fsrc%3Dthissite%5Ftweetlink
Title: Tweet This

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://www.darkreading.com/client_pathlog.asp?p=%2Fdarkreading%2Fsection%2F314&f=%2Fdarkreading%2Fsection%2F314%2F1332166&rndserial=34187 HTTP 302
https://img.deusm.com/images/spacer.gif

Request Chain 84

https://cm.everesttech.net/cm/dd?d_uuid=73724715947845414852877131980758237291 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=W09AzAAABXURIDx0 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=W09AzAAABXURIDx0

Request Chain 92

https://rudy.adsnative.com/cm.gif HTTP 302
https://ad.mail.ru/cm.gif?p=85&id=e05c8d21-7ce9-47c8-9905-8b3e4f7baf8b&dspid=692015568 HTTP 302
https://rudy.adsnative.com/cm.gif?dspid=692015568&buid=c5690e0765190e9c HTTP 302
https://ib.adnxs.com/getuid?https://rudy.adsnative.com/cm.gif?dspid=1213086687&buid=$UID&smode=1 HTTP 302
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frudy.adsnative.com%2Fcm.gif%3Fdspid%3D1213086687%26buid%3D%24UID%26smode%3D1 HTTP 302
https://rudy.adsnative.com/cm.gif?dspid=1213086687&buid=8096334911614428873&smode=1

Request Chain 103

https://sb.scorecardresearch.com/b?c1=2&c2=3005435&ns__t=1531920588774&ns_c=windows-1252&cv=3.1&c8=Coin%20Miner%20Malware%20Spikes%20629%25%20in%20%27Telling%27%20Q1&c7=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005435&ns__t=1531920588774&ns_c=windows-1252&cv=3.1&c8=Coin%20Miner%20Malware%20Spikes%20629%25%20in%20%27Telling%27%20Q1&c7=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&c9=

Request Chain 177

https://s657486201.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=657486201&ref2=elqNone&tzo=0&ms=517&optin=disabled HTTP 302
https://s657486201.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=657486201&ref2=elqNone&tzo=0&ms=517&optin=disabled&elqCookie=1

Request Chain 178

https://s2150.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=2150&ref2=elqNone&tzo=0&ms=517&optin=disabled HTTP 302
https://s2150.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2150&ref2=elqNone&tzo=0&ms=517&optin=disabled&elqCookie=1

Request Chain 185

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1531920589710&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=33437156&cs_ucfr=1 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1531920589710&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=33437156&cs_ucfr=1

Request Chain 213

https://sync.teads.tv/iframe?pid=21882&userId=d77ab0ff-5e61-446d-a42c-0a7aa89a27bf&gdprIab={%22status%22:22,%22consent%22:%22%22}&1531920589862 HTTP 302
https://sync.teads.tv/iframe/redirect

Request Chain 236

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5b4f40cd03eec00001bcbf25 HTTP 302
https://polo-v1.feathr.co/v1/analytics/match?f_id=5b4f40cd03eec00001bcbf25&ttd_id=6b16b8ad-6c4e-47fa-9328-4ceff66ce653

Request Chain 253

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

263 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1332166 Show response
www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/ 147 KB
27 KB 810ms
809ms Document
text/html 2400:cb00:2048:1::6811:7863
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6811:7863 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c3534f498b08fbb29e3ea4623a1558a8ef2b58143f233881a016788a8f2a760d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.darkreading.com
:scheme: https
:path: /threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E88D36113169FDDE12FD6800890E2B17

Response headers

status: 200
date: Wed, 18 Jul 2018 13:29:47 GMT
content-type: text/html
set-cookie: __cfduid=dcd3e83a646c63fe2cc66fa84a3e233fb1531920586; expires=Thu, 18-Jul-19 13:29:46 GMT; path=/; domain=.darkreading.com; HttpOnly darkreading_lastvisit=7/18/2018 9:29:47 AM; expires=Mon, 18-Jul-2033 13:29:47 GMT; path=/; HttpOnly darkreading_lastvisit=7/18/2018 9:29:47 AM; expires=Mon, 18-Jul-2033 13:29:47 GMT; path=/; HttpOnly cplChannelTagID=; path=/ darkreading%2Dmeter=1332166; expires=Thu, 19-Jul-2018 04:00:00 GMT; path=/ darkreading%5Fvisits=2; expires=Mon, 18-Jul-2033 04:00:00 GMT; path=/
vary: Accept-Encoding
cache-control: private
x-pingback: http://www.staging.new.informationweek.com/xmlrpc.asp
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 43c54c916cba96b2-FRA
content-encoding: gzip

GET
S 200 css
fonts.googleapis.com/ 2 KB
844 B 29ms
19ms Stylesheet
text/css 2a00:1450:400e:803::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:700

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

0fb0f3abed20c1112a0eb52745ba589a5ec9c2fe0582f82b40c1208a5aebaaf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=600
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=600
content-encoding: gzip
last-modified: Wed, 18 Jul 2018 13:29:47 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 18 Jul 2018 13:29:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
expires: Wed, 18 Jul 2018 13:29:47 GMT

GET
S 200 darkreading.css
twimgs.com/nojitter/css/ 17 KB
4 KB 21ms
11ms Stylesheet
text/css 2400:cb00:2048:1::681b:85c7
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://twimgs.com/nojitter/css/darkreading.css
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:85c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf167be72549318f78f8c03d0d93b923f8e8e290acec47b870a1cede920e859b

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2017 09:38:14 GMT
server: cloudflare
etag: "45f8-54e22b7428d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 43c54c9689d463d3-FRA
content-length: 3545
expires: Wed, 18 Jul 2018 17:29:47 GMT

GET
H2 200 pano-framework.css
www.darkreading.com/styles/ 124 KB
9 KB 28ms
18ms Stylesheet
text/css 2400:cb00:2048:1::6811:7863
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/styles/pano-framework.css?v1.26

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6811:7863 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

268819e04d4f1da7b25f24454f9f28e172289c17bff9b635468babeeb1992892

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /styles/pano-framework.css?v1.26
pragma: no-cache
cookie: __cfduid=dcd3e83a646c63fe2cc66fa84a3e233fb1531920586; darkreading_lastvisit=7/18/2018 9:29:47 AM; cplChannelTagID=; darkreading%2Dmeter=1332166; darkreading%5Fvisits=2
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.darkreading.com
referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
:scheme: https
:method: GET
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Fri, 16 Feb 2018 05:53:40 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"2c71d97eeaa6d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: public, max-age=7200
cf-ray: 43c54c9689ae96b2-FRA
expires: Wed, 18 Jul 2018 15:29:47 GMT

GET
H2 200 styles.css
www.darkreading.com/styles/ 292 B
266 B 24ms
14ms Stylesheet
text/css 2400:cb00:2048:1::6811:7863
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/styles/styles.css?v7

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6811:7863 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

a8fc74838ba253a4076b8eb46aeed79c10341380609dcfe11bed40d974d1fd10

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /styles/styles.css?v7
pragma: no-cache
cookie: __cfduid=dcd3e83a646c63fe2cc66fa84a3e233fb1531920586; darkreading_lastvisit=7/18/2018 9:29:47 AM; cplChannelTagID=; darkreading%2Dmeter=1332166; darkreading%5Fvisits=2
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.darkreading.com
referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
:scheme: https
:method: GET
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Mon, 03 Apr 2017 14:07:44 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"b08d92aa83acd21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: public, max-age=7200
cf-ray: 43c54c9689af96b2-FRA
expires: Wed, 18 Jul 2018 15:29:47 GMT

GET
S 200 dr_nativead.css
i.ubm-us.net/oas/nativead/css/ 2 KB
827 B 30ms
21ms Stylesheet
text/css 2400:cb00:2048:1::6818:7875
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ubm-us.net/oas/nativead/css/dr_nativead.css?v3
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::6818:7875 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a642eae92f5a383eb9d9729860f50822ad5cd81d1ca54ee90e154ef049f1c6dc

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 25 May 2017 19:39:37 GMT
server: cloudflare
etag: W/"855-5505e6187f040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-polished: origSize=2133
cf-bgj: minify
cf-ray: 43c54c96888d9738-FRA
expires: Wed, 18 Jul 2018 17:29:47 GMT

GET
S 200 nativead.js Show response
i.ubm-us.net/oas/nativead/js/ 1 KB
537 B 43ms
37ms Script
application/javascript 2400:cb00:2048:1::6818:7875
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ubm-us.net/oas/nativead/js/nativead.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::6818:7875 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 984cd1fa5dd20c2b1b8fd77b6bb876a3a211cdf14aaaed6bc1481e3c98027544

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Jul 2015 14:31:41 GMT
server: cloudflare
cf-polished: origSize=1373
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-bgj: minify
cf-ray: 43c54c9688919738-FRA
expires: Thu, 19 Jul 2018 13:29:47 GMT

GET
S 200 dr_nativead.js Show response
i.ubm-us.net/oas/nativead/js/ 8 KB
1 KB 29ms
23ms Script
application/javascript 2400:cb00:2048:1::6818:7875
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ubm-us.net/oas/nativead/js/dr_nativead.js?v3
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::6818:7875 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b309c9c4a6c27c7cfc64ab2bc7f545e8d7b41a795c46202ab2a9c633f7128287

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2017 16:50:20 GMT
server: cloudflare
cf-polished: origSize=8434
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-bgj: minify
cf-ray: 43c54c9688939738-FRA
expires: Thu, 19 Jul 2018 13:29:47 GMT

GET
H2 200 respond.min.js Show response
www.darkreading.com/script/ 4 KB
2 KB 19ms
13ms Script
application/x-javascript 2400:cb00:2048:1::6811:7863
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/script/respond.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6811:7863 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cf7bdb0487590885c13a3cc0a2a1450b3ac649a465de267af12f552be8bcb5fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /script/respond.min.js
pragma: no-cache
cookie: __cfduid=dcd3e83a646c63fe2cc66fa84a3e233fb1531920586; darkreading_lastvisit=7/18/2018 9:29:47 AM; cplChannelTagID=; darkreading%2Dmeter=1332166; darkreading%5Fvisits=2
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.darkreading.com
referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
:scheme: https
:method: GET
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Mon, 22 Sep 2014 21:04:30 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"03ccda8d6cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
status: 200
cache-control: public, max-age=7200
cf-ray: 43c54c9689b096b2-FRA
expires: Wed, 18 Jul 2018 15:29:47 GMT

GET
H2 200 jquery.mobile.custom.min.js Show response
www.darkreading.com/script/ 8 KB
3 KB 18ms
12ms Script
application/x-javascript 2400:cb00:2048:1::6811:7863
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/script/jquery.mobile.custom.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6811:7863 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b4cf7d6d50b6a36f070f6c49e975198a9a8930838695b64e480bf1f6199f0572

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /script/jquery.mobile.custom.min.js
pragma: no-cache
cookie: __cfduid=dcd3e83a646c63fe2cc66fa84a3e233fb1531920586; darkreading_lastvisit=7/18/2018 9:29:47 AM; cplChannelTagID=; darkreading%2Dmeter=1332166; darkreading%5Fvisits=2
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.darkreading.com
referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
:scheme: https
:method: GET
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Mon, 22 Sep 2014 21:04:30 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"03ccda8d6cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
status: 200
cache-control: public, max-age=7200
cf-ray: 43c54c9689b196b2-FRA
expires: Wed, 18 Jul 2018 15:29:47 GMT

GET
S 200 complete.js Show response
twimgs.com/nojitter/js/ 45 KB
9 KB 17ms
12ms Script
application/javascript 2400:cb00:2048:1::681b:85c7
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://twimgs.com/nojitter/js/complete.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:85c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8420f59cd348cf0e10e05482724523ad6b83f88467bbfacf6826eaadd3a03985

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 May 2017 06:04:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-ray: 43c54c9689e563d3-FRA
expires: Thu, 19 Jul 2018 13:29:47 GMT

GET
S 200 jquery-1.11.min.js Show response
twimgs.com/nojitter/js/ 94 KB
33 KB 22ms
17ms Script
application/javascript 2400:cb00:2048:1::681b:85c7
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://twimgs.com/nojitter/js/jquery-1.11.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:85c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 May 2017 06:05:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-ray: 43c54c9689e663d3-FRA
expires: Thu, 19 Jul 2018 13:29:47 GMT

GET
S 200 darkreading.js Show response
twimgs.com/nojitter/darkreading/ 27 KB
4 KB 22ms
16ms Script
application/javascript 2400:cb00:2048:1::681b:85c7
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://twimgs.com/nojitter/darkreading/darkreading.js?v9
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:85c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5a37d18a14fb428d01bfe23b0e28db9b7a189e886513a7098683cb01f0929ee

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 23 Apr 2018 13:44:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-ray: 43c54c9689e763d3-FRA
expires: Thu, 19 Jul 2018 13:29:47 GMT

GET
S 200 VisitorAPI.js Show response
epromos.ubmcanon.com/ 45 KB
15 KB 22ms
17ms Script
text/javascript 2400:cb00:2048:1::6818:452
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://epromos.ubmcanon.com/VisitorAPI.js?ormzkk
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::6818:452 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa92b44ae441805b86a9603ffea3890a8df348fb2269d716c557b6970c11e9f4

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 Apr 2018 23:42:00 GMT
server: cloudflare
etag: W/"1010b6-b435-56aa0b35ea1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 43c54c96894663a9-FRA
expires: Wed, 18 Jul 2018 17:29:47 GMT

GET
S 200 at.js Show response
epromos.ubmcanon.com/ 106 KB
33 KB 25ms
20ms Script
text/javascript 2400:cb00:2048:1::6818:452
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://epromos.ubmcanon.com/at.js?ormzkk
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::6818:452 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42eb48be2f9f6fc91fcda10af9802cb6aa0733e2dd007c224570ae6ece3dac33

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Apr 2018 15:42:52 GMT
server: cloudflare
etag: W/"1000c4-1a7c1-569a89bca3df7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 43c54c96894863a9-FRA
expires: Wed, 18 Jul 2018 17:29:47 GMT

GET
S 200 jplayer.blue.monday.css
twimgs.com/nojitter/css/ 12 KB
3 KB 17ms
12ms Stylesheet
text/css 2400:cb00:2048:1::681b:85c7
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://twimgs.com/nojitter/css/jplayer.blue.monday.css
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:85c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a4f12795a11d0957a7e476cdd2516967e3e00f54841456fbd8c0dd607984d92

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 May 2017 07:28:28 GMT
server: cloudflare
etag: "2f89-54ec1d5e89f00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 43c54c9689e063d3-FRA
content-length: 3117
expires: Wed, 18 Jul 2018 17:29:47 GMT

GET
S 200 style.css
twimgs.com/nojitter/css/ 912 B
427 B 21ms
16ms Stylesheet
text/css 2400:cb00:2048:1::681b:85c7
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://twimgs.com/nojitter/css/style.css
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:85c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a08be5766c0e198ba8171f7decd09065c08a5c850276325cc1792f25e7b356e

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 May 2017 07:30:36 GMT
server: cloudflare
etag: W/"390-54ec1dd89bf00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 43c54c9689e363d3-FRA
expires: Wed, 18 Jul 2018 17:29:47 GMT

GET
S 200 jquery.jplayer.min.js Show response
twimgs.com/nojitter/js/ 48 KB
12 KB 21ms
16ms Script
application/javascript 2400:cb00:2048:1::681b:85c7
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://twimgs.com/nojitter/js/jquery.jplayer.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:85c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cddbf405266cd4b3e66229592e63666012dbceaaad02635af5da9d303bfd3ed1

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2017 11:20:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-ray: 43c54c9689e863d3-FRA
expires: Thu, 19 Jul 2018 13:29:47 GMT

GET
S 200 jquery.tablesorter.min.js Show response
twimgs.com/nojitter/js/ 16 KB
5 KB 16ms
11ms Script
application/javascript 2400:cb00:2048:1::681b:85c7
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://twimgs.com/nojitter/js/jquery.tablesorter.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:85c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b90279154254e108748dc80dd226eab336e2c320e4a40569952b46dc5d785536

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2017 11:21:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-ray: 43c54c9689e963d3-FRA
expires: Thu, 19 Jul 2018 13:29:47 GMT

GET
H/1.1 200
OK ubm-widget-style.css
dsimg.ubm-us.net/ubm-widget/css/ 29 KB
6 KB 570ms
211ms Stylesheet
text/css 2620:103::192:155:48:22
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://dsimg.ubm-us.net/ubm-widget/css/ubm-widget-style.css
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 2620:103::192:155:48:22 , United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.6 (Red Hat Enterprise Linux) /
Resource Hash: 1e97210e22581e4b07521a644b8874bf38e72bf51fb77691c4394aecbac3081b

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Apr 2018 16:31:21 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux)
ETag: "7393-569952b4c0840"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5898

GET
H/1.1 200
OK ubm-widget-min.js Show response
dsimg.ubm-us.net/ubm-widget/js/ 192 KB
192 KB 466ms
107ms Script
application/javascript 2620:103::192:155:48:22
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://dsimg.ubm-us.net/ubm-widget/js/ubm-widget-min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 2620:103::192:155:48:22 , United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.6 (Red Hat Enterprise Linux) /
Resource Hash: ffcaeef328a1e67717f714997426aaf936e4b9d378a5fbe1bd2a063dfeb50750

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:47 GMT
Last-Modified: Wed, 11 Apr 2018 17:29:33 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux)
ETag: "2fe99-56995fb6fbbe3"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 196249

GET
H2 200 ng_forms.js Show response
www.darkreading.com/script/ 31 KB
7 KB 28ms
24ms Script
application/x-javascript 2400:cb00:2048:1::6811:7863
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/script/ng_forms.js?v7.9

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6811:7863 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4a95b07ec54d49e694b07142995eea1a12d961ed430270d137b3c29cdb9cf3d6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /script/ng_forms.js?v7.9
pragma: no-cache
cookie: __cfduid=dcd3e83a646c63fe2cc66fa84a3e233fb1531920586; darkreading_lastvisit=7/18/2018 9:29:47 AM; cplChannelTagID=; darkreading%2Dmeter=1332166; darkreading%5Fvisits=2
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.darkreading.com
referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
:scheme: https
:method: GET
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Thu, 12 Apr 2018 07:57:36 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"a888c4eb33d2d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
status: 200
cache-control: public, max-age=7200
cf-ray: 43c54c9689b296b2-FRA
expires: Wed, 18 Jul 2018 15:29:47 GMT

GET
S 200 widget-extra.css
twimgs.com/nojitter/css/ 443 B
311 B 15ms
10ms Stylesheet
text/css 2400:cb00:2048:1::681b:85c7
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://twimgs.com/nojitter/css/widget-extra.css?v1
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:85c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61494fd1b573b217034bef7e22044bda91962797d68efada6726910d32bb995b

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2017 07:28:37 GMT
server: cloudflare
etag: W/"1bb-5590d1ba81340"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 43c54c9689e463d3-FRA
expires: Wed, 18 Jul 2018 17:29:47 GMT

GET
S 200 render.v1.js Show response
static.adsnative.com/static/js/ 58 KB
18 KB 13ms
8ms Script
application/javascript 151.139.239.5
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsnative.com/static/js/render.v1.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 151.139.239.5 Dallas, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 37207020ad439c6088d20d1828813ac87f273b632bc3c805fd33500a493bb31a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
last-modified: Tue, 10 Jul 2018 23:01:00 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 27A11B1BA2E1CBD4
etag: W/"d0fd084c8c245fcdd0a3f823b7733306"
x-cache: HIT
content-language: en
status: 200
content-type: application/javascript
access-control-allow-origin: *
x-amz-version-id: RjF5Ymdcmb6igxZH8Kf7CFLN5FEplkRx
x-amz-id-2: C8M0/8DikqFLAKu2vYk1klSipnBs/2MdnOQ3Id443ZndRUQra4G9mPPCamR5ifFmVOPHP8SEPGo=

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 362 B
1 KB 770ms
202ms XHR
application/json 52.25.33.8
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=77FB1CFE532B22840A490D45%40AdobeOrg&d_nsid=0&ts=1531920587381
Requested by: Host: epromos.ubmcanon.com
URL: https://epromos.ubmcanon.com/VisitorAPI.js?ormzkk
Protocol: HTTP/1.1
Server: 52.25.33.8 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-25-33-8.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: c2557ee01d8b87df714fa265e47e102e9662a45dd3d7219adac802655474dfdb

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: usw2-prod-dcs-0f57a9859.edge-usw2.demdex.com 5.33.0.20180628075140 5ms
Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:48 GMT
Content-Encoding: gzip
X-TID: /n2goLCjStY=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.darkreading.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 299
Expires: Thu, 01 Jan 2009 00:00:00 GMT

GET
S 200 conversion.js Show response
www.googleadservices.com/pagead/ 19 KB
7 KB 16ms
15ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

12dae5bf701d04ae24093bc6150c6a9d7a4f58c5c893f96180ef13e08734d4a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 7177
x-xss-protection: 1; mode=block
server: cafe
etag: 9719002602627444886
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 18 Jul 2018 13:29:47 GMT

GET
S 200 iwk-it-network-dr.gif
img.deusm.com/darkreading/ 3 KB
3 KB 41ms
40ms Image
image/gif 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/iwk-it-network-dr.gif
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6df7d1f2b9c65c06c5ae1e798650b6c388f26f6852b8814f942557d712b9745

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2016 13:53:05 GMT
server: cloudflare
etag: "abc-54051c29ab240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f1c7ebf2a-FRA
content-length: 2748

GET
S 200 DR_mobile_User_nav.png
img.deusm.com/darkreading/ 1 KB
2 KB 12ms
11ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/DR_mobile_User_nav.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b02cdb496b954e874c4b87d48eb1ea16f088258786ed0d2f0771acc3d01649e

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Feb 2014 14:56:03 GMT
server: cloudflare
etag: "5be-4f2ebd21a06c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f1c7fbf2a-FRA
content-length: 1470

GET
S 200 spacer.gif
img.deusm.com/images/ 49 B
147 B 26ms
25ms Image
image/gif 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/images/spacer.gif
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c5b83e390d046c3623c4b8e35b58aaf64a7481bb2372fb51ae2e0e7818f7407

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2000 01:54:07 GMT
server: cloudflare
etag: "31-3737c29f20dc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f1c80bf2a-FRA
content-length: 49

GET
S 200 DR_search.png
img.deusm.com/darkreading/ 2 KB
2 KB 14ms
13ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/DR_search.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dafb72bcf008c9b9754482b88e8ba8b8e854f1a69483f0753b1c3f12101c1a9f

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Feb 2014 14:56:03 GMT
server: cloudflare
etag: "7e9-4f2ebd21a06c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f1c81bf2a-FRA
content-length: 2025

GET
S 200 DR_mobile_SM.png
img.deusm.com/darkreading/ 2 KB
2 KB 8ms
8ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/DR_mobile_SM.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfc1797e85a0565d0cfba1621eac801dc5ebd78a02f45e0ab8de5c6c2eb3f987

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Feb 2014 14:56:03 GMT
server: cloudflare
etag: "864-4f2ebd21a06c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f3c98bf2a-FRA
content-length: 2148

GET
S 200 DR-sections-nav.png
img.deusm.com/darkreading/ 2 KB
2 KB 13ms
12ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/DR-sections-nav.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f89a03faa36f0b6eeb92b9a8f0b8d2f9d3e564ba8bf13bb169bf05b126ca81e

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Feb 2014 14:56:03 GMT
server: cloudflare
etag: "9aa-4f2ebd21a06c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f3c9bbf2a-FRA
content-length: 2474

GET
S 200 mobile_close.jpg
img.deusm.com/darkreading/ 2 KB
2 KB 9ms
9ms Image
image/jpeg 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/mobile_close.jpg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5c543f59d71e1e4f6b51c896febf86975206dcf9e34757f475b125d64d16ea6

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Mar 2014 12:44:20 GMT
server: cloudflare
etag: "638-4f47c4fdf5100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f3c9cbf2a-FRA
content-length: 1592

GET
S 200 darkreading-logo.gif
img.deusm.com/darkreading/ 4 KB
5 KB 11ms
11ms Image
image/gif 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/darkreading-logo.gif
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 545712edaa3b24336596165ffc141ae4b85fbf5d8c566b48c28b16ab7df1edf0

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2016 13:53:00 GMT
server: cloudflare
etag: "11a7-54051c24e6700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f3c9dbf2a-FRA
content-length: 4519

GET
S 200 joinuslive.gif
img.deusm.com/darkreading/ 2 KB
2 KB 8ms
8ms Image
image/gif 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/joinuslive.gif
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125a206a2b5c62726d73e063719b503d74bf109a09e9bc1e947d42726c0b3feb

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2016 13:52:50 GMT
server: cloudflare
etag: "683-54051c1b5d080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f3ca3bf2a-FRA
content-length: 1667

GET
S 200 InSecurity_White_logo.png
img.deusm.com/darkreading/ 3 KB
3 KB 8ms
8ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/InSecurity_White_logo.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0237cd593053b78613c470475a2634d02ee10f8bdae83266f1da027d80c28ec4

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Wed, 16 May 2018 14:46:43 GMT
server: cloudflare
etag: "a2d-56c53c98b7ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f4ca9bf2a-FRA
content-length: 2605

GET
S 200 Sheridan-IWK-125x125.jpg
img.deusm.com/informationweek/ 17 KB
17 KB 18ms
18ms Image
image/jpeg 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/informationweek/Sheridan-IWK-125x125.jpg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88f6b155f6df559c17b78785558ec29de6429ef62232a26ad2ddbf8f8de07209

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Aug 2014 20:09:58 GMT
server: cloudflare
etag: "4206-5009c7d249180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f4cabbf2a-FRA
content-length: 16902

GET
S 200 editor-TW.png
img.deusm.com/informationweek/ 2 KB
2 KB 13ms
12ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/informationweek/editor-TW.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32821e69d091e71a62b9dbefcd09516c2133b50c50a3f8d597207d9cab5d59b8

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Nov 2013 19:33:41 GMT
server: cloudflare
etag: "60d-4eb2828b4cf40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f4caebf2a-FRA
content-length: 1549

GET
S 200 editor-IN.png
img.deusm.com/informationweek/ 1 KB
2 KB 8ms
8ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/informationweek/editor-IN.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5cc2027e2da5b3d553fba6a4d2d7276aafa604001e9b0321e18d1fd62b03b3f

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Nov 2013 19:33:41 GMT
server: cloudflare
etag: "5b7-4eb2828b4cf40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f4cafbf2a-FRA
content-length: 1463

GET
S 200 editor-G.png
img.deusm.com/informationweek/ 2 KB
2 KB 10ms
10ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/informationweek/editor-G.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8212328c31d444c460351381e3cefcaeb1366196ac51d8a0051328f7faa9047a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Nov 2013 19:33:40 GMT
server: cloudflare
etag: "747-4eb2828a58d00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f4cb1bf2a-FRA
content-length: 1863

GET
S 200 editor-RSS.png
img.deusm.com/informationweek/ 2 KB
2 KB 9ms
9ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/informationweek/editor-RSS.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8f4fa7376444ffe05d0f7b296439401fb9729bdee84d760ee6286e7b663c753

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Nov 2013 19:33:41 GMT
server: cloudflare
etag: "6fa-4eb2828b4cf40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f5cb9bf2a-FRA
content-length: 1786

GET
S 200 editor-email.png
img.deusm.com/informationweek/ 2 KB
2 KB 9ms
9ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/informationweek/editor-email.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190f689e0f479324a217a5ea88c1acc132b66d24b16559052d59b892ff5dcba2

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Nov 2013 19:33:40 GMT
server: cloudflare
etag: "70f-4eb2828a58d00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f5cbebf2a-FRA
content-length: 1807

GET
S 200 DR-comment.png
img.deusm.com/darkreading/ 1011 B
1 KB 9ms
9ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/DR-comment.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63484bd691450c081b848e5159315bfcd02720741d3f72a69717643d6630e578

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Feb 2014 14:56:02 GMT
server: cloudflare
etag: "3f3-4f2ebd20ac480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f5cc1bf2a-FRA
content-length: 1011

GET
S 200 thumbs-up.png
img.deusm.com/darkreading/ 2 KB
2 KB 9ms
9ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/thumbs-up.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9111d9514a49ad97e7c6d5fd97a00f3232b73537e9155726f32f123eb69b5a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Mar 2014 16:09:21 GMT
server: cloudflare
etag: "607-4f4934ae90e40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f5cc2bf2a-FRA
content-length: 1543

GET
S 200 thumbs-down.png
img.deusm.com/informationweek/ 2 KB
2 KB 13ms
12ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/informationweek/thumbs-down.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b19f14d674857362b6e10d0dcb1703b149d9dda6f350d1737562fc36e4e67a81

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Nov 2013 19:20:31 GMT
server: cloudflare
etag: "624-4eba0acaa9dc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f5cc5bf2a-FRA
content-length: 1572

GET
H2 200 email-decode.min.js Show response
www.darkreading.com/cdn-cgi/scripts/f2bf09f8/cloudflare-static/ 1 KB
803 B 7ms
7ms Script
application/javascript 2400:cb00:2048:1::6811:7863
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/scripts/f2bf09f8/cloudflare-static/email-decode.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6811:7863 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

d86535603bd79537d32a08e173e8b56877377941756eb8550b1c69b1d10c4dfe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /cdn-cgi/scripts/f2bf09f8/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: __cfduid=dcd3e83a646c63fe2cc66fa84a3e233fb1531920586; darkreading_lastvisit=7/18/2018 9:29:47 AM; cplChannelTagID=; darkreading%2Dmeter=1332166; darkreading%5Fvisits=2; AMCV_77FB1CFE532B22840A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C17731%7CvVersion%7C3.1.2; check=true; piddlNGSiteReferer=/; piddlNGPageReferer=/
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.darkreading.com
referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
:scheme: https
:method: GET
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
last-modified: Tue, 17 Jul 2018 14:08:38 GMT
server: cloudflare-nginx
etag: W/"5b4df866-441"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800 public
cf-ray: 43c54c9bff8b96b2-FRA
expires: Fri, 20 Jul 2018 13:29:48 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 119 KB
35 KB 7ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40FE) /
Resource Hash: 643ca3bddc30489dbdfa50b9b7c9803877371403531813b9c42fc814de0dd339

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:20:20 GMT
Server: ECS (fcn/40FE)
Etag: "50219a6a461fe892e717dd2ea6b6ebc1+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Content-Length: 35375

GET
H/1.1 200
OK in.js Show response
platform.linkedin.com/ 4 KB
2 KB 6ms
6ms Script
text/javascript 104.111.240.34
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 104.111.240.34 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-240-34.deploy.static.akamaitechnologies.com
Software: Apache-Coyote/1.1 /
Resource Hash: 0c02bf028cf5f3ab2f76fb80a463aff6f7d2258fbaf668ef12763fda4344868d

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-LI-Proto: http/1.1
Date: Wed, 18 Jul 2018 13:29:48 GMT
Content-Encoding: gzip
X-LI-UUID: iJAnmkloQhWQ3MJ17CoAAA==
Server: Apache-Coyote/1.1
X-Li-Pop: prod-efr5
Vary: Accept-Encoding
P3P: CP="CAO CUR ADM DEV PSA PSD OUR"
Cache-Control: max-age=86400
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1745
X-CDN: AKAM
X-Li-Fabric: prod-lva1
Expires: Thu, 19 Jul 2018 08:11:28 GMT

GET
S 200 09_L_Myers_125x125.jpg
img.deusm.com/darkreading/ 6 KB
6 KB 8ms
8ms Image
image/jpeg 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/09_L_Myers_125x125.jpg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 403c689f9b86705d527d50cb4ecb836fd640d0ef48f71fbef5cfbe02f96314d9

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Thu, 03 Apr 2014 19:01:39 GMT
server: cloudflare
etag: "1996-4f62807edeac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f6cc6bf2a-FRA
content-length: 6550

GET
S 200 Jai-Vijayan.jpg
img.deusm.com/informationweek/ 11 KB
11 KB 10ms
10ms Image
image/jpeg 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/informationweek/Jai-Vijayan.jpg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e9b6fed568a85ee88f1eb2aa1d51cb2073d907cbb0109a5dd703f0b1e5651d6

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Mon, 29 Sep 2014 13:34:14 GMT
server: cloudflare
etag: "2c67-5043452972180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f6ccfbf2a-FRA
content-length: 11367

GET
S 200 Kelly_Jackson_Higgins.jpg
twimgs.com/nojitter/informationweek/resources/images/ 23 KB
24 KB 9ms
9ms Image
image/jpeg 2400:cb00:2048:1::681b:85c7
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twimgs.com/nojitter/informationweek/resources/images/Kelly_Jackson_Higgins.jpg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:85c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf298157a19ff06a7b27a36eb4a3be2994016452a5f9c1ad6b480aa7ce3799ff

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2017 11:38:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 43c54c9f3ad163d3-FRA
content-length: 24037
expires: Thu, 19 Jul 2018 13:29:48 GMT

GET
S 200 NL-icon.png
img.deusm.com/informationweek/ 3 KB
3 KB 9ms
8ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/informationweek/NL-icon.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8b7ea5cc75abc79d502a95c5ccac8f97aa82fd8c13acc74c84c754eb86cc4c3

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Nov 2013 15:09:43 GMT
server: cloudflare
etag: "a27-4eaabc5a3dbc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f6cd0bf2a-FRA
content-length: 2599

GET
S 200 ubm-tech.png
img.deusm.com/darkreading/ 7 KB
7 KB 27ms
27ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/ubm-tech.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b6908c1ddefad4b526966ba3f51d6e03f1f40747b658fbe64b9e3471ce6faf8

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Feb 2014 18:55:37 GMT
server: cloudflare
etag: "1cb3-4f33fa2395c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f6cd5bf2a-FRA
content-length: 7347

GET
S 200 video-arrow_left_off.gif
img.deusm.com/darkreading/ 1 KB
1 KB 9ms
8ms Image
image/gif 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/video-arrow_left_off.gif
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f61400081191bf755c967c186a8fd356b02010fac3412f84cf83d5dfe10dd5d

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Mar 2014 16:02:37 GMT
server: cloudflare
etag: "53e-4f49332d48140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f6cd6bf2a-FRA
content-length: 1342

GET
S 200 1568176135_5773469399001_5773462992001-th.jpg
f1.media.brightcove.com/8/1568176135/ 5 KB
5 KB 6ms
5ms Image
image/jpeg 151.101.14.109
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f1.media.brightcove.com/8/1568176135/1568176135_5773469399001_5773462992001-th.jpg?pubId=1568176135&videoId=5773462992001
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 151.101.14.109 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 3b5080a2b48b797b64810118ff4001ba4b5bc198b4d711e1f6b1b3945e0183cd

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
via: 1.1 3f79bd6e6d566524132d180c9c1505f9.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age: 6046939
x-cache: RefreshHit from cloudfront, HIT, HIT
status: 200
x-cache-hits: 2, 966
content-length: 4681
x-served-by: cache-iad2136-IAD, cache-fra19136-FRA
last-modified: Thu, 19 Apr 2018 21:38:14 GMT
x-timer: S1531920589.675335,VS0,VE0
etag: "c9780f19898732abd1c2ac4dfb9920ef"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-cf-id: AcjnEHC0DojI-RoJCFe8OSg_KAsdNtmesaMXuksFzXjNnkuYvt3RRg==
expires: Mon, 14 May 2018 18:25:06 GMT

GET
S 200 comment.png
img.deusm.com/informationweek/ 1 KB
1 KB 8ms
8ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/informationweek/comment.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f65ccd30d1c95588b51035a804dd49090d7fbe6c2829a576a31d1b6a3e0f86b

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Nov 2013 19:22:53 GMT
server: cloudflare
etag: "446-4eba0b5215d40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f6cd7bf2a-FRA
content-length: 1094

GET
S 200 1568176135_5784097608001_5783617576001-th.jpg
f1.media.brightcove.com/8/1568176135/ 4 KB
5 KB 6ms
6ms Image
image/jpeg 151.101.14.109
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f1.media.brightcove.com/8/1568176135/1568176135_5784097608001_5783617576001-th.jpg?pubId=1568176135&videoId=5783617576001
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 151.101.14.109 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: e9df4118d14665e191e29d99ee21ce5b2ee8ed3bab913c51ef2cd6a5119504c7

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
via: 1.1 aacaf57a89a827fd9e2cbb6fe0d21e43.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age: 5122354
x-cache: Miss from cloudfront, HIT, HIT
status: 200
x-cache-hits: 1, 1000
content-length: 4467
x-served-by: cache-iad2148-IAD, cache-fra19136-FRA
last-modified: Sat, 12 May 2018 22:01:37 GMT
x-timer: S1531920589.681312,VS0,VE0
etag: "32d3806727506350c0deef42f1b2d6f4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-cf-id: FyrY-Lenvm_NiQXhovFKxLM-JEV4yASsDp6sZR48bHubAxLeCqxi1A==
expires: Sun, 27 May 2018 06:37:14 GMT

GET
S 200 1568176135_5773461165001_5773458683001-th.jpg
f1.media.brightcove.com/8/1568176135/ 4 KB
4 KB 6ms
5ms Image
image/jpeg 151.101.14.109
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f1.media.brightcove.com/8/1568176135/1568176135_5773461165001_5773458683001-th.jpg?pubId=1568176135&videoId=5773458683001
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 151.101.14.109 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 8ec6d166aa1158dc381e0db6f9d6c44754ee904009d6007956b76e1b858d2375

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
via: 1.1 36e16637a2b5592f1b01e48a4949ddd6.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age: 7069813
x-cache: Miss from cloudfront, HIT, HIT
status: 200
x-cache-hits: 1, 994
content-length: 4260
x-served-by: cache-iad2128-IAD, cache-fra19136-FRA
last-modified: Thu, 19 Apr 2018 21:27:14 GMT
x-timer: S1531920589.685442,VS0,VE0
etag: "8bd222ff9ffb7e943a2ae755776242aa"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-cf-id: ADOE-cRzCZQ1Sxr24QcZx9VjO-Y5zUQr86L1qFHy0lT2UELmjR9JPA==
expires: Fri, 04 May 2018 17:39:36 GMT

GET
S 200 1568176135_5776992670001_5773468054001-th.jpg
f1.media.brightcove.com/8/1568176135/ 4 KB
5 KB 6ms
6ms Image
image/jpeg 151.101.14.109
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f1.media.brightcove.com/8/1568176135/1568176135_5776992670001_5773468054001-th.jpg?pubId=1568176135&videoId=5773468054001
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 151.101.14.109 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 191d783dc280e1bdb1570c2bc95280d8eee37f9bc1e6e38cbaf20b728e58e47a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
via: 1.1 c22c4412e99cd1531f9be3528fe422a5.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age: 3101762
x-cache: Miss from cloudfront, HIT, HIT
status: 200
x-cache-hits: 145, 3
content-length: 4456
x-served-by: cache-iad2129-IAD, cache-fra19136-FRA
last-modified: Thu, 26 Apr 2018 23:06:29 GMT
x-timer: S1531920589.687564,VS0,VE0
etag: "a4b57ffbc5ff68851219af72fb46f8a9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-cf-id: sI6lqvS4OTvgq2QNDN7RuV07XqCfvDClNxqdj5_HZuOvRlx3_71YGw==
expires: Tue, 19 Jun 2018 15:53:46 GMT

GET
S 200 1568176135_5788687864001_5788643094001-th.jpg
f1.media.brightcove.com/8/1568176135/ 5 KB
5 KB 6ms
5ms Image
image/jpeg 151.101.14.109
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f1.media.brightcove.com/8/1568176135/1568176135_5788687864001_5788643094001-th.jpg?pubId=1568176135&videoId=5788643094001
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 151.101.14.109 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 782a340d057803677dc10a367af55c945c4df5aaad306b88b0f4feded7dab609

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
via: 1.1 369b7b53ff47d9af0628945b11e4d56e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age: 4171957
x-cache: Miss from cloudfront, HIT, HIT
status: 200
x-cache-hits: 5, 969
content-length: 4628
x-served-by: cache-iad2129-IAD, cache-fra19136-FRA
last-modified: Wed, 23 May 2018 15:22:38 GMT
x-timer: S1531920589.691177,VS0,VE0
etag: "f625e2e58d50688c70d6c60d85d02c04"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-cf-id: HKDHnovyurfeYJ0pYY9y3CjE5QrzhZbMUDqmD4-fSmY8Vq8_yHvWfw==
expires: Thu, 07 Jun 2018 06:37:13 GMT

GET
S 200 1568176135_5779081066001_5773418898001-th.jpg
f1.media.brightcove.com/8/1568176135/ 4 KB
5 KB 6ms
5ms Image
image/jpeg 151.101.14.109
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f1.media.brightcove.com/8/1568176135/1568176135_5779081066001_5773418898001-th.jpg?pubId=1568176135&videoId=5773418898001
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 151.101.14.109 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 4425fb27b6358a4bf89513cc75f00b6446480d153082f6062d8d93b4f6bc9a61

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
via: 1.1 6419ba8f3bd94b651d416054d9416f1e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age: 6046939
x-cache: Miss from cloudfront, HIT, HIT
status: 200
x-cache-hits: 1, 980
content-length: 4454
x-served-by: cache-iad2129-IAD, cache-fra19136-FRA
last-modified: Tue, 01 May 2018 22:13:49 GMT
x-timer: S1531920589.693723,VS0,VE0
etag: "a55706b1a5298af7dbf3cf815cc15d3a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-cf-id: fAf7qTQ8bFNG13G_DtvT_f5JTzLr1TyqD2uBme0cLK70Pg-viSlxpA==
expires: Wed, 16 May 2018 13:47:29 GMT

GET
S 200 1568176135_5783232893001_5783113179001-th.jpg
f1.media.brightcove.com/8/1568176135/ 5 KB
5 KB 6ms
6ms Image
image/jpeg 151.101.14.109
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f1.media.brightcove.com/8/1568176135/1568176135_5783232893001_5783113179001-th.jpg?pubId=1568176135&videoId=5783113179001
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 151.101.14.109 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 3d99e0fb6774db09d1d291a448925ce0e88f9b8dc22297cf415e02f60d1a347e

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
via: 1.1 ec0cb1e56868eb0962679bf88410618b.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age: 5294255
x-cache: Miss from cloudfront, HIT, HIT
status: 200
x-cache-hits: 4, 981
content-length: 4631
x-served-by: cache-iad2136-IAD, cache-fra19136-FRA
last-modified: Thu, 10 May 2018 17:40:05 GMT
x-timer: S1531920589.697681,VS0,VE0
etag: "b5949f6303bf9f0847798548a14a7aa0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-cf-id: JywEFK3ClWk9bWKXLWAf09DW8NtSmZNUMLHuwHS-XnH-Jnk-z8Oppw==
expires: Fri, 25 May 2018 06:52:12 GMT

GET
S 200 1568176135_5778571258001_5772348025001-th.jpg
f1.media.brightcove.com/8/1568176135/ 5 KB
5 KB 6ms
5ms Image
image/jpeg 151.101.14.109
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f1.media.brightcove.com/8/1568176135/1568176135_5778571258001_5772348025001-th.jpg?pubId=1568176135&videoId=5772348025001
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 151.101.14.109 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 2a73eb05f040c713e924f46a094b36123db178f032724768d40a2d0606b54a02

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
via: 1.1 986a2cb4ab6fb48c9a4379a4e9d691c4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age: 6112611
x-cache: Miss from cloudfront, HIT, HIT
status: 200
x-cache-hits: 1, 984
content-length: 5287
x-served-by: cache-iad2143-IAD, cache-fra19136-FRA
last-modified: Mon, 30 Apr 2018 19:45:17 GMT
x-timer: S1531920589.700206,VS0,VE0
etag: "588e0ec0c2df802fc0e7232dbd7949b7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-cf-id: Phb3qJjYRBevTghiLzZBXcJyXifAOH_sGJ2Dt3GTXdkHOeRdgsnGww==
expires: Tue, 15 May 2018 19:32:58 GMT

GET
S 200 1568176135_5772690061001_5772646282001-th.jpg
f1.media.brightcove.com/8/1568176135/ 5 KB
5 KB 6ms
5ms Image
image/jpeg 151.101.14.109
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f1.media.brightcove.com/8/1568176135/1568176135_5772690061001_5772646282001-th.jpg?pubId=1568176135&videoId=5772646282001
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 151.101.14.109 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 17f8ee4b20bb10212f98818a396b8c2a49e66b0b58969997c14837b289d14d39

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
via: 1.1 f386c6344bfea5bd933784c055350a74.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age: 6203082
x-cache: Miss from cloudfront, HIT, HIT
status: 200
x-cache-hits: 15, 961
content-length: 5076
x-served-by: cache-iad2129-IAD, cache-fra19136-FRA
last-modified: Wed, 18 Apr 2018 16:38:32 GMT
x-timer: S1531920589.703990,VS0,VE0
etag: "9177a500a93f9eec33a3b8fd43ee3622"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-cf-id: ANytVHy6c2A8XDnNIVzSnXkRfR1Vh9xbKmhLeIr_hHP64BoveFoBaA==
expires: Mon, 14 May 2018 18:25:06 GMT

GET
S 200 1568176135_5772609896001_5772593446001-th.jpg
f1.media.brightcove.com/8/1568176135/ 4 KB
4 KB 6ms
5ms Image
image/jpeg 151.101.14.109
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f1.media.brightcove.com/8/1568176135/1568176135_5772609896001_5772593446001-th.jpg?pubId=1568176135&videoId=5772593446001
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 151.101.14.109 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: b388e920bb8954872f4b428857c5c5c42590e5f1b3508bb89b946271d6299f56

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
via: 1.1 bcaa616eaffeeb31e6c9015320755821.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age: 6203081
x-cache: Miss from cloudfront, HIT, HIT
status: 200
x-cache-hits: 175, 4309
content-length: 4120
x-served-by: cache-iad2124-IAD, cache-fra19136-FRA
last-modified: Wed, 18 Apr 2018 14:33:31 GMT
x-timer: S1531920589.706370,VS0,VE0
etag: "bcde518011db3b025c7180cea36f94ce"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-cf-id: S5aSfcST9cWVuGiRUM98_m32rbSUxivzNt75r1kA5UEcIpFeoYxlgw==
expires: Mon, 14 May 2018 18:25:06 GMT

GET
S 200 1568176135_5772690144001_5772652003001-th.jpg
f1.media.brightcove.com/8/1568176135/ 5 KB
5 KB 6ms
5ms Image
image/jpeg 151.101.14.109
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f1.media.brightcove.com/8/1568176135/1568176135_5772690144001_5772652003001-th.jpg?pubId=1568176135&videoId=5772652003001
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 151.101.14.109 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 8d1723053829d193f99048103c55c14c63646d43b7dd1ff106b61c8a89b1c84d

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
via: 1.1 a309987e837bea95a29acd044ce7a296.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age: 6203083
x-cache: Miss from cloudfront, HIT, HIT
status: 200
x-cache-hits: 2, 982
content-length: 4644
x-served-by: cache-iad2138-IAD, cache-fra19136-FRA
last-modified: Wed, 18 Apr 2018 16:45:53 GMT
x-timer: S1531920589.710159,VS0,VE0
etag: "cfa1d7870cc8e21187297ee4939195e5"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-cf-id: KAHBd2hvsHN3WQL48LW82JrqUXUeIn_k1rotJpMol-xE5NuoecXB_g==
expires: Mon, 14 May 2018 18:25:06 GMT

GET
S 200 1568176135_5776422681001_5772648497001-th.jpg
f1.media.brightcove.com/8/1568176135/ 5 KB
5 KB 10ms
7ms Image
image/jpeg 151.101.14.109
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f1.media.brightcove.com/8/1568176135/1568176135_5776422681001_5772648497001-th.jpg?pubId=1568176135&videoId=5772648497001
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 151.101.14.109 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: c7226f44a59791c68713cb9aa83441c3662008d669ae233630588c51d99c60c5

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
via: 1.1 93ce452f2dc7ff8826d0735f5484ce62.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age: 6203082
x-cache: Miss from cloudfront, HIT, HIT
status: 200
x-cache-hits: 1, 972
content-length: 4768
x-served-by: cache-iad2127-IAD, cache-fra19136-FRA
last-modified: Wed, 25 Apr 2018 23:07:39 GMT
x-timer: S1531920589.714973,VS0,VE0
etag: "78c8d2937604dbee7e7895a80e2e8bc0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-cf-id: rz-VlVNp7ltpdcTQAigRKB4B40ClkiFBs02rMpg7-Ap8nvQzCkWhFw==
expires: Mon, 14 May 2018 18:25:05 GMT

GET
S 200 video-arrow_right_on.gif
img.deusm.com/darkreading/ 2 KB
3 KB 11ms
10ms Image
image/gif 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/video-arrow_right_on.gif
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7d1ee4f5a608fa05b8f9c6cbd47e3eab7516facc3380d704b7332805877afff

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Mar 2014 15:55:19 GMT
server: cloudflare
etag: "9f7-4f49318b927c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f7cdebf2a-FRA
content-length: 2551

GET
S 200 GenieJK.jpg
img.deusm.com/darkreading/MarilynCohodas/ 429 KB
429 KB 24ms
23ms Image
image/jpeg 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/MarilynCohodas/GenieJK.jpg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4164e3387f0161deb95d516092ab936da8219d81a1c870cd7ce52960f6a1fc88

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Jul 2018 14:39:48 GMT
server: cloudflare
etag: "6b272-570a61a14b500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f7ce1bf2a-FRA
content-length: 438898

GET
S 200 CoverPhoto.JPG
twimgs.com/nojitter/darkreading/DE/ 69 KB
70 KB 25ms
25ms Image
image/jpeg 2400:cb00:2048:1::681b:85c7
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twimgs.com/nojitter/darkreading/DE/CoverPhoto.JPG
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:85c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba8023a3e4a52540fb3736991313a3ee9d5d6783c73d6e05c36f18103ca707da

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Tue, 15 May 2018 20:05:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 43c54c9f7b3963d3-FRA
content-length: 71137
expires: Thu, 19 Jul 2018 13:29:48 GMT

GET
H2 200 survey_jspage.asp Show response
www.darkreading.com/ 7 KB
1 KB 142ms
142ms Script
text/html 2400:cb00:2048:1::6811:7863
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/survey_jspage.asp?survey_id=130&cbust=47607

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6811:7863 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b6eba78727a5f82c5d95e1daa98ad8365eb9754da3dd0060a5be5e2ae46b7644

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /survey_jspage.asp?survey_id=130&cbust=47607
pragma: no-cache
cookie: __cfduid=dcd3e83a646c63fe2cc66fa84a3e233fb1531920586; darkreading_lastvisit=7/18/2018 9:29:47 AM; cplChannelTagID=; darkreading%2Dmeter=1332166; darkreading%5Fvisits=2; check=true; piddlNGSiteReferer=/; piddlNGPageReferer=/; AMCVS_77FB1CFE532B22840A490D45%40AdobeOrg=1; AMCV_77FB1CFE532B22840A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C17731%7CMCMID%7C75400558995647666862962892964607426200%7CMCAAMLH-1532525388%7C9%7CMCAAMB-1532525388%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1531927788s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C3.1.2; mbox=session#629e5494e80349d3aa38f83cce5b4663#1531922449
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.darkreading.com
referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
:scheme: https
:method: GET
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
server: cloudflare
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cache-control: private
set-cookie: darkreading_lastvisit=7/18/2018 9:29:48 AM; expires=Mon, 18-Jul-2033 13:29:48 GMT; path=/; HttpOnly darkreading%5Fvisits=3; expires=Mon, 18-Jul-2033 04:00:00 GMT; path=/
cf-ray: 43c54c9e1a9096b2-FRA

GET
S 200 DR_Rpt.JPG
twimgs.com/custom_content/ 148 KB
148 KB 10ms
9ms Image
image/jpeg 2400:cb00:2048:1::681b:85c7
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twimgs.com/custom_content/DR_Rpt.JPG
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:85c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b66e41af63c9ab0ab86c7dd06c1915aaeda181134ef6af007246b2f09b29c2ed

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Mon, 11 Jun 2018 21:20:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 43c54c9f7b3a63d3-FRA
content-length: 151328
expires: Thu, 19 Jul 2018 13:29:48 GMT

GET
S 200 DR-bug.png
img.deusm.com/darkreading/ 1 KB
2 KB 9ms
9ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/DR-bug.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f30d5c0433d74c8224a2343a3c6c08468015909c22315b8693f9bdee33f48217

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Feb 2014 14:56:01 GMT
server: cloudflare
etag: "5d2-4f2ebd1fb8240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f7ce3bf2a-FRA
content-length: 1490

GET
S 200 dr-footer-logo-new.jpg
img.deusm.com/darkreading/ 5 KB
5 KB 9ms
9ms Image
image/jpeg 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/dr-footer-logo-new.jpg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04f784c83e6dde0588704c7fcc52d62e657f5b09012bb62a1d309d3adc774306

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2016 07:03:32 GMT
server: cloudflare
etag: "125e-540d8dad41900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f7ce4bf2a-FRA
content-length: 4702

GET
S 200 footergreyblack.css
twimgs.com/nojitter/css/ 3 KB
1016 B 14ms
13ms Stylesheet
text/css 2400:cb00:2048:1::681b:85c7
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://twimgs.com/nojitter/css/footergreyblack.css
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:85c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4587735e3d5dc5ef5149eae835aeb69f971575da9d4a293d9bffbb1dc25afa6b

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2017 10:50:58 GMT
server: cloudflare
etag: "d11-54e23bb5fe880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 43c54c97cbf163d3-FRA
content-length: 855
expires: Wed, 18 Jul 2018 17:29:47 GMT

GET
S 200 UBM_Logo_PMS669.png
img.deusm.com/images/ 1 KB
2 KB 16ms
16ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/images/UBM_Logo_PMS669.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 902118c5436b3d46d79f44c3f8e7012eb9acc9b4b341e034e7bf0259aca4b425

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2017 13:10:17 GMT
server: cloudflare
etag: "5c4-548a584b7e040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f8cf4bf2a-FRA
content-length: 1476

GET
S 200 elqCfg.js Show response
twimgs.com/informationweek/elqNow/ 3 KB
1 KB 14ms
12ms Script
application/javascript 2400:cb00:2048:1::681b:85c7
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://twimgs.com/informationweek/elqNow/elqCfg.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:85c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45e31bcb4f072d9f442333ad139c3085bcf881955711d866035342f3028f4558

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 May 2011 21:27:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-ray: 43c54c9f1a9963d3-FRA
expires: Thu, 19 Jul 2018 13:29:48 GMT

GET
S 200 elqImg.js Show response
twimgs.com/informationweek/elqNow/ 713 B
423 B 16ms
15ms Script
application/javascript 2400:cb00:2048:1::681b:85c7
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://twimgs.com/informationweek/elqNow/elqImg.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:85c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c94ad448b05002218551938d40e2baf3617a3d56a4455729d84993a5b7b311cf

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Oct 2013 20:43:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-ray: 43c54c9f1a9b63d3-FRA
expires: Thu, 19 Jul 2018 13:29:48 GMT

GET
S 200 dev_adBlockerTrack.js Show response
twimgs.com/nojitter/js/ 2 KB
869 B 17ms
16ms Script
application/javascript 2400:cb00:2048:1::681b:85c7
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://twimgs.com/nojitter/js/dev_adBlockerTrack.js?v1
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681b:85c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9053ec3a7a0bdbdcb96173299c0ba89bc15f3134849fff570e37d6322676304

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Feb 2018 09:08:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-ray: 43c54c9f1a9d63d3-FRA
expires: Thu, 19 Jul 2018 13:29:48 GMT

GET
S 200 ubm-tech-global-app-measurement.js Show response
epromos.ubmcanon.com/s_code/ 56 KB
21 KB 12ms
10ms Script
text/javascript 2400:cb00:2048:1::6818:452
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://epromos.ubmcanon.com/s_code/ubm-tech-global-app-measurement.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::6818:452 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 924b3a471d549de6251aea0e74fe6eb136141d3f0a8bf001906fff933dec45d4

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 14 Jul 2018 00:08:25 GMT
server: cloudflare
etag: W/"180789-df4a-570ea6525b8fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 43c54c9f19f163a9-FRA
expires: Wed, 18 Jul 2018 17:29:48 GMT

GET
H2

200

spacer.gif
img.deusm.com/images/
Redirect Chain

https://www.darkreading.com/client_pathlog.asp?p=%2Fdarkreading%2Fsection%2F314&f=%2Fdarkreading%2Fsection%2F314%2F1332166&rndserial=34187
https://img.deusm.com/images/spacer.gif

49 B
151 B

14ms
13ms

Image
image/gif

2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/images/spacer.gif
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c5b83e390d046c3623c4b8e35b58aaf64a7481bb2372fb51ae2e0e7818f7407

Request headers

:path: /images/spacer.gif
pragma: no-cache
cookie: __cfduid=df43a41d5cfcffc97c61050a9b8a242ac1531920588
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: img.deusm.com
referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
:scheme: https
:method: GET
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2000 01:54:07 GMT
server: cloudflare
etag: "31-3737c29f20dc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
accept-ranges: bytes
cf-ray: 43c54ca35866bf2a-FRA
content-length: 49

Redirect headers

date: Wed, 18 Jul 2018 13:29:49 GMT
server: cloudflare
status: 302
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://img.deusm.com/images/spacer.gif
cache-control: private
set-cookie: __cfduid=d79b7dea546066607b824e125ebe9be551531920588; expires=Thu, 18-Jul-19 13:29:48 GMT; path=/; domain=.darkreading.com; HttpOnly darkreading_lastvisit=7/18/2018 9:29:49 AM; expires=Mon, 18-Jul-2033 13:29:49 GMT; path=/; HttpOnly darkreading%5Fvisits=4; expires=Mon, 18-Jul-2033 04:00:00 GMT; path=/
cf-ray: 43c54c9f8bdb96b2-FRA

GET
S 200 lightreading_rating_dot_10x7.gif
img.deusm.com/lightreading/ 49 B
146 B 12ms
11ms Image
image/gif 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/lightreading/lightreading_rating_dot_10x7.gif
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c5b83e390d046c3623c4b8e35b58aaf64a7481bb2372fb51ae2e0e7818f7407

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Sep 2013 21:21:36 GMT
server: cloudflare
etag: "31-4e73bd694b800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f8cfdbf2a-FRA
content-length: 49

GET
S 200 twitter_intevol_18x18.gif
img.deusm.com/darkreading/ 619 B
718 B 45ms
44ms Image
image/gif 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/twitter_intevol_18x18.gif
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebe3a0272a317857bf566a0deec42181bf0e89d280bb3143bba14da1ae1ddb10

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2018 10:56:35 GMT
server: cloudflare
etag: "26b-564c561c21ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
accept-ranges: bytes
cf-ray: 43c54c9f8cfebf2a-FRA
content-length: 619

GET
H/1.1 200
OK beacon-min.js Show response
ins.techweb.com/beacon/js/ 6 KB
6 KB 429ms
112ms Script
application/javascript 2620:103::192:155:48:48
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.techweb.com/beacon/js/beacon-min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 2620:103::192:155:48:48 , United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: INS /
Resource Hash: a290ede885635a3f7bb2b8e630bf795f15dde146fea32520b775bee1b2926ff3

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:48 GMT
Last-Modified: Thu, 23 Mar 2017 17:04:42 GMT
Server: INS
ETag: W/"6108-1490288682000"
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 6108

GET
H/1.1 200
OK id Show response
ubmtech.d3.sc.omtrdc.net/ 3 B
527 B 121ms
64ms XHR
application/x-javascript 172.82.228.18
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ubmtech.d3.sc.omtrdc.net/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=77FB1CFE532B22840A490D45%40AdobeOrg&mid=75400558995647666862962892964607426200&ts=1531920588155

Requested by

Host: epromos.ubmcanon.com
URL: https://epromos.ubmcanon.com/VisitorAPI.js?ormzkk

Protocol

HTTP/1.1

Server

172.82.228.18 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

*.d3.sc.omtrdc.net

Software

Omniture DC /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Wed, 18 Jul 2018 13:29:48 GMT
X-Content-Type-Options: nosniff
Server: Omniture DC
xserver: www289
Vary: Origin
Access-Control-Allow-Methods: GET, POST, DELETE
P3P: CP="This is not a P3P policy"
Access-Control-Allow-Origin: https://www.darkreading.com
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 3
X-XSS-Protection: 1; mode=block
X-C: ms-6.4.0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=73724715947845414852877131980758237291
https://dpm.demdex.net/ibs:dpid=411&dpuuid=W09AzAAABXURIDx0
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=W09AzAAABXURIDx0

42 B
801 B

191ms
191ms

Image
image/gif

52.25.33.8
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=W09AzAAABXURIDx0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 52.25.33.8 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-25-33-8.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: usw2-prod-dcs-066f5b487.edge-usw2.demdex.com 5.33.0.20180628075140 4ms
Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:49 GMT
X-TID: rwV/V/ROT9U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:48 GMT
X-TID: Q4/OhKZNR6M=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=W09AzAAABXURIDx0
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 2009 00:00:00 GMT

GET
S 200 json Show response
ubm.tt.omtrdc.net/m2/ubm/mbox/ 97 B
370 B 304ms
303ms XHR
application/json 66.117.29.3
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://ubm.tt.omtrdc.net/m2/ubm/mbox/json?mbox=target-global-mbox&mboxSession=629e5494e80349d3aa38f83cce5b4663&mboxPC=&mboxPage=20635d7d214c4357aaf032ca798a1658&mboxVersion=1.0.0&mboxCount=1&mboxTime=1531920588282&mboxHost=www.darkreading.com&mboxURL=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&mboxMCGVID=75400558995647666862962892964607426200&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCAVID=&mboxMCGLH=9&vst.trk=ubmtech.d3.sc.omtrdc.net&vst.trks=ubmtech.d3.sc.omtrdc.net&mboxMCSDID=085A23554CE1A718-30340006869BE79A
Requested by: Host: epromos.ubmcanon.com
URL: https://epromos.ubmcanon.com/at.js?ormzkk
Protocol: SPDY
Server: 66.117.29.3 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: /
Resource Hash: d88da936f62f574064016b9a09360a34583089f648bb6ab4c5b9bfdc9826f9e6

Request headers

Accept: application/json
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jul 2018 13:29:48 GMT
content-type: application/json;charset=UTF-8
status: 200
vary: Origin
p3p: CP="NOI DSP CURa OUR STP COM", CP="NOI DSP CURa OUR STP COM"
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 97
x-application-context: edge:prod,prod-prod26,prod-prod26-app,prod26:11180

GET
S 200 api.js Show response
www.google.com/recaptcha/ 833 B
559 B 16ms
16ms Script
text/javascript 2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=rcCallback&render=explicit

Requested by

Host: dsimg.ubm-us.net
URL: https://dsimg.ubm-us.net/ubm-widget/js/ubm-widget-min.js

Protocol

SPDY

Server

2a00:1450:4001:817::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

0a59036c0fd834748c8e4ba48af3d0982890df78c3d529b5d8d923855e85c518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 467
x-xss-protection: 1; mode=block
expires: Wed, 18 Jul 2018 13:29:48 GMT

GET
S 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:817::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 4708
date: Wed, 18 Jul 2018 12:11:20 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17168
expires: Wed, 18 Jul 2018 14:11:20 GMT

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

611aa9f02b152c3e9a171475d6b9623300d51c92a96edd39a1e84d72336d83e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "5 / 748 of 1000 / last-modified: 1531871845"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 7855
x-xss-protection: 1; mode=block
expires: Wed, 18 Jul 2018 13:29:48 GMT

GET
S 200 pubads_impl_232.js Show response
securepubads.g.doubleclick.net/gpt/ 179 KB
62 KB 41ms
40ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

sffe /

Resource Hash

c7fe9f3ef41048988ca528f7ff45a3d503cdb99f5f0844034160f10ee3e38899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Jul 2018 13:50:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 62863
x-xss-protection: 1; mode=block
expires: Wed, 18 Jul 2018 13:29:48 GMT

GET
S 200 integrator.sync.js Show response
adservice.google.de/adsid/ 113 B
175 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.darkreading.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 108
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK / Show response
api-cache.adsnative.com/v1/host/www.darkreading.com/ 23 B
584 B 33ms
6ms Script
application/json 23.111.11.217
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: https://api-cache.adsnative.com/v1/host/www.darkreading.com/?&callback=an_callback_lookup
Requested by: Host: static.adsnative.com
URL: https://static.adsnative.com/static/js/render.v1.js
Protocol: HTTP/1.1
Server: 23.111.11.217 Phoenix, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: bec4f2f082be46c47ba8f2398813bb3c90495d69405fa0981506b1fd13ba29d6

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:48 GMT
Server: NetDNA-cache/2.2
Vary: Accept-Language
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Language: en
Cache-Control: max-age=900
Access-Control-Allow-Credentials: true
X-From: an-prod-ralphie-frontline-casks.us-east-1
X-Cache: HIT
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Length: 23

GET
H/1.1

504
GATEWAY_TIMEOUT

cm.gif
rudy.adsnative.com/
Redirect Chain

https://rudy.adsnative.com/cm.gif
https://ad.mail.ru/cm.gif?p=85&id=e05c8d21-7ce9-47c8-9905-8b3e4f7baf8b&dspid=692015568
https://rudy.adsnative.com/cm.gif?dspid=692015568&buid=c5690e0765190e9c
https://ib.adnxs.com/getuid?https://rudy.adsnative.com/cm.gif?dspid=1213086687&buid=$UID&smode=1
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frudy.adsnative.com%2Fcm.gif%3Fdspid%3D1213086687%26buid%3D%24UID%26smode%3D1
https://rudy.adsnative.com/cm.gif?dspid=1213086687&buid=8096334911614428873&smode=1

0
75 B

32ms
31ms

Image
text/plain

34.241.222.191
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rudy.adsnative.com/cm.gif?dspid=1213086687&buid=8096334911614428873&smode=1
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 34.241.222.191 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-241-222-191.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:51 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.107:80
AN-X-Request-Uuid: 2cfe8659-63fe-4276-85ea-44787c0bd456
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rudy.adsnative.com/cm.gif?dspid=1213086687&buid=8096334911614428873&smode=1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 10ms
9ms Script
application/x-javascript 104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 104.111.214.103 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:48 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Thu, 19 Jul 2018 13:29:48 GMT

GET
S 200 fbevents.js Show response
connect.facebook.net/en_US/ 42 KB
13 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

ca6b17e5dc2b1e309dfa3c52997318943326a519de92ad1c1c913ad45e4c6077

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 13329
x-xss-protection: 0
pragma: public
x-fb-debug: WujQy029r9Xd6bIUAPR+/ryU/74KdxUPLK+87ttlJuHTZaVU8kEd9O8HJr8OAmwWTRI0MApAAxSJu6YXmeHdOw==
x-frame-options: DENY
date: Wed, 18 Jul 2018 13:29:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
1 KB 13ms
12ms Script
application/javascript 159.122.87.148
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=32069&u=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&r=0.4395669722184181
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 94.57.7a9f.ip4.static.sl-reverse.com
Software: fra1dacdn /
Resource Hash: d61b7d35da47536ed3481e9341eea1645d69be6ec472b52c45d94af814054a49

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
server: fra1dacdn
content-type: application/javascript; charset=UTF-8

GET
S 200 log.js Show response
u.heatmap.it/ 26 KB
11 KB 9ms
9ms Script
application/x-javascript 46.105.202.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://u.heatmap.it/log.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: a595433d67e962d907ba55eee2997f0a4d93eef66f96f42a70cae2b0d198481f

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
last-modified: Thu, 07 Jun 2018 07:38:25 GMT
x-cdn-pop-ip: 137.74.120.32/27
x-cacheable: Matched cache
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
status: 200
cache-control: max-age=3600
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 10646
expires: Tue, 17 Jul 2018 19:32:28 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 59 KB
15 KB 107ms
107ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3701672497987328&correlator=4331365676662720&output=json_html&callback=googletag.impl.pubads.setAdContentsBySlotForSync&impl=ss&adsid=NT&json_a=1&eid=21062288&vrg=232&guci=1.2.0.0.2.2.0&sc=1&sfv=1-0-29&iu_parts=2441%2Cdarkreading%2Cthreat_intelligence&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=2x2%2C5x5%2C300x250%7C336x280%7C300x600%7C336x850%2C6x6%2C1x2%2C728x90%7C970x250%2C336x27%2C300x250%7C336x280%7C300x600%7C336x850%2C300x60%2C3x3%2C4x4%2C8x2%2C8x4&prev_scp=pos%3Dwelcome%7Cpos%3DTAPunit%7Cpos%3Drec1%7Cpos%3Dpromo%7Cpos%3Dwallpaper%7Cpos%3Dtop%7Cpos%3Dlogo%7Cpos%3Drec2%7Cpos%3Deventpromo%7Cpos%3Dribbon%7Cpos%3Dvideo%7Cpos%3Dnative%7Cpos%3Dinsight&cust_params=kw%3DAttacks%252CAttacks-Breaches%252CBreaches%252CCloud%252CCloud%26aid%3D1332166&cookie_enabled=1&bc=7&abxe=1&lmt=1531920588&dt=1531920588668&frm=20&biw=1600&bih=1200&oid=3&adxs=0%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=0%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=2939462539%2C1978988809%2C1970779331%2C2358655773%2C2890945858%2C4212726612%2C2547694139%2C1970779328%2C1767311320%2C1264623177%2C1580033366%2C1909009090%2C3277028592&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&dssz=40&icsg=64424561280&std=0&csl=58&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1200%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&msz=1600x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&ga_vid=1010753113.1531920589&ga_sid=1531920589&ga_hid=1592515735

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Protocol

SPDY

Server

172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

b5b8b243e29c5ae0861d2dd82bb4e23152cef3a883d9955194875767ff2b5226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 14873
x-xss-protection: 1; mode=block
google-lineitem-id: 140048676,4710073630,4710073630,-2,4710073630,4725472215,-2,4725104341,-2,-2,42403476,4703302961,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 96102516636,138236492235,138236554625,-2,138236554622,138238153288,-2,138237875437,-2,-2,138212589663,138236015353,-2
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_232.js Show response
securepubads.g.doubleclick.net/gpt/ 42 KB
16 KB 40ms
40ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_232.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Protocol

SPDY

Server

172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

sffe /

Resource Hash

906fe8798eeaa303394db1cce162a4068073978bf3a6f8308dfbaf1ea49d2fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Jul 2018 13:50:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 16413
x-xss-protection: 1; mode=block
expires: Wed, 18 Jul 2018 13:29:48 GMT

GET
S 200 container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js
Protocol: SPDY
Server: 2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires: Thu, 11 Jul 2019 09:11:46 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 11 Jun 2018 14:38:59 GMT
content-type: text/html

GET
H/1.1 200
OK dest5.html
ubm.demdex.net/ Frame BC8D 0
0 708ms
179ms Document
text/html 52.33.200.77
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ubm.demdex.net/dest5.html?d_nsid=0
Requested by: Host: epromos.ubmcanon.com
URL: https://epromos.ubmcanon.com/VisitorAPI.js?ormzkk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.200.77 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-33-200-77.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: ubm.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E88D36113169FDDE12FD6800890E2B17
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 18 Jul 2018 13:29:49 GMT
Last-Modified: Wed, 18 Jul 2018 13:27:26 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Vary: Accept-Encoding, User-Agent
X-TID: J8MyT/kxRTA=
Content-Length: 2766
Connection: keep-alive

GET
S 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
101 B 14ms
13ms Image
image/gif 2a00:1450:4001:817::2008
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1429593029&utmhn=www.darkreading.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Coin%20Miner%20Malware%20Spikes%20629%25%20in%20%27Telling%27%20Q1&utmhid=1592515735&utmr=-&utmp=%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&utmht=1531920588768&utmac=UA-30302365-1&utmcc=__utma%3D199458747.1010753113.1531920589.1531920589.1531920589.1%3B%2B__utmz%3D199458747.1531920589.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1386867667&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAQAAAAE~

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:817::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jul 2018 13:29:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1531117903872/ 236 KB
76 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1531117903872/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=rcCallback&render=explicit

Protocol

SPDY

Server

2a00:1450:4001:817::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1e938ccc4226bbf2f325c85b7747671f4076075575c44bc5effc89f68235d4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 16 Jul 2018 11:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Jul 2018 23:31:15 GMT
server: sffe
age: 181177
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 77859
x-xss-protection: 1; mode=block
expires: Tue, 16 Jul 2019 11:10:11 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005435&ns__t=1531920588774&ns_c=windows-1252&cv=3.1&c8=Coin%20Miner%20Malware%20Spikes%20629%25%20in%20%27Telling%27%20Q1&c7=https%3A%2F%2Fwww.darkreadin...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005435&ns__t=1531920588774&ns_c=windows-1252&cv=3.1&c8=Coin%20Miner%20Malware%20Spikes%20629%25%20in%20%27Telling%27%20Q1&c7=https%3A%2F%2Fwww.darkreadi...

0
248 B

10ms
9ms

Image
text/plain

104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005435&ns__t=1531920588774&ns_c=windows-1252&cv=3.1&c8=Coin%20Miner%20Malware%20Spikes%20629%25%20in%20%27Telling%27%20Q1&c7=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&c9=
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 104.111.214.103 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:48 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=3005435&ns__t=1531920588774&ns_c=windows-1252&cv=3.1&c8=Coin%20Miner%20Malware%20Spikes%20629%25%20in%20%27Telling%27%20Q1&c7=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&c9=
Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:48 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
S 204 www.darkreading.com.js Show response
u.heatmap.it/conf/ 0
120 B 65ms
64ms Script
text/plain 46.105.202.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://u.heatmap.it/conf/www.darkreading.com.js
Requested by: Host: u.heatmap.it
URL: https://u.heatmap.it/log.js
Protocol: SPDY
Server: 46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Wed, 18 Jul 2018 13:29:48 GMT
x-cdn-pop: sbg
x-cacheable: Cacheable
x-cdn-pop-ip: 137.74.120.32/27
expires: Wed, 18 Jul 2018 13:34:49 GMT

GET
S 200 va-c9ff1f1e8ede7ad1d047a88294f0ddbc.js Show response
dev.visualwebsiteoptimizer.com/track/ 125 KB
44 KB 14ms
13ms Script
text/javascript 159.122.87.148
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/track/va-c9ff1f1e8ede7ad1d047a88294f0ddbc.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 94.57.7a9f.ip4.static.sl-reverse.com
Software: fra1dacdn /
Resource Hash: dbcb662e44916189321c628e7f1fada00542385eefe737d85090087767b9bea6

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
last-modified: Wed, 18 Jul 2018 06:11:05 GMT
server: fra1dacdn
status: 200
etag: "5b4ed9f9-ad0e"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 44302

GET
S 200 track-c9ff1f1e8ede7ad1d047a88294f0ddbc.js Show response
dev.visualwebsiteoptimizer.com/track/ 16 KB
6 KB 53ms
52ms Script
text/javascript 159.122.87.148
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/track/track-c9ff1f1e8ede7ad1d047a88294f0ddbc.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 94.57.7a9f.ip4.static.sl-reverse.com
Software: fra1dacdn /
Resource Hash: f9b0a8bcc91ed7136ce89dd900f73f9efd8b71de479232df493e2d708bc2460b

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
last-modified: Wed, 18 Jul 2018 06:11:05 GMT
server: fra1dacdn
status: 200
etag: "5b4ed9f9-1522"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5410

GET
S 200 opa-cb049aa1c6fac0244f929663dcca26e3.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 145 KB
46 KB 51ms
51ms Script
application/javascript 159.122.87.148
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/opa-cb049aa1c6fac0244f929663dcca26e3.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 94.57.7a9f.ip4.static.sl-reverse.com
Software: fra1dacdn /
Resource Hash: 24e53bb83f4ded1621c7fab49bf441930b55725d8c22ef8e1d3b8766cca3af34

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
last-modified: Tue, 10 Jul 2018 11:44:43 GMT
server: fra1dacdn
status: 200
etag: W/"5b449c2b-242ed"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800

GET
S 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
238 B 55ms
55ms Image
image/gif 159.122.87.148
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?a=32069&d=darkreading.com&u=D3043C58ABF0041BD51BCAFE85D4371F7&h=41a2a6c46c02eb90961aa5404c295723&t=false&r=0.8675892288176139

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

94.57.7a9f.ip4.static.sl-reverse.com

Software

fra1dacdn /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jul 2018 13:29:48 GMT
x-content-type-options: nosniff
server: fra1dacdn
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
S 200 832000476880185 Show response
connect.facebook.net/signals/config/ 62 KB
14 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/832000476880185?v=2.8.21&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

3cbf81a765cbfb571ed6b456e2ef659ea7d97c05eac2580e2d786169044b247c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 14373
x-xss-protection: 0
pragma: private
x-fb-debug: haXH9F+pAMJtgFVDV7BepYTNTK1fg7Y6zr7ZqQ8I5HW3tIUCRDKPSbwdDAU9K4l06JAloCtzhN6EkEvmvlIMYw==
date: Wed, 18 Jul 2018 13:29:48 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 background-pattern.png
img.deusm.com/darkreading/ 493 B
592 B 11ms
11ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/background-pattern.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98fb88ec226feae902fb7f98528a41db7abd7de155a6d7b65658c6ab7f2b95f4

Request headers

Referer: https://www.darkreading.com/styles/pano-framework.css?v1.26
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Feb 2014 14:56:01 GMT
server: cloudflare
etag: "1ed-4f2ebd1fb8240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54c9fed49bf2a-FRA
content-length: 493

GET
S 200 /
www.facebook.com/tr/ 44 B
246 B 16ms
7ms Image
image/gif 2a03:2880:f11c:8186:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=832000476880185&ev=PageView&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&rl=&if=false&ts=1531920588864&sw=1600&sh=1200&v=2.8.21&r=stable&ec=0&o=28&it=1531920588786
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 18 Jul 2018 13:29:48 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180711/r20110914/activeview/ 70 KB
26 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180711/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_232.js

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fa8dd1e3bb1fe9270f30d61b615e3921483883786e984e24e5c872d3e597cbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 13 Jul 2018 17:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26174
x-xss-protection: 1; mode=block
server: cafe
etag: 15297593273624130010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jul 2018 17:39:42 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 70 KB
26 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Protocol

SPDY

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a203507148f6ac9ac807eaabbcc715e08966d4c8d41374851c5813da246425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26249
x-xss-protection: 1; mode=block
server: cafe
etag: 2423183749728313736
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 18 Jul 2018 14:15:59 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ 0
246 B 18ms
17ms Image
text/html 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0xG1BjIJlQuYvzVRiq3qaX6p8k2wIvlQB8H4ILWjqKruZHptIMYZNbc-DrQIlqfQynx61GZXNwthttuWJlOK1AZEfN7tftqFgeEnnueowbd5LKiTUpJil04OzstUWSKsZghQTHIS1XZdhs6yuD5CDrUq20pS8bxJCWSCP87NPx9mVRntojWl-3hxm7N2ExFcfuMpg7EzlRKZ8xNmhC5bzhG11fIobefi5ZTjNZU9h5besUyoTFt4A_sHNMdJ1ndFuGfuqCBif9AG6Q8v55AGhvE1tTM2z4Hn5rCrdR0Qy2r-E5p-Z_DSc5DJKDg&sai=AMfl-YSKGjDZ0uykyS1sO0Wz6Ano1CaambN8C1cDlTb0jP6R2qu2QPcmOIXYzfTJpoKxrk5ETmLsJj5U9NP_3DlFDFiZ9erNcCqaLJLUcT0-DQ&sig=Cg0ArKJSzDhqY9Z-NMYZEAE&urlfix=1&adurl=
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s08-in-f194.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
cache-control: private
expires: Wed, 18 Jul 2018 13:29:48 GMT

GET
S 200 worker-68f4c079a93008e8e04f81f6476e5cc4.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 46 KB
15 KB 13ms
13ms XHR
application/javascript 159.122.87.153
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-68f4c079a93008e8e04f81f6476e5cc4.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/opa-cb049aa1c6fac0244f929663dcca26e3.js
Protocol: SPDY
Server: 159.122.87.153 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 99.57.7a9f.ip4.static.sl-reverse.com
Software: dacdn2 /
Resource Hash: d11075cd7df2682b221d194573250d4aed0a6a4e3a151acf41d1b14053495b85

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
last-modified: Wed, 04 Oct 2017 11:57:29 GMT
server: dacdn2
status: 200
etag: W/"59d4cca9-b83e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800, public, max-age=604800

GET
S 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1007530244/ 2 KB
1 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007530244/?random=1531920588951&cv=9&fst=1531920588951&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&tiba=Coin%20Miner%20Malware%20Spikes%20629%25%20in%20%27Telling%27%20Q1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

SPDY

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8ef61561455f65561aa6ae0652a8fdb3c7da5647be27174e6e22d98bd33bcf82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 985
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 bat.js Show response
bat.bing.com/ 21 KB
7 KB 30ms
30ms Script
application/javascript 204.79.197.200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 204.79.197.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: 5609656183f4eea3d53de66a9244232489686ef629604a71e5919fb187bf10e2

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
content-encoding: gzip
last-modified: Thu, 17 May 2018 20:25:04 GMT
x-msedge-ref: Ref A: 103136DC90F4418BABF022F9205F2B59 Ref B: FRAEDGE0519 Ref C: 2018-07-18T13:29:48Z
status: 200
etag: "0d071231deed31:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 6586

GET
S 200 all.js Show response
connect.facebook.net/en_US/ 213 KB
64 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

54b0ba8d66a7beb2c6046cf1242bc48e67c77f32d36d279f7f3e8b7f29f3a9cc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Wx3GHz9WAbpP4REHy8+Dfw==
status: 200
content-length: 65089
x-xss-protection: 0
x-fb-debug: Qg8SHjNYBcy9mIlNOFZY0pFooswHE6zfR2xVJNb5bKQWoyXN0JhfnrVbkeVhDFkqMZe8EDy4Y+yTSb2hkQRfnQ==
x-fb-content-md5: c4c6a5fa5d74f00056b210526f3a355b
x-frame-options: DENY
date: Wed, 18 Jul 2018 13:29:48 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "2a443476edd46260e79dc753797544fd"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
timing-allow-origin: *
expires: Wed, 18 Jul 2018 13:44:40 GMT

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20180711/r20110914/client/ext/ Frame 3350 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180711/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fc66b8961dd55ad2fd1cd14401e7f6fcbd7dc881cbdee501d93e6d0e34d9574f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 17:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1431
x-xss-protection: 1; mode=block
server: cafe
etag: 5903713065555871374
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jul 2018 17:41:54 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180711/r20110914/activeview/ Frame 3350 70 KB
0 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180711/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fa8dd1e3bb1fe9270f30d61b615e3921483883786e984e24e5c872d3e597cbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 13 Jul 2018 17:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26174
x-xss-protection: 1; mode=block
server: cafe
etag: 15297593273624130010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jul 2018 17:39:42 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3350 0
47 B 18ms
17ms Image
text/html 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhGb7nvgrjDy8vomuUL60TJPLgemiO5rLSEU_1DVtkZvbYW5et44MaJzX4SJ9EYX0S7yGTZp-oT585ow5E4NirIMNW29oeRPjVjNDzK-CddilIzA4mO55tyDsSNMGtjGe2T913GINYNc_PlQaQKAnhqPb_mLhq0MDjrL4QSbh6oXS5lnMJ5TD77OfM-Oc3sK7dwpjD3U0yl3a_MgrrjTI5RdSMSl0oKqWK-AZaPiSCF0oXI6Bqx-FfkPKmSAubgQKmDTsIN4jjpX-fJ8ISNCk&sai=AMfl-YToAobwlBv2yZNDbqax8Ej0FWw8c8bJIajJHNW1OnybduEfq7JHwH5QyJSI0liF5e3rxCyRlLN29GJ4fURK7VUR8zA6zhYoC0LC2tMCyg&sig=Cg0ArKJSzJwPvNY7XE3WEAE&adurl=
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s08-in-f194.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control: private
content-type: text/html; charset=UTF-8

GET
S 200 7837897515669370760
tpc.googlesyndication.com/simgad/ Frame 3350 74 KB
74 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7837897515669370760

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

276c5585a85e7098d2f9d771e9313bde913fa9c24239673766e8f6612230970f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 11 Jul 2018 04:06:57 GMT
x-content-type-options: nosniff
age: 638571
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 75791
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Jul 2018 15:24:07 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jul 2019 04:06:57 GMT

GET
S 200 nav-background.png
img.deusm.com/darkreading/ 3 KB
3 KB 13ms
12ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/nav-background.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6595372db2688a9dfb0991bc6cea16343042dd3caa33483b393d21a77d1c4be

Request headers

Referer: https://www.darkreading.com/styles/pano-framework.css?v1.26
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Sat, 22 Feb 2014 17:43:38 GMT
server: cloudflare
etag: "af8-4f30247448680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54ca12e89bf2a-FRA
content-length: 2808

GET
S 200 reb-border.png
img.deusm.com/darkreading/ 331 B
430 B 15ms
15ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/reb-border.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 523296d1a2c9a67ee707b5e0bc582f488e5786ec9b343c7b3da58a0d162d643b

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2016 06:29:01 GMT
server: cloudflare
etag: "14b-5405fac56e540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54ca12e8bbf2a-FRA
content-length: 331

GET
S 200 facebook-icon.png
img.deusm.com/darkreading/ 1 KB
1 KB 11ms
11ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/facebook-icon.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e19e8f9902a8b9ec4840aaf54110d6f502c5fb500303dc605f8776c40f7fb67

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Feb 2014 16:00:47 GMT
server: cloudflare
etag: "4a9-4f329132149c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54ca13e94bf2a-FRA
content-length: 1193

GET
S 200 tw-icon.png
img.deusm.com/darkreading/ 1 KB
1 KB 15ms
13ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/tw-icon.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d211ee8f54e0f314ee98a2b63e6e470b33fb1de29d326c742be16125bda71a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Feb 2014 16:00:47 GMT
server: cloudflare
etag: "56e-4f329132149c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54ca13e98bf2a-FRA
content-length: 1390

GET
S 200 li-icon.png
img.deusm.com/darkreading/ 1 KB
1 KB 10ms
7ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/li-icon.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976aabc512994a6ecc5981a85c489d1bb242ba6734b746a964d69db615f72875

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Feb 2014 16:00:47 GMT
server: cloudflare
etag: "54b-4f329132149c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54ca13e97bf2a-FRA
content-length: 1355

GET
S 200 google-icon.png
img.deusm.com/darkreading/ 2 KB
2 KB 9ms
6ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/google-icon.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2014095de604ead647724ba4b12e37e2f4b2510dc2b2d13f749d38e314dbab2a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:48 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Feb 2014 16:00:46 GMT
server: cloudflare
etag: "63b-4f32913120780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54ca13e96bf2a-FRA
content-length: 1595

GET
S 200 rss-icon.png
img.deusm.com/darkreading/ 2 KB
2 KB 11ms
8ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/rss-icon.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bb0d75d42e3ccf1a9d1a055bcddfbc23003ed3ab75bb0eb49c05ba747bce8c9

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Feb 2014 16:00:47 GMT
server: cloudflare
etag: "649-4f329132149c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54ca13e9cbf2a-FRA
content-length: 1609

GET
S 200 BngRUXZYTXPIvIBgJJSb6u92w7CGwR2oefDo.woff2
fonts.gstatic.com/s/robotoslab/v7/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v7/BngRUXZYTXPIvIBgJJSb6u92w7CGwR2oefDo.woff2

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:817::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8c055f4fc89b73bc480ac07d607782cb3482fc98cbec6f89135ff76ce5512280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:700
Origin: https://www.darkreading.com

Response headers

date: Sat, 14 Jul 2018 06:24:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:32:29 GMT
server: sffe
age: 371147
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 11096
x-xss-protection: 1; mode=block
expires: Sun, 14 Jul 2019 06:24:01 GMT

GET
S 200 imgad
tpc.googlesyndication.com/pagead/ 195 KB
196 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKCbnK64mgEQARgBMghd-vgdzvxnxg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_232.js

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

2f1cf9739a34689b6b42bf838eba7e72bf691f695a3a86653d49e0d911fbae73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 15:53:22 GMT
x-content-type-options: nosniff
server: cafe
age: 423387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/jpeg
status: 200
cache-control: public, max-age=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 200109
x-xss-protection: 1; mode=block
expires: Fri, 20 Jul 2018 15:53:22 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ 0
47 B 23ms
23ms Image
text/html 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlE3xRCd7YfjhzoxFX-nJoLDxdQFzhUfOES_LcbMADTZGv9jh24dd6m8XQg4ONvEoMuQKH1aFJ4jKUZw0aB8yAbqn-Zs7BHW2qxBSN4VvZRlSKs4CQsuVAh92QzlUBxXFAL5NRvQJzWKFhyOARbdZovJn0P4EcKKVLIdwdAJQxlkNaDM8uGCBoye2JImlVWtC0Y-7EoKpoLUbJCu9naXVHR13DJX1Eowapy8kcX-qAs6c83d_NniKvvrhPuRxA4BAlt3gjPi1YmvKfhMVW4-yvLLlrEdnc&sai=AMfl-YSSJx_YtdKAor8GoZ46YGtKelT_0TgoMynPD_e2A2kp1eKKMx2a1HQq1RzlYHVsQJM5iJqvAJ4Hjw3iqUHkUnoKCoTbD1_ZBKeiT_b35w&sig=Cg0ArKJSzCKhUQMoRO7aEAE&urlfix=1&adurl=
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s08-in-f194.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control: private
content-type: text/html; charset=UTF-8

GET
S 204 0
bat.bing.com/action/ 0
93 B 30ms
30ms Image
text/plain 204.79.197.200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5476211&Ver=2&mid=63c44fe1-1e41-211e-2a60-dd018204cb09&evt=pageLoad&sid=a3c7f681-1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Coin%20Miner%20Malware%20Spikes%20629%25%20in%20%27Telling%27%20Q1&p=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&r=&msclkid=N&rn=604231
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 204.79.197.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Wed, 18 Jul 2018 13:29:48 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 7DE0989EEF704C5BA1B23C9108DEA586 Ref B: FRAEDGE0519 Ref C: 2018-07-18T13:29:49Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.google.com/ads/user-lists/1007530244/ 42 B
111 B 27ms
26ms Image
image/gif 2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/user-lists/1007530244/?random=1531920588951&cv=9&fst=1531918800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&tiba=Coin%20Miner%20Malware%20Spikes%20629%25%20in%20%27Telling%27%20Q1&fmt=3&cdct=2&is_vtc=1&random=439628580&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:817::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.google.de/ads/user-lists/1007530244/ 42 B
107 B 27ms
26ms Image
image/gif 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/user-lists/1007530244/?random=1531920588951&cv=9&fst=1531918800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&tiba=Coin%20Miner%20Malware%20Spikes%20629%25%20in%20%27Telling%27%20Q1&fmt=3&cdct=2&is_vtc=1&random=439628580&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:817::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK secureAnonymousFramework Show response
platform.linkedin.com/js/ 156 KB
45 KB 7ms
6ms Script
text/javascript 104.111.240.34
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/js/secureAnonymousFramework?v=1.0.332-1429&
Requested by: Host: platform.linkedin.com
URL: https://platform.linkedin.com/in.js
Protocol: HTTP/1.1
Server: 104.111.240.34 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-240-34.deploy.static.akamaitechnologies.com
Software: Apache-Coyote/1.1 /
Resource Hash: 734861971103d62465b7df8119811eec77597c64746fc571c18036a6f273d271

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:49 GMT
Content-Encoding: gzip
X-LI-UUID: GWG5srj6PxWg343z+yoAAA==
Server: Apache-Coyote/1.1
X-Li-Pop: prod-efr5-icwd20
Vary: Accept-Encoding
X-Li-Fabric: prod-lva1
X-LI-Proto: http/1.1
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 45458
X-CDN: AKAM

GET
S 200 plusone.js Show response
apis.google.com/js/ 43 KB
17 KB 27ms
27ms Script
application/javascript 2a00:1450:400e:803::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:400e:803::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

37c5fa3e10b9c5efe235ea79656573eac168676a4983801acd4fbfa23d0883cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-DSeC0SqABm2155M6JyKmDElPj8k' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "a946935d25873181035be85bf860b9eb"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Wed, 18 Jul 2018 13:29:49 GMT

GET
S 200 bullet.png
img.deusm.com/informationweek/ 1 KB
1 KB 11ms
11ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/informationweek/bullet.png
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20180711/r20110914/activeview/osd_listener.js
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e0e2ad3a93ec78d016efee0993b5856ba9b4acafcee3aa4d6f7162f039fcce4

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Nov 2013 00:57:26 GMT
server: cloudflare
etag: "41e-4ea272a96e980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54ca1bf0bbf2a-FRA
content-length: 1054

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ 0
47 B 18ms
18ms Image
text/html 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucVjV4L2n6_1p9F3wf3uEky9ynQjJ1k8gsV_d-NQMyEiNN4ODBeIIZaCubkwAZn_BY0iLbTKHHKZhkOI2kn9a8G9xch8ZhTPBwG76fEZjl9ZkGuFOM8T6a7FECbVCudkmgikqc4as3PCuCsaMKeOTlLileECpn5qKPQUtCPYFefFYFm-vedblWCrssOE-aD0hsJTkyeNyT3G04MQf0GiLw3MtIgfX4RlvN8mBSePtt7d3ioG1MDmPMe-LcrVJaLXBFzW4qVAP7srY22c_ojqL4_Ak&sai=AMfl-YQPc7DSTX_bT3dYS-Ls-EjvH-bBxfUrlPJXfuYoUp0ne5goN897fmIPxn644H260vhiijizqQWjB25vDCabj8hf1UdSp-gObqUSx5bajg&sig=Cg0ArKJSzFOVfzU-fKFHEAE&urlfix=1&adurl=
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s08-in-f194.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control: private
content-type: text/html; charset=UTF-8

GET
S 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/ 131 KB
46 KB 12ms
12ms Script
text/javascript 2a00:1450:400e:803::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

2a00:1450:400e:803::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

27d0b2f79b3a90ccf74c8be137edd09fd3be6230e634ab3308213a5d9d47ef44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 17 Jul 2018 21:03:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Jul 2018 22:41:06 GMT
server: sffe
age: 59199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 46639
x-xss-protection: 1; mode=block
expires: Wed, 17 Jul 2019 21:03:10 GMT

GET
S 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/ 98 KB
34 KB 12ms
12ms Script
text/javascript 2a00:1450:400e:803::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

2a00:1450:400e:803::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0a50c695cbcb759240c0c5b4a3e6ac8a8fd908e52df60fb8b45ddef748ada26a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 17 Jul 2018 21:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Jul 2018 22:41:06 GMT
server: sffe
age: 59197
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35163
x-xss-protection: 1; mode=block
expires: Wed, 17 Jul 2019 21:03:12 GMT

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 2C1E 0
0 35ms
29ms Document
text/html 2a00:1450:400e:803::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fwww.darkreading.com&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:400e:803::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fwww.darkreading.com&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
accept-encoding: gzip, deflate
cookie: NID=134=qxkImp7nUo6AvCyvAq7qPGkHbUGsDlQ8oZVpf7HY1A5CV0B1W-J7lf_Wo013KpWYu19GwcqW7bjaRjFMhlzVJ1Yi4u2nHb2aTUjA6zILRGKy_h0GLf7cZiTbwZbdIKzN
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E88D36113169FDDE12FD6800890E2B17
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 18 Jul 2018 13:29:49 GMT
date: Wed, 18 Jul 2018 13:29:49 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-IZP8XDl6rTNZCwTGWW95/pWJJlE' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 LnGK1eIuZ8c.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame FDDA 0
0 9ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/LnGK1eIuZ8c.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/LnGK1eIuZ8c.js?version=42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
accept-encoding: gzip, deflate
cookie: fr=0j21TkNHPZlg3PKTR..BbT0DM...1.0.BbT0DM.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E88D36113169FDDE12FD6800890E2B17
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Response headers

status: 200
expires: Wed, 17 Jul 2019 19:28:14 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
content-encoding: gzip
x-fb-debug: hZBRmEHioh2B9QqGPMRupDDafH7Ly6yQz93gIbt9+PWu1tuJXzHWCRVTs3Kx9VoV2h8qd8J148srbi+msCpyzQ==
content-length: 13898
date: Wed, 18 Jul 2018 13:29:49 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ 0
47 B 17ms
16ms Image
text/html 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyYnqdd_rFHo_tZW0OHjIbCF1aswcV5GxcTlCSuvnIXctCXIlN4H-LBsiOZDBWQSz--qaGbSTJHrKE-D1Io7LCQMndVw75t1aOokLLW7xZus3exwVQCr8ECpyqI-y2nFUuC-ZRER0rzKQE-PXuDoHE2enJfNbr-EIxZe3vVdZ4QIm4vAaTzqZaBT75LZZIwPp-TfvTYRG-9Wg_BpBUMCILdNtnv-_m-7POYzv1_d1zK9C3jHjPDQABRTTDCyiWwNi61Y8yiQz9mDeaCNYy7VBr2wgj&sai=AMfl-YSG4RTLTfPk9MmjMWHCTrAVFAGcbpileYzBUkAZQIee5DMCnEwblbYitrUjeJzg51zN4HkmDQwkhqgkAtuWkG8nl33BOjhu9zRjXULtBg&sig=Cg0ArKJSzAL_UtU4vKvTEAE&urlfix=1&adurl=
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s08-in-f194.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control: private
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sprite_connect_v14.png
static.licdn.com/scds/common/u/images/apps/connect/sprites/ 41 KB
41 KB 8ms
7ms Image
image/png 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

HTTP/1.1

Server

2a02:26f0:6c00:296::25ea , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

2d7481c72a3827dee23254b8198fa70f7ce5c637791658b4e0c6550a568af105

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-LI-Proto: http/1.1
Strict-Transport-Security: max-age=2592000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN-CLIENT-IP-VERSION: IPV6
X-CDN: AKAM
X-LI-Static-Content: 1
X-CDN-Proto: HTTP1
Connection: keep-alive
Content-Length: 41680
X-LI-UUID: 2iWd4uID7BRAfSEO1SoAAA==
Server: Apache-Coyote/1.1
Last-Modified: Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop: prod-tln1
X-Frame-Options: sameorigin
Date: Wed, 18 Jul 2018 13:29:49 GMT
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Access-Control-Expose-Headers: X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto
Cache-Control: max-age=31536000, immutable
Timing-Allow-Origin: *
X-Li-Fabric: prod-ltx1
Expires: Tue, 09 Oct 2018 21:23:05 GMT

GET
H/1.1 200
OK web.js Show response
ads.celtra.com/ad912be8/ 11 KB
4 KB 314ms
113ms Script
application/javascript 52.203.24.244
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/ad912be8/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3cpRPtRgGXYfKtCwyW8LN-MnBpNvlKy_3GQdOJ1lBtFHAmRJzOpdtzpQX6Lbk67DlO1PnFgfFYn7dbAj8SkjF3zioRVDLvTjFxI00sOPJsCPljdBBlOobSFqmJOBc8e6PyVL_xn4WY4Q6hj-NiC3hvPxbRVaSV11Gaa_AWOxC_ZjWcM2vnKEz7V4m3MxcgU9oZTmZHldQSIqwjXp5ubUshpRQryrptr8XjL45fKoFYlosYOL7-vXbGWCTbtAw98ynUkzsUCwnGTliibr2J-R9%26sai%3DAMfl-YQmt_Lw9aSI8QvugrBiP4C_UsxNN4CIOWspTF6QwRGPB3EZzfHf8Q0ZVj96SQ2mmBa_IfIlykV0ohrMNGxMh8Rz-KwAsYt_VtbHUkvoEQ%26sig%3DCg0ArKJSzCojZqObDtAfEAE%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=6&externalCreativeId=138236492235&externalPlacementId=95423676&externalSiteId=27868836&externalSiteName=darkreading.com&externalLineItemId=4710073630&externalCampaignId=2283611939&scriptId=celtra-script-1&clientTimestamp=1531920589.197&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=4571276168622629
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 52.203.24.244 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-203-24-244.compute-1.amazonaws.com
Software: /
Resource Hash: 60aa4d4da446982e0adcf67285cc72488272580df7666f1a7a6a27e7f53a445a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:49 GMT
Content-Encoding: gzip
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 3666
Expires: 0

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20180711/r20110914/client/ext/ Frame C83F 3 KB
0 6ms
5ms Script
text/javascript 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180711/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fc66b8961dd55ad2fd1cd14401e7f6fcbd7dc881cbdee501d93e6d0e34d9574f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 13 Jul 2018 17:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1431
x-xss-protection: 1; mode=block
server: cafe
etag: 5903713065555871374
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jul 2018 17:41:54 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180711/r20110914/activeview/ Frame C83F 70 KB
0 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180711/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fa8dd1e3bb1fe9270f30d61b615e3921483883786e984e24e5c872d3e597cbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 13 Jul 2018 17:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26174
x-xss-protection: 1; mode=block
server: cafe
etag: 15297593273624130010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jul 2018 17:39:42 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame C83F 0
56 B 16ms
16ms Image
text/html 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKmJm9Pnxce9Zl0VYvQ4HrCQdaR-ZzyWY4rEKF_N5MUulVfDvyI-HQlRAhXI5oL9vrDCljtopucJ8FNt0TS71UML1ykwQL4bM2Qd3rQc_sE5SSTr_iRYzyJJrDJIAdsXdjZGNAf7w0C0DBwvCce2nePQppyjpyvEYuYnofIBXG6oee0kSIqkmQwntsiQMnBYhtfYnKESn61vhzqTyHPkHnqflA0kPs290yZZOiMpmHW5iUqQGWhpc9BUd10Xtv1OOz9UfgYnTCkBjEfPkev50Lajb-&sai=AMfl-YTGWGyW1V5Ch7yb-BGxgesgmYlAsxzcaQFGwc1HjMMJrCjiJQ9gbijafNVssWeaNzfvVIt6GFZDozCvi7ru-6qCPmi4gNm8NG3aiUF71A&sig=Cg0ArKJSzKdZVUGIYoMUEAE&adurl=
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s08-in-f194.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control: private
content-type: text/html; charset=UTF-8

GET
S 200 665937437368551134
tpc.googlesyndication.com/simgad/ Frame C83F 42 KB
42 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/665937437368551134

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fa646ef4a31c107b90cc95d480ff9395cc621d20fa440156da3b21cfd5a3ca26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:34:29 GMT
x-content-type-options: nosniff
age: 543320
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 43227
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Oct 2017 18:18:58 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jul 2019 06:34:29 GMT

GET
S 200 DR-hot-topics-comment.png
img.deusm.com/darkreading/ 1 KB
1 KB 12ms
12ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/darkreading/DR-hot-topics-comment.png
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20180711/r20110914/activeview/osd_listener.js
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9182e8a1e20a5437d2f311b096b2a98a33d54e94d4d9d6d01c5db3861460d04e

Request headers

Referer: https://www.darkreading.com/styles/pano-framework.css?v1.26
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Feb 2014 14:56:02 GMT
server: cloudflare
etag: "4a5-4f2ebd20ac480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54ca2afd0bf2a-FRA
content-length: 1189

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame CF1C 0
0 41ms
41ms Document
text/html 2a00:1450:4001:817::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.darkreading.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/cb=gapi.loaded_1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::200d , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SqtviOrqOfVgl4MuSEARCCYz5Mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'none';report-uri /o/cspreport
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.darkreading.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
accept-encoding: gzip, deflate
cookie: NID=134=qxkImp7nUo6AvCyvAq7qPGkHbUGsDlQ8oZVpf7HY1A5CV0B1W-J7lf_Wo013KpWYu19GwcqW7bjaRjFMhlzVJ1Yi4u2nHb2aTUjA6zILRGKy_h0GLf7cZiTbwZbdIKzN
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E88D36113169FDDE12FD6800890E2B17
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 18 Jul 2018 13:29:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-SqtviOrqOfVgl4MuSEARCCYz5Mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'none';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
S 200 NL-button.png
img.deusm.com/informationweek/ 2 KB
3 KB 18ms
17ms Image
image/png 2400:cb00:2048:1::681c:1636
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.deusm.com/informationweek/NL-button.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::681c:1636 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b5688f8b168e06251901442c4f2f72b30c4477cb472833cde7979a8dca0a862

Request headers

Referer: https://www.darkreading.com/styles/pano-framework.css?v1.26
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Nov 2013 15:09:43 GMT
server: cloudflare
etag: "9c6-4eaabc5a3dbc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 43c54ca30826bf2a-FRA
content-length: 2502

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20180711/r20110914/client/ext/ Frame 62AB 3 KB
0 6ms
5ms Script
text/javascript 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180711/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fc66b8961dd55ad2fd1cd14401e7f6fcbd7dc881cbdee501d93e6d0e34d9574f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 13 Jul 2018 17:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1431
x-xss-protection: 1; mode=block
server: cafe
etag: 5903713065555871374
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jul 2018 17:41:54 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180711/r20110914/activeview/ Frame 62AB 70 KB
0 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180711/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fa8dd1e3bb1fe9270f30d61b615e3921483883786e984e24e5c872d3e597cbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 13 Jul 2018 17:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26174
x-xss-protection: 1; mode=block
server: cafe
etag: 15297593273624130010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jul 2018 17:39:42 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 62AB 0
56 B 20ms
19ms Image
text/html 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstL49PaWmF_uRTtNk6ELWDzxRuhMuBBLE-NHeGdTQZUGhJvKK0ir--cECiK8hs_LLJ3D6XbQzFu4bcT6arHSE8HAjRv2k-o7HjF3RrjL62keZwhsIk3Hr4YsX0N8jPz24SVkxw1psnZXyFaAQXnN1oVmO-ETQm7VYV_DAImSHwrNB4rxMKblUHdOrjkNcWC6DrY922o34w1hAqPDZKo8480Wq2j0TVgnelPjAJpnwvQ7HVTH6OqcOy_XKxsDUSX2M46DwLgGlr2HEupg29UjVE&sai=AMfl-YTwpEVV9RTlUf1DR2KMXjOHYn9xTHh2bApLAFVUh-n9PpgJtigc6tUFVfHKcM7V-ky9Xu7uJxYEFXSMj0GBJsqrU7-1XUeIoOUYHQ89uQ&sig=Cg0ArKJSzHBCoRVK9ax7EAE&adurl=
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s08-in-f194.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control: private
content-type: text/html; charset=UTF-8

GET
S 200 11837546036157739205
tpc.googlesyndication.com/simgad/ Frame 62AB 84 KB
85 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11837546036157739205

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0773c5b41fd3946a1b4ac421f6d5f9174ddb5995a67305de0e316b694ecef102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 03:33:56 GMT
x-content-type-options: nosniff
age: 467753
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 86471
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Jul 2018 19:47:12 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jul 2019 03:33:56 GMT

GET
H/1.1 200
OK tag Show response
a.teads.tv/page/11512/ 1 KB
1 KB 111ms
27ms Script
application/javascript 52.50.88.138
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/11512/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_232.js
Protocol: HTTP/1.1
Server: 52.50.88.138 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-50-88-138.eu-west-1.compute.amazonaws.com
Software: teads-ssp /
Resource Hash: 57d73d9916fd4cad4a66b5c8b61626ed5d6b02d1949016e38a31cde654fe13e0

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:49 GMT
Content-Encoding: gzip
Server: teads-ssp
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 598
Expires: 0

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ 0
56 B 17ms
17ms Image
text/html 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMzb2W1QIqWpE7aq2tvUXXBlrmKp-Gd2X-9T4YkhnK4_7GNWbXXcYkXTzIoNKPhMuqxQGbd1D72bDiVLuylAE5L9LbIRK_Gxor-5sn_tVfklLXZ4TmNa9T6uUQeHLJr1vTzEnpkpV9f4og_vqLgzWZl6KkcqbTMSMAcFz_TfJ_U8b60KEWiuWhU1JSZQzdr4KwAgf47qw-ApSlIznoaL52Q2f2RGmWfIm3JRVsTDAIpATCicSjm8knbX9MosIRqtLqsYmAC6R-wmti09tPEA&sai=AMfl-YRWtLVaeSSrJlI8fuHPh9cWZRB9tr6drDnukU1k0ytqM96xZWTDyXssW_Vd2kCpcRFFbNdOciBkrpxm-QZ0_90Zf7m88rAfAaxBn69gwQ&sig=Cg0ArKJSzPf7FzZucElYEAE&urlfix=1&adurl=
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s08-in-f194.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control: private
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK s45900042482415
ubmtech.d3.sc.omtrdc.net/b/ss/cmpglobalvista/1/JS-2.8.2/ 43 B
586 B 20ms
20ms Image
image/gif 172.82.228.18
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ubmtech.d3.sc.omtrdc.net/b/ss/cmpglobalvista/1/JS-2.8.2/s45900042482415?AQB=1&ndh=1&pf=1&t=18%2F6%2F2018%2013%3A29%3A49%203%200&sdid=085A23554CE1A718-30340006869BE79A&mid=75400558995647666862962892964607426200&aamlh=9&ce=UTF-8&ns=ubmtech&pageName=darkreading.com%20threat%20intelligence%20kelly%20sheridan%20coin%20miner%20malware%20spikes%20629%25%20in%20%27telling%27%20q1&g=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&cc=USD&events=event5&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=Dark%20Reading%7CThreat%20Intelligence&c2=1332166&v2=Coin%20Miner%20Malware%20Spikes%20629%25%20in%20%27Telling%27%20Q1&c3=Dark%20Reading%20%7C%201332166%20%7C%20Coin%20Miner%20Malware%20Spikes%20629%25%20in%20%27Telling%27%20Q1&c4=Coin%20Miner%20Malware%20Spikes%20629%25%20in%20%27Telling%27%20Q1&c5=Threat%20Intelligence%20-%20Threat%20Intelligence&c7=Kelly%20Sheridan&c8=2a01%3A4f8%3A202%3Aa9%3A0%3A0%3A0%3A2%20%7C%20Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F67.0.3396.87%20Safari%2F537.36&v10=wednesday%7C9%3A00am&c11=News%20Analysis&v12=1332166&c13=wednesday%7C9%3A00am&v13=www.darkreading.com&v15=First%20Visit&c17=New&v17=New&c19=Un-Registered&c20=20180627&c22=First%20Visit&c23=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&v28=Kelly%20Sheridan&v37=News%20Analysis&c41=3&c48=1&v48=1&c50=2.8.2&v61=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=77FB1CFE532B22840A490D45%40AdobeOrg&AQE=1

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

HTTP/1.1

Server

172.82.228.18 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

*.d3.sc.omtrdc.net

Software

Omniture DC /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:49 GMT
X-Content-Type-Options: nosniff
X-C: ms-6.4.0
P3P: CP="This is not a P3P policy"
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 19 Jul 2018 13:29:49 GMT
Server: Omniture DC
xserver: www289
ETag: "3289774414999126016-6164338459068172081"
Vary: *
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Expires: Tue, 17 Jul 2018 13:29:49 GMT

GET
S 200 boomerang.min.js Show response
cdn.feathr.co/js/ 63 KB
20 KB 16ms
16ms Script
text/javascript 2400:cb00:2048:1::6819:f763
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.feathr.co/js/boomerang.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2400:cb00:2048:1::6819:f763 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 553d6da57d8275938c60b032517c87b2d6cb834f7b57d8f89adf96a4ddcf96a1

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 11 Jul 2018 19:01:59 GMT
server: cloudflare
x-amz-request-id: 075512A72F57EF21
etag: W/"4499023f36ce860ef168b64e990dc25a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 43c54ca3b90f6463-FRA
x-amz-id-2: j7bFW8HRVxZp6VHA2KtbKrHEEoGLOVG7T8rDNboh/y/pIb7IEvqCbpq1j3MkRdLltKvGN/ZEpBM=
expires: Wed, 18 Jul 2018 17:29:49 GMT

GET
H/1.1 200 Cookie set login.jsp
ng.techweb.com/authds/login/ Frame 009C 0
0 431ms
114ms Document
text/html 2620:103::192:155:48:119
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.techweb.com/authds/login/login.jsp?type=iframe&cdsocket_client=https://www.darkreading.com/cdsocket_proxy.html
Requested by: Host: twimgs.com
URL: https://twimgs.com/nojitter/js/jquery-1.11.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2620:103::192:155:48:119 , United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: NG /
Resource Hash

Request headers

Host: ng.techweb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Accept-Encoding: gzip, deflate
Cookie: Insights=26-33eae6b7-b627-466c-9c69-46a7806b41b4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E88D36113169FDDE12FD6800890E2B17
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Response headers

Set-Cookie: JSESSIONID=C07BE28C497A5573F95D60E3BDBBFE74; Path=/; Secure; HttpOnly
Vary: Accept-Encoding
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 759
Date: Wed, 18 Jul 2018 13:29:49 GMT
Server: NG
Content-Encoding: gzip
Connection: Keep-Alive

GET
H/1.1 200
OK widget_iframe.7a5ca036ea5299f1d2ebb2234731e35e.html
platform.twitter.com/widgets/ Frame 7506 0
0 10ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7a5ca036ea5299f1d2ebb2234731e35e.html?origin=https%3A%2F%2Fwww.darkreading.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4198) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E88D36113169FDDE12FD6800890E2B17
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 18 Jul 2018 13:29:49 GMT
Etag: "6f4bb4155518386526ca164541e6b1ce+gzip"
Last-Modified: Tue, 10 Jul 2018 21:19:35 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4198)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5868

GET
H/1.1 200
OK timeline.35155ed6aa6e065422c11b2526f1caf9.js Show response
platform.twitter.com/js/ 26 KB
9 KB 9ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.35155ed6aa6e065422c11b2526f1caf9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4195) /
Resource Hash: baf22a1e345422d047b9874c8f25142ff4704b03e6a40a443abb5d162270dcd4

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/4195)
Etag: "1672631554be53d4f7315127a8062806+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Content-Length: 8521

GET
H/1.1 200
OK button.bf357a6ba1a5f1fa0ddb61377ae3add5.js Show response
platform.twitter.com/js/ 4 KB
2 KB 17ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.bf357a6ba1a5f1fa0ddb61377ae3add5.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E5) /
Resource Hash: 71ef2be76ecf12f431795805b6bfb5a20523b7692be0e6106e8e2d18d3d33632

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/40E5)
Etag: "1d8bf9d779a256fc7c4434c8ce2298c8+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Content-Length: 1397

GET
H2 200 ping
www.facebook.com/connect/ Frame 63A8 0
0 33ms
31ms Document
text/html 2a03:2880:f11c:8186:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/connect/ping?client_id=640989409269461&domain=www.darkreading.com&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FLnGK1eIuZ8c.js%3Fversion%3D42%23cb%3Df96b1a019c1f3%26domain%3Dwww.darkreading.com%26origin%3Dhttps%253A%252F%252Fwww.darkreading.com%252Ff301b4a1f8ae4d%26relation%3Dparent&response_type=token%2Csigned_request%2Ccode&sdk=joey&version

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /connect/ping?client_id=640989409269461&domain=www.darkreading.com&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FLnGK1eIuZ8c.js%3Fversion%3D42%23cb%3Df96b1a019c1f3%26domain%3Dwww.darkreading.com%26origin%3Dhttps%253A%252F%252Fwww.darkreading.com%252Ff301b4a1f8ae4d%26relation%3Dparent&response_type=token%2Csigned_request%2Ccode&sdk=joey&version
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
accept-encoding: gzip, deflate
cookie: fr=0j21TkNHPZlg3PKTR..BbT0DM...1.0.BbT0DM.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E88D36113169FDDE12FD6800890E2B17
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Response headers

status: 200
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: pDQzmHdE5dgPCeyvXC+SYgTFLGmfVYIJSX1WcGB3929rcydf3hM4p/jQmOTY+k8J4+yfi94lHJ0fdQZ3zUX8Sg==
date: Wed, 18 Jul 2018 13:29:49 GMT

GET
H/1.1 204
No Content record.do
ins.techweb.com/beacon/ Frame 6106 0
0 129ms
128ms Document
text/plain 2620:103::192:155:48:48
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.techweb.com/beacon/record.do?a=bfb712d4d19ed922a019f653ef0d27df3e8dac70570cb4ba0be8b5d8c49e00ac&u=https%253A%252F%252Fwww.darkreading.com%252Fthreat-intelligence%252Fcoin-miner-malware-spikes-629--in-telling-q1%252Fd%252Fd-id%252F1332166&t=P
Requested by: Host: ins.techweb.com
URL: https://ins.techweb.com/beacon/js/beacon-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2620:103::192:155:48:48 , United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: INS /
Resource Hash

Request headers

Host: ins.techweb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Accept-Encoding: gzip, deflate
Cookie: Insights=26-33eae6b7-b627-466c-9c69-46a7806b41b4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E88D36113169FDDE12FD6800890E2B17
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Response headers

P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Date: Wed, 18 Jul 2018 13:29:49 GMT
Server: INS

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 8ms
8ms Script
application/x-javascript 104.111.238.191
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: twimgs.com
URL: https://twimgs.com/informationweek/elqNow/elqImg.js

Protocol

HTTP/1.1

Server

104.111.238.191 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-238-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

23818277c974e4ed1d48a04077c6a133bde3435f3d0bafe8dcca49150ebcb986

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=3600; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 18 Apr 2018 14:18:16 GMT
ETag: "7af3e31720d7d31:0"
Vary: Accept-Encoding
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA"
Date: Wed, 18 Jul 2018 13:29:49 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 2118
Expires: Wed, 18 Jul 2018 13:29:49 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
144 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8186:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=832000476880185&ev=Microdata&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&rl=&if=false&ts=1531920589460&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Coin%20Miner%20Malware%20Spikes%20629%25%20in%20%27Telling%27%20Q1%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Ftwimgs.com%2Fnojitter%2Fdarkreading%2Fdr-logo.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166%22%2C%22og%3Asite_name%22%3A%22Dark%20Reading%22%2C%22og%3Adescription%22%3A%22Drastic%20growth%20suggests%20adversaries%20are%20learning%20how%20they%20can%20maximize%20rewards%20with%20minimal%20effort.%22%7D&cd[Meta]=%7B%22title%22%3A%22Coin%20Miner%20Malware%20Spikes%20629%25%20in%20%27Telling%27%20Q1%22%2C%22meta%3Adescription%22%3A%22Drastic%20growth%20suggests%20adversaries%20are%20learning%20how%20they%20can%20maximize%20rewards%20with%20minimal%20effort.%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.21&r=stable&ec=1&o=28&it=1531920588786&es=automatic
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 18 Jul 2018 13:29:49 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame C463 0
0 148ms
147ms Document
text/html 2a03:2880:f11c:8186:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=640989409269461&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FLnGK1eIuZ8c.js%3Fversion%3D42%23cb%3Df39e71366e688f%26domain%3Dwww.darkreading.com%26origin%3Dhttps%253A%252F%252Fwww.darkreading.com%252Ff301b4a1f8ae4d%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&layout=button&locale=en_US&sdk=joey&send=false&show_faces=false&width=87

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=640989409269461&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FLnGK1eIuZ8c.js%3Fversion%3D42%23cb%3Df39e71366e688f%26domain%3Dwww.darkreading.com%26origin%3Dhttps%253A%252F%252Fwww.darkreading.com%252Ff301b4a1f8ae4d%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&layout=button&locale=en_US&sdk=joey&send=false&show_faces=false&width=87
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
accept-encoding: gzip, deflate
cookie: fr=0j21TkNHPZlg3PKTR..BbT0DM...1.0.BbT0DM.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E88D36113169FDDE12FD6800890E2B17
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: MBGXXZDuKMQWg0dBAmAMv07dHm9Tx9HY2cn2+ZALvgs6xQrCPHqofrgXK8X2qUTfp+tehzGhNnWVURZbfDNfew==
date: Wed, 18 Jul 2018 13:29:49 GMT

GET
H/1.1 200
OK 441964414116179968 Show response
cdn.syndication.twimg.com/widgets/timelines/ 143 KB
11 KB 24ms
6ms Script
application/javascript 2606:2800:234:1a46:1c04:1676:610:129d
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/widgets/timelines/441964414116179968?callback=__twttr.callbacks.tl_i0_441964414116179968_old&dnt=true&domain=www.darkreading.com&lang=en&suppress_response_codes=true&t=1702133&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

HTTP/1.1

Server

2606:2800:234:1a46:1c04:1676:610:129d , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40EB) /

Resource Hash

f841d5275f24b4cbf1415f68d8820bfde75dc02a7cacef4ed20ea033f9bd567c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:49 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
X-Cache: HIT
content-disposition: attachment; filename=jsonp.jsonp
Vary: Accept-Encoding
Content-Length: 10617
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 283
Last-Modified: Wed, 18 Jul 2018 13:28:30 GMT
Server: ECS (fcn/40EB)
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
Content-Type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: b4937fc770ee6180c5db3ce5840588eb
Accept-Ranges: bytes
timing-allow-origin: *
x-transaction: 00321e160041c087
expires: Wed, 18 Jul 2018 13:34:49 GMT

GET
S 200 syndication
syndication.twitter.com/i/jot/ 43 B
125 B 118ms
117ms Image
image/gif 104.244.42.72
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?dnt=1&l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1531920589499%2C%22dnt%22%3Atrue%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

104.244.42.72 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 111
pragma: no-cache
last-modified: Wed, 18 Jul 2018 13:29:49 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 7dbd2decc53c7cd4768bc29d40254c64
x-transaction: 00bd75b500c79740
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK teads-format.min.js Show response
cdn.teads.tv/media/format/v3/ 670 KB
176 KB 22ms
6ms Script
text/javascript 2.18.234.227
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/11512/tag
Protocol: HTTP/1.1
Server: 2.18.234.227 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-227.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8f9e8d232b4903954913897bf8b60e5422be07d7b55ae0703c00712d7f274253

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Jul 2018 10:46:58 GMT
Server: AmazonS3
x-amz-request-id: 9E72CDECFD1EB22A
ETag: "ddd3333e5164897c1d75f1fb43f5f021"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Cache-Control: max-age=291
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 179685
x-amz-id-2: vlIaM2Xvvo2yUet7BprA+gbBAheNGb8BenhQOlHrgkSVqRzoFBfI37G2wfAQBW7DvkehiOKR1Fs=

GET
H/1.1 200
OK integrations Show response
polo-v1.feathr.co/v1/accounts/5772dda68e8027153edc8f4f/ 54 B
432 B 325ms
97ms Fetch
application/json 54.221.226.172
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://polo-v1.feathr.co/v1/accounts/5772dda68e8027153edc8f4f/integrations
Requested by: Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js
Protocol: HTTP/1.1
Server: 54.221.226.172 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-221-226-172.compute-1.amazonaws.com
Software: Apache/2.4.33 (Amazon) mod_wsgi/3.5 Python/3.6.5 /
Resource Hash: 68795cb80606f19d4ec0d92744af85048164f53500ad9535229c470fe24fe28a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Origin: https://www.darkreading.com

Response headers

Date: Wed, 18 Jul 2018 13:29:49 GMT
Server: Apache/2.4.33 (Amazon) mod_wsgi/3.5 Python/3.6.5
Vary: User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Authorization
Content-Length: 54

GET
S 200 refresh
marco.feathr.co/v1/ 43 B
548 B 125ms
125ms Image
image/gif 54.192.94.74
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marco.feathr.co/v1/refresh
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.74 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-74.fra2.r.cloudfront.net
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
via: 1.1 6e761598d9637d0090f3661d0d27be14.cloudfront.net (CloudFront)
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key
x-amzn-requestid: a527fb01-8a8e-11e8-9313-29297158275b
status: 200
access-control-allow-methods: *
content-type: image/gif
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5b4f40cd-3e521417cd873053fc3135e5;Sampled=0
x-cache: Miss from cloudfront
x-amz-apigw-id: KOcQHFd_IAMFfpg=
content-length: 43
x-amz-cf-id: e9lItATgfDtHmRZ96XBLhpfmUF3fm6Tq3dHouVAOA2qcqPpn_11pLw==

GET
H/1.1 200
OK svrGP Show response
s657486201.t.eloqua.com/visitor/v200/ 0
400 B 107ms
106ms Script
application/javascript 142.0.160.13
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://s657486201.t.eloqua.com/visitor/v200/svrGP?pps=50&siteid=657486201&DLKey=7435f16d0b5c4189a89d0d109d2517f5&DLLookup=&ms=517

Requested by

Host: img.en25.com
URL: https://img.en25.com/i/elqCfg.min.js

Protocol

HTTP/1.1

Server

142.0.160.13 Redwood City, United States, ASN7160 (NETDYNAMICS - Oracle Corporation, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=3600;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 18 Jul 2018 13:29:48 GMT
Vary: Accept-Encoding
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA"
Cache-Control: private,no-cache, no-store
Content-Type: application/javascript
Content-Length: 20
Expires: -1

GET
H/1.1

200
OK

svrGP.aspx
s657486201.t.eloqua.com/visitor/v200/
Redirect Chain

https://s657486201.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=657486201&ref2=elqNone&tzo=0&ms=517&optin=disabled
https://s657486201.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=657486201&ref2=elqNone&tzo=0&ms=517&optin=disabled&elqCookie=1

49 B
369 B

136ms
136ms

Image
image/gif

142.0.160.13
Oracle Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s657486201.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=657486201&ref2=elqNone&tzo=0&ms=517&optin=disabled&elqCookie=1

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

HTTP/1.1

Server

142.0.160.13 Redwood City, United States, ASN7160 (NETDYNAMICS - Oracle Corporation, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=3600;
X-Content-Type-Options: nosniff
Date: Wed, 18 Jul 2018 13:29:48 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA"
Cache-Control: private,no-cache, no-store
Content-Type: image/gif
Content-Length: 49
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=3600;
X-Content-Type-Options: nosniff
Date: Wed, 18 Jul 2018 13:29:48 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA"
Location: //s657486201.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=657486201&ref2=elqNone&tzo=0&ms=517&optin=disabled&elqCookie=1
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 266
Expires: -1

GET
H/1.1

200
OK

svrGP.aspx
s2150.t.eloqua.com/visitor/v200/
Redirect Chain

https://s2150.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=2150&ref2=elqNone&tzo=0&ms=517&optin=disabled
https://s2150.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2150&ref2=elqNone&tzo=0&ms=517&optin=disabled&elqCookie=1

49 B
369 B

190ms
189ms

Image
image/gif

209.167.231.17
Oracle Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2150.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2150&ref2=elqNone&tzo=0&ms=517&optin=disabled&elqCookie=1

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

HTTP/1.1

Server

209.167.231.17 , United States, ASN7160 (NETDYNAMICS - Oracle Corporation, US),

Reverse DNS

e017.en25.com

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=3600;
X-Content-Type-Options: nosniff
Date: Wed, 18 Jul 2018 13:29:49 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA"
Cache-Control: private,no-cache, no-store
Content-Type: image/gif
Content-Length: 49
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=3600;
X-Content-Type-Options: nosniff
Date: Wed, 18 Jul 2018 13:29:49 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA"
Location: //s2150.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2150&ref2=elqNone&tzo=0&ms=517&optin=disabled&elqCookie=1
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 256
Expires: -1

GET
H/1.1 200
OK tweet_button.7a5ca036ea5299f1d2ebb2234731e35e.en.html
platform.twitter.com/widgets/ Frame 9DB6 0
0 13ms
9ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.7a5ca036ea5299f1d2ebb2234731e35e.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40FE) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E88D36113169FDDE12FD6800890E2B17
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 18 Jul 2018 13:29:49 GMT
Etag: "2ac404da761f6267a4012b5956e41e44+gzip"
Last-Modified: Tue, 10 Jul 2018 21:19:33 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40FE)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12589

GET
S 200 web.js Show response
cache-ssl.celtra.com/api/creatives/83b427c8/compiled/ 838 KB
170 KB 10ms
10ms Script
application/javascript 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/creatives/83b427c8/compiled/web.js?v=72-505b0166ee&secure=1&cachedVariantChoices=W10-&inmobi=0
Requested by: Host: ads.celtra.com
URL: https://ads.celtra.com/ad912be8/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3cpRPtRgGXYfKtCwyW8LN-MnBpNvlKy_3GQdOJ1lBtFHAmRJzOpdtzpQX6Lbk67DlO1PnFgfFYn7dbAj8SkjF3zioRVDLvTjFxI00sOPJsCPljdBBlOobSFqmJOBc8e6PyVL_xn4WY4Q6hj-NiC3hvPxbRVaSV11Gaa_AWOxC_ZjWcM2vnKEz7V4m3MxcgU9oZTmZHldQSIqwjXp5ubUshpRQryrptr8XjL45fKoFYlosYOL7-vXbGWCTbtAw98ynUkzsUCwnGTliibr2J-R9%26sai%3DAMfl-YQmt_Lw9aSI8QvugrBiP4C_UsxNN4CIOWspTF6QwRGPB3EZzfHf8Q0ZVj96SQ2mmBa_IfIlykV0ohrMNGxMh8Rz-KwAsYt_VtbHUkvoEQ%26sig%3DCg0ArKJSzCojZqObDtAfEAE%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=6&externalCreativeId=138236492235&externalPlacementId=95423676&externalSiteId=27868836&externalSiteName=darkreading.com&externalLineItemId=4710073630&externalCampaignId=2283611939&scriptId=celtra-script-1&clientTimestamp=1531920589.197&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=4571276168622629
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 0ff931a9bd195069d4eac95f39d5df119feebd2dc692044ea9bd0ecfef4bf94b

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 17 Jul 2018 09:14:29 GMT
content-encoding: gzip
age: 101719
x-cache: Hit from cloudfront
status: 200
content-length: 172941
access-control-allow-origin: *
server: Apache
etag: "3fb0f7d77ec07f1626ab75323b5d612311291e87e4c864423cbbaa42d40e46eb"
vary: Accept-Encoding
x-varnish: 167876410
via: 1.1 varnish (Varnish/5.0), 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 44gZndrFiA-oJLKUW60zKYNDRLj4uENStMiErOGl819DswPpwHh0JQ==

GET
S 200 tbrZmAf1
pbs.twimg.com/card_img/1018936628084133889/ Frame 16D3 7 KB
7 KB 8ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1018936628084133889/tbrZmAf1?format=jpg&name=144x144_2

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418E) /

Resource Hash

ef8b76802728222a2ca9cbc4dd81c377cb810f4dd04d8cae8f0b7e8c48c3934b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 173
date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/2 card_img/1018936628084133889
last-modified: Mon, 16 Jul 2018 19:11:17 GMT
server: ECS (fcn/418E)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 05d7c2bdca5ca349435166bd4768324d
accept-ranges: bytes
content-length: 7162

GET
H/1.1 200
OK timeline.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ Frame 16D3 59 KB
13 KB 8ms
8ms Stylesheet
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AE) /
Resource Hash: a207a69795818b273d59459675372a9e22006cb782657cfa4a834819fb5993b0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/41AE)
Etag: "4907c550dc04df79d66538586d7c66f4+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 13309

GET
H/1.1 200
OK timeline.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 59 KB
59 KB 7ms
6ms Image
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AE) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/41AE)
Etag: "4907c550dc04df79d66538586d7c66f4+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 13309

GET
H/1.1 200
OK ad Show response
a.teads.tv/page/11512/ 98 B
467 B 120ms
35ms XHR
application/json 52.210.103.2
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/11512/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=&page=%7B%22id%22%3A11512%2C%22placements%22%3A%5B%7B%22id%22%3A21882%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A489%2C%22height%22%3A275%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22status%22%3A22%2C%22consent%22%3A%22%22%7D%7D&userId=d77ab0ff-5e61-446d-a42c-0a7aa89a27bf&formatVersion=2.19.30&env=js-web&netBw=9.5
Requested by: Host: cdn.teads.tv
URL: https://cdn.teads.tv/media/format/v3/teads-format.min.js
Protocol: HTTP/1.1
Server: 52.210.103.2 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-210-103-2.eu-west-1.compute.amazonaws.com
Software: teads-ssp /
Resource Hash: 2465f67342841d5db9f96c3ec1d4428c00e6d62c10424d6f9262403d599e9e92

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:49 GMT
Content-Encoding: gzip
Server: teads-ssp
Content-Type: application/json
Access-Control-Allow-Origin: https://www.darkreading.com
Cache-Control: no-cache, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 111
Expires: 0

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1531920589710&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1531920589710&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...

43 B
309 B

8ms
7ms

Image
image/gif

104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1531920589710&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=33437156&cs_ucfr=1
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 104.111.214.103 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:49 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1531920589710&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=33437156&cs_ucfr=1
Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:49 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track
t.teads.tv/ 23 B
193 B 27ms
26ms Image
image/gif 54.72.188.174
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&pageId=11512&pid=21882&gid=[insertionId]&slot=native&env=js-web&ts=1531920589699
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 54.72.188.174 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-188-174.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 23
content-type: image/gif

GET
H/1.1 200
OK track
t.teads.tv/ 23 B
193 B 27ms
26ms Image
image/gif 54.72.188.174
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&pageId=11512&pid=21882&gid=[insertionId]&slot=native&env=js-web&ts=1531920589709
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 54.72.188.174 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-188-174.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 23
content-type: image/gif

GET
S 200 qEslXi4h_normal.jpg
pbs.twimg.com/profile_images/959102066177187840/ Frame 16D3 2 KB
2 KB 8ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/959102066177187840/qEslXi4h_normal.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4188) /

Resource Hash

2d10b2760e19fc3c238a0cba2477685678033fa40602d6129e268ce2d7920e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 138
date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/3 profile_images/959102066177187840
last-modified: Thu, 01 Feb 2018 16:30:06 GMT
server: ECS (fcn/4188)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 80d1950677c0d250fd9e9053f20fcd86
accept-ranges: bytes
content-length: 2111

GET
S 200 A4mG0U5P_normal.jpg
pbs.twimg.com/profile_images/885169621795565573/ Frame 16D3 2 KB
2 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/885169621795565573/A4mG0U5P_normal.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40B4) /

Resource Hash

25b438de3e944547e69c6de98e403f46a9aa4fb98e6d1bb34954fd30ebc19b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 126
date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/8 profile_images/885169621795565573
last-modified: Wed, 12 Jul 2017 16:08:58 GMT
server: ECS (fcn/40B4)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 88c8808ec265ca1feccaddfa12f8d0d3
accept-ranges: bytes
content-length: 1883

GET
S 200 MCnUBIAf_normal.jpg
pbs.twimg.com/profile_images/843913098759147521/ Frame 16D3 2 KB
2 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/843913098759147521/MCnUBIAf_normal.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418F) /

Resource Hash

fa61606cfbd7e7766bc290753e5d5c160088474ae21d9412bdabd4b9d0b71876

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
content-md5: TyqQdwBexIhG0Kphx2a0Eg==
x-cache: HIT
status: 200
content-length: 2035
x-response-time: 150
surrogate-key: profile_images profile_images/bucket/0 profile_images/843913098759147521
last-modified: Mon, 20 Mar 2017 19:50:16 GMT
server: ECS (fcn/418F)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3453485378755db634e25ebcc6194e62
accept-ranges: bytes

GET
S 200 wWRj5shY_normal.jpg
pbs.twimg.com/profile_images/894989549486526464/ Frame 16D3 2 KB
2 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/894989549486526464/wWRj5shY_normal.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40EA) /

Resource Hash

ff4684bb35018afa9c303baab1e083b32c72a4d7ea7862995850676c2df41a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 124
date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/0 profile_images/894989549486526464
last-modified: Tue, 08 Aug 2017 18:29:51 GMT
server: ECS (fcn/40EA)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: aa945e7282110c79ef19349b3adfd2f1
accept-ranges: bytes
content-length: 1883

GET
S 200 UAgdT_Vn_normal.jpg
pbs.twimg.com/profile_images/953801214780583936/ Frame 16D3 2 KB
2 KB 21ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/953801214780583936/UAgdT_Vn_normal.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

f4e46034db7ed19c7eea57ee4ad8df37199c55bc4e3eb36eb56a4707806ed726

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 135
date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/4 profile_images/953801214780583936
last-modified: Thu, 18 Jan 2018 01:26:25 GMT
server: ECS (fcn/40DE)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3e6193147033f335e306668e70e0ad79
accept-ranges: bytes
content-length: 2111

GET
S 200 83MsWiTf_normal.jpg
pbs.twimg.com/profile_images/758718572440977408/ Frame 16D3 2 KB
2 KB 11ms
10ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/758718572440977408/83MsWiTf_normal.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D7) /

Resource Hash

55aa37476c1749f53ee68b887ee451d0bd884acbeee966284b35ca027952e5f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
content-md5: kpjQ8Y0cv3FOBiUWQvcrYw==
x-cache: HIT
status: 200
content-length: 1959
x-response-time: 132
surrogate-key: profile_images profile_images/bucket/9 profile_images/758718572440977408
last-modified: Thu, 28 Jul 2016 17:37:38 GMT
server: ECS (fcn/40D7)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7999be4941fca38c8fb3fab16e6d7231
accept-ranges: bytes

GET
S 200 3ruUAzQA_normal.jpg
pbs.twimg.com/profile_images/601408018375409664/ Frame 16D3 2 KB
2 KB 11ms
10ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/601408018375409664/3ruUAzQA_normal.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4198) /

Resource Hash

a53f2c4fb40f36c41ccfadc9f4f51b4ee02bc48d22f4920b96763a540e59c973

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
content-md5: 8CXiZQrLPq/7h+BpXbv1Lw==
x-cache: HIT
status: 200
content-length: 1807
x-response-time: 132
surrogate-key: profile_images profile_images/bucket/4 profile_images/601408018375409664
last-modified: Thu, 21 May 2015 15:21:39 GMT
server: ECS (fcn/4198)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a65e7411c13e8a0ce136e230fa576927
accept-ranges: bytes

GET
S 200 nGwsSREY_normal.jpg
pbs.twimg.com/profile_images/776150993008459776/ Frame 16D3 2 KB
2 KB 11ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/776150993008459776/nGwsSREY_normal.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419F) /

Resource Hash

730f8c30578deacc8094c3ba25949fa5c177557d229cece0607245f0f64d12e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
content-md5: pQtSi2uAExQiQgqPVIJABg==
x-cache: HIT
status: 200
content-length: 1807
x-response-time: 314
surrogate-key: profile_images profile_images/bucket/3 profile_images/776150993008459776
last-modified: Wed, 14 Sep 2016 20:07:51 GMT
server: ECS (fcn/419F)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5e983bba4d6329cf706ccb69281ad608
accept-ranges: bytes

GET
S 200 kXfYU72C_normal.jpg
pbs.twimg.com/profile_images/903526803725139968/ Frame 16D3 2 KB
2 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/903526803725139968/kXfYU72C_normal.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418A) /

Resource Hash

82395f454c0974f042781ffe60c05db3b470ba25b386421db0eafd5e3b1c5d70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 106
date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/2 profile_images/903526803725139968
last-modified: Fri, 01 Sep 2017 07:53:51 GMT
server: ECS (fcn/418A)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e94b52f76257452a92aa609de0c1ed36
accept-ranges: bytes
content-length: 1959

GET
S 200 yw2sOyvc_normal.jpg
pbs.twimg.com/profile_images/1018860202815352832/ Frame 16D3 2 KB
2 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1018860202815352832/yw2sOyvc_normal.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4186) /

Resource Hash

250e08377de1d5a5090f873e5857d3ff489c8a5013a6350d09f9a4cbbfd1c02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 125
date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/5 profile_images/1018860202815352832
last-modified: Mon, 16 Jul 2018 14:07:36 GMT
server: ECS (fcn/4186)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2c47ab91ca26239a273b9e1bbbd383ff
accept-ranges: bytes
content-length: 2111

GET
S 200 0GTRzVj0_normal.jpg
pbs.twimg.com/profile_images/1010096262383915008/ Frame 16D3 2 KB
2 KB 11ms
10ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1010096262383915008/0GTRzVj0_normal.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40FD) /

Resource Hash

1e2203c9221187d6ae9b612a1f38283466f0b353c4d17d1ce8e58eaa4ba86dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 135
date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/2 profile_images/1010096262383915008
last-modified: Fri, 22 Jun 2018 09:42:50 GMT
server: ECS (fcn/40FD)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ab6b01c0b737e0722b890d5acf40329a
accept-ranges: bytes
content-length: 2111

GET
S 200 zn9ASj0F_normal.jpg
pbs.twimg.com/profile_images/588039865197002753/ Frame 16D3 1 KB
2 KB 11ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/588039865197002753/zn9ASj0F_normal.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4192) /

Resource Hash

919e1856b70890616790bf15579c7a34d8d8e3d1be1d7bdfc3b74170b24ecc7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
content-md5: 6xoYZzN9p7WSKkbJxw2/3w==
x-cache: HIT
status: 200
content-length: 1503
x-response-time: 131
surrogate-key: profile_images profile_images/bucket/2 profile_images/588039865197002753
last-modified: Tue, 14 Apr 2015 18:01:23 GMT
server: ECS (fcn/4192)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 245b3eef80a3983a8711c40d0b224824
accept-ranges: bytes

GET
S 200 KPV_6UE0_normal.jpg
pbs.twimg.com/profile_images/787030214958321664/ Frame 16D3 2 KB
2 KB 12ms
12ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/787030214958321664/KPV_6UE0_normal.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40F9) /

Resource Hash

79bafaff3b54a8fe654b51e547eba194d3606f7d77e2ab516fe9a85f81dddac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
content-md5: y4gbCRKZuX9fpTOcBympIQ==
x-cache: HIT
status: 200
content-length: 1959
x-response-time: 124
surrogate-key: profile_images profile_images/bucket/2 profile_images/787030214958321664
last-modified: Fri, 14 Oct 2016 20:38:00 GMT
server: ECS (fcn/40F9)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2d26118470dc3bed2500c8f21326471a
accept-ranges: bytes

GET
S 200 75Mx-PGF_normal.jpg
pbs.twimg.com/profile_images/990860041086554112/ Frame 16D3 2 KB
2 KB 12ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/990860041086554112/75Mx-PGF_normal.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DC) /

Resource Hash

8634d585a349a15fb27c4710dd1d433431e8b46231243296567755bfc15ce23d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 133
date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/1 profile_images/990860041086554112
last-modified: Mon, 30 Apr 2018 07:44:57 GMT
server: ECS (fcn/40DC)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 85574a2d2e0f7597e82ec302c6c5c9f9
accept-ranges: bytes
content-length: 2111

GET
S 200 DiY4_4NU8AA6LQa
pbs.twimg.com/media/ Frame 16D3 19 KB
19 KB 10ms
10ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DiY4_4NU8AA6LQa?format=jpg&name=360x360

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40F9) /

Resource Hash

c15efc058d86ff1a908b094e82326900ccabb0755b7c0aafc6659a4db1ccabe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 193
date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/0 media/1019565035717193728
last-modified: Wed, 18 Jul 2018 12:48:21 GMT
server: ECS (fcn/40F9)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f88151c4b2fd5e56fe21291fcf955da6
accept-ranges: bytes
content-length: 19003

GET
S 200 DiXaaARX0AAL-vu
pbs.twimg.com/media/ Frame 16D3 11 KB
11 KB 10ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DiXaaARX0AAL-vu?format=jpg&name=360x360

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4194) /

Resource Hash

4cf4a9e8494f0ba7b75c1321d45f9e9ed280e574cd5f8a3a8635b3481d8a015f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 174
date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/8 media/1019461030953603072
last-modified: Wed, 18 Jul 2018 05:55:05 GMT
server: ECS (fcn/4194)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0b9971454745bc666611d6281bba6597
accept-ranges: bytes
content-length: 10980

GET
S 200 DiYESzgXUAAc4XU
pbs.twimg.com/media/ Frame 16D3 21 KB
21 KB 10ms
10ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DiYESzgXUAAc4XU?format=jpg&name=360x360

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4185) /

Resource Hash

8a9b65c008f5392c90bb4019809889bd090dff5c5ec15c002eb5a175d0e6b9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 160
date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/4 media/1019507086756106240
last-modified: Wed, 18 Jul 2018 08:58:05 GMT
server: ECS (fcn/4185)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d3938f61466e55d27346ded2bb074ff6
accept-ranges: bytes
content-length: 21275

GET
S 200 syndication_bundle_v1_b6ca60da9b93228ca492958b7d1b0b6a37402f5e.css
ton.twimg.com/tfw/css/ Frame 16D3 43 KB
7 KB 6ms
6ms Stylesheet
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_b6ca60da9b93228ca492958b7d1b0b6a37402f5e.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

012855cb1423bb44035532360d13878068aeee580745df244aade4d25fe75600

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 44093
x-cache: HIT
status: 200
content-length: 6771
x-response-time: 119
surrogate-key: tfw
last-modified: Tue, 03 Jul 2018 18:04:44 GMT
server: ECS (fcn/41A3)
etag: "vDNjJf1prx5xgxP1ffKXQw=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://twitter.com
x-transaction-id: 00d419a6004e9e9c
cache-control: max-age=60
perf: 6
x-connection-hash: 48454b461d787931d1ad44adb7a4efd1
accept-ranges: bytes
expires: Wed, 25 Jul 2018 13:29:49 GMT

GET
S 200 syndication_bundle_v1_b6ca60da9b93228ca492958b7d1b0b6a37402f5e.css
ton.twimg.com/tfw/css/ 43 KB
43 KB 6ms
6ms Image
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_b6ca60da9b93228ca492958b7d1b0b6a37402f5e.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 44093
x-cache: HIT
status: 200
content-length: 6771
x-response-time: 119
surrogate-key: tfw
last-modified: Tue, 03 Jul 2018 18:04:44 GMT
server: ECS (fcn/41A3)
etag: "vDNjJf1prx5xgxP1ffKXQw=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://twitter.com
x-transaction-id: 00d419a6004e9e9c
cache-control: max-age=60
perf: 6
x-connection-hash: 48454b461d787931d1ad44adb7a4efd1
accept-ranges: bytes
expires: Wed, 25 Jul 2018 13:29:49 GMT

GET
DATA 200
OK truncated
/ Frame 16D3 618 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b051420a41347f3e04fbe6745d5fa58c3dfd40a7209b8dc09a138bc6381bd8dc

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 16D3 559 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd7887cf9a61431f64864df1e5fe9823e163638bf811dc97ee556268886bf865

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 16D3 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 16D3 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK pixel.js Show response
polo-v1.feathr.co/v1/accounts/5772dda68e8027153edc8f4f/ 32 B
456 B 326ms
106ms Script
text/javascript 184.72.232.165
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://polo-v1.feathr.co/v1/accounts/5772dda68e8027153edc8f4f/pixel.js
Requested by: Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js
Protocol: HTTP/1.1
Server: 184.72.232.165 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-184-72-232-165.compute-1.amazonaws.com
Software: Apache/2.4.33 (Amazon) mod_wsgi/3.5 Python/3.6.5 /
Resource Hash: eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:50 GMT
Server: Apache/2.4.33 (Amazon) mod_wsgi/3.5 Python/3.6.5
Vary: User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, max-age=14400
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Authorization
Content-Length: 32

GET
H/1.1 200
OK script.js Show response
polo-v1.feathr.co/v1/analytics/match/ 285 B
645 B 343ms
111ms Script
text/javascript 184.72.232.165
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://polo-v1.feathr.co/v1/analytics/match/script.js
Requested by: Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js
Protocol: HTTP/1.1
Server: 184.72.232.165 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-184-72-232-165.compute-1.amazonaws.com
Software: Apache/2.4.33 (Amazon) mod_wsgi/3.5 Python/3.6.5 /
Resource Hash: 67033275deb8b25d22abf896920ccf74e05f41db680929449c04bbfb9fca5681

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:50 GMT
Content-Encoding: gzip
Server: Apache/2.4.33 (Amazon) mod_wsgi/3.5 Python/3.6.5
ETag: "5b4f40cd03eec00001bcbf25-gzip"
Vary: Accept-Encoding,User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, max-age=0
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Authorization
Content-Length: 152

GET
H/1.1

200
OK

Cookie set redirect
sync.teads.tv/iframe/ Frame 88D3
Redirect Chain

https://sync.teads.tv/iframe?pid=21882&userId=d77ab0ff-5e61-446d-a42c-0a7aa89a27bf&gdprIab={%22status%22:22,%22consent%22:%22%22}&1531920589862
https://sync.teads.tv/iframe/redirect

0
0

29ms
29ms

Document
text/html

54.76.26.3
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe/redirect
Requested by: Host: cdn.teads.tv
URL: https://cdn.teads.tv/media/format/v3/teads-format.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.26.3 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-76-26-3.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.0-RC2 /
Resource Hash

Request headers

Host: sync.teads.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Accept-Encoding: gzip, deflate
Cookie: tt_viewer=b183f76d-3454-45ed-b225-37f40da3a5f1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E88D36113169FDDE12FD6800890E2B17
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Response headers

Content-Type: text/html; charset=UTF-8
Date: Wed, 18 Jul 2018 13:29:49 GMT
Server: akka-http/10.1.0-RC2
Set-Cookie: tt_exelate=; Expires=Thu, 19 Jul 2018 13:29:49 GMT; Domain=.teads.tv tt_bluekai=; Expires=Thu, 19 Jul 2018 13:29:49 GMT; Domain=.teads.tv tt_emetriq=; Expires=Thu, 19 Jul 2018 13:29:49 GMT; Domain=.teads.tv
Content-Length: 1390
Connection: keep-alive

Redirect headers

Content-Type: text/html; charset=UTF-8
Date: Wed, 18 Jul 2018 13:29:49 GMT
Location: /iframe/redirect
Server: akka-http/10.1.0-RC2
Set-Cookie: tt_viewer=b183f76d-3454-45ed-b225-37f40da3a5f1; Expires=Wed, 17 Jul 2019 13:29:49 GMT; Max-Age=31449600; Domain=.teads.tv; Path=/
Content-Length: 89
Connection: keep-alive

GET
DATA 200
OK truncated
/ 669 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
123 B 15ms
15ms Image
image/gif 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEeUWTZ6HDpNj7mSQgde6tRj9B1hdAdmFRnXkRc1RqefJoWh0KOMq3pbAqdhd7vkxKeXjYwIOq7_2AtMjCYT421H1OzgKaHOM&sig=Cg0ArKJSzCgygzUhFmh1EAE&r=z&adk=2939462539&tt=937&bs=1585%2C1200&mtos=0%2C0%2C0%2C0%2C0&tos=0%2C0%2C0%2C0%2C0&p=15%2C0%2C15%2C1585&mcvt=0&rs=3&ht=0&mc=0&lte=-1&bas=0&bac=0&avms=geo&bos=1600%2C1200&ps=1585%2C4992&ss=1600%2C1200&pt=-1&deb=1-0-8-9-11--1-23-3&tvt=929&op=1&id=osdim&ti=1&uc=1&tgt=G%3APLUSONE&cl=1&cec=2&clc=0&cac=0&cd=0x0&v=r20180711

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
123 B 14ms
14ms Image
image/gif 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMpKkMJTsjsG3tId53x-yiGsTpC2_jlOj9AcE5PJt_MCOT_wf3Poc3iDWMSf0AutHAcH1HB9tbUHFnkaVQJC-zh-_r2i-wSpE&sig=Cg0ArKJSzE93vWy7tzg-EAE&r=z&adk=2890945858&tt=937&bs=1585%2C1200&mtos=0%2C0%2C0%2C0%2C0&tos=0%2C0%2C0%2C0%2C0&p=338%2C293%2C338%2C1292&mcvt=0&rs=3&ht=0&mc=0&lte=-1&bas=0&bac=0&avms=geo&bos=1600%2C1200&ps=1585%2C4992&ss=1600%2C1200&pt=-1&deb=1-0-8-9-11--1-23-3&tvt=929&op=1&id=osdim&ti=1&uc=1&tgt=DIV&cl=1&cec=13&clc=9&cac=0&cd=489x95&v=r20180711

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jul 2018 13:29:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNTMxOTIwNTg5eDYwMjNmOThjNTlkNmYweDA0MjYzMzQ3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwNzI1NzQyMzA3ODE0NDk0MiIsImluZGV4I...
track.celtra.com/json/ 35 B
242 B 730ms
106ms Image
image/gif 52.202.3.209
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNTMxOTIwNTg5eDYwMjNmOThjNTlkNmYweDA0MjYzMzQ3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwNzI1NzQyMzA3ODE0NDk0MiIsImluZGV4IjowLCJjbGllbnRUaW1lc3RhbXAiOjE1MzE5MjA1ODkuODU1LCJuYW1lIjoiY29udGFpbmVyQmVjYW1lVmlld2FibGUifV19?crc32c=628152147
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 52.202.3.209 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-3-209.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:50 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
S 200 imgad
tpc.googlesyndication.com/pagead/ 127 KB
128 KB 11ms
10ms Image
image/png 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKCbzp3hMxABGAEyCDQ2WadVawRw

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

89cf868c1487237ef35c8af6260b1a08e2208b3868ac0f198c6ee5b97ff2e37c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 14 Jul 2018 08:35:18 GMT
x-content-type-options: nosniff
server: cafe
age: 363272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
status: 200
cache-control: public, max-age=604800
content-disposition: attachment; filename="image.png"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 130504
x-xss-protection: 1; mode=block
expires: Sat, 21 Jul 2018 08:35:18 GMT

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
123 B 26ms
21ms Image
image/gif 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQIf3MV0JWOzAEVddaDVPExUP_La0QZjm76qIppIFa25eaXwChlI81HtuAouzxlyXLrw99uu9cguVpd_GJt70xKCWPvyzpZ_4&sig=Cg0ArKJSzFr3OSjPbVQGEAE&r=z&adk=1909009090&tt=1201&bs=1585%2C1200&mtos=0%2C0%2C0%2C0%2C0&tos=0%2C0%2C0%2C0%2C0&p=2910%2C313%2C2910%2C915&mcvt=0&rs=3&ht=0&mc=0&lte=-1&bas=0&bac=0&avms=geo&bos=1600%2C1200&ps=1585%2C4992&ss=1600%2C1200&pt=-1&deb=1-0-8-10-12--1-57-4&tvt=1193&op=1&id=osdim&ti=1&uc=1&tgt=DIV&cl=1&cec=6&clc=0&cac=0&cd=602x0&v=r20180711

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jul 2018 13:29:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
123 B 23ms
22ms Image
image/gif 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvb5cBN5e8K6gCIgrDqNkqXS2-UtOPoULtCiAqs2iW2i3ru8vAqP2nQbg2GkxWpKUhftCkYpPIUYGA4fEYjZGC-1wSY35yKpCk&sig=Cg0ArKJSzFbUpky1DRttEAE&r=z&adk=1978988809&tt=1201&bs=1585%2C1200&mtos=0%2C0%2C0%2C0%2C0&tos=0%2C0%2C0%2C0%2C0&p=412%2C935%2C412%2C1271&mcvt=0&rs=3&ht=0&mc=0&lte=-1&bas=0&bac=0&avms=geo&bos=1600%2C1200&ps=1585%2C4992&ss=1600%2C1200&pt=-1&deb=1-0-8-10-12--1-57-4&tvt=1193&op=1&id=osdim&ti=1&uc=1&tgt=DIV&cl=1&cec=5&clc=0&cac=0&cd=336x0&v=r20180711

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jul 2018 13:29:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
123 B 20ms
19ms Image
image/gif 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscYEK2C21XiE-PvemzCmTVWrGnKjOCBHAMzOgLrG3PVWQmomURX2TTlTmxJFCd-ckGVU9gQkl9KoSzD5sriPgEpkIU2XJ8KUc&sig=Cg0ArKJSzNjlKtTbQVmiEAE&r=z&adk=1580033366&tt=1201&bs=1585%2C1200&mtos=0%2C0%2C0%2C0%2C0&tos=0%2C0%2C0%2C0%2C0&p=4156%2C935%2C4156%2C1271&mcvt=0&rs=3&ht=0&mc=0&lte=-1&bas=0&bac=0&avms=geo&bos=1600%2C1200&ps=1585%2C4992&ss=1600%2C1200&pt=-1&deb=1-0-8-10-12--1-57-4&tvt=1193&op=1&id=osdim&ti=1&uc=1&tgt=BODY&cl=0&cec=44&clc=11&cac=0&cd=1585x1200&v=r20180711

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jul 2018 13:29:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg
ton.twimg.com/tfw/assets/ Frame 16D3 829 B
567 B 16ms
13ms Image
image/svg+xml 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/assets/news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AC) /

Resource Hash

5c0f79d0286f1fd3db48e1b689358017b302c0f4babde540329e8c644cf119c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ton.twimg.com/tfw/css/syndication_bundle_v1_b6ca60da9b93228ca492958b7d1b0b6a37402f5e.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 829
x-cache: HIT
status: 200
content-length: 395
x-response-time: 137
surrogate-key: tfw
last-modified: Tue, 03 Jul 2018 18:04:44 GMT
server: ECS (fcn/41AC)
etag: "CTUg6L9PuY+d9h5xpE0zmw=="
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://twitter.com
x-connection-hash: 25bf64b23093db2531e28d9e9f397b8c
accept-ranges: bytes
expires: Wed, 25 Jul 2018 13:29:50 GMT

GET
S 200 css
fonts.googleapis.com/ Frame F7BC 263 B
357 B 19ms
19ms Stylesheet
text/css 2a00:1450:400e:803::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400&text=VIDEOTWRBLGSUC

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e14d4e36fede709207c2745214d0d4c29d09f08df902c95997b2da292cf58f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=600
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=600
content-encoding: gzip
last-modified: Wed, 18 Jul 2018 13:29:50 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 18 Jul 2018 13:29:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
expires: Wed, 18 Jul 2018 13:29:50 GMT

GET
S 200 SIEM_for_Beginners_Thumbnail.jpg
cache-ssl.celtra.com/api/blobs/0e8e43a1673885000478325b557eccee1be99f7651d78c3038762ae6970b8450/ Frame F7BC 3 KB
4 KB 10ms
10ms Image
image/jpeg 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/0e8e43a1673885000478325b557eccee1be99f7651d78c3038762ae6970b8450/SIEM_for_Beginners_Thumbnail.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: de19d144da0d68c80b12b2da91fe4458fc8050b8c07cae05f013c7174d732d28

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 17:45:22 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
age: 416667
x-cache: Hit from cloudfront
status: 200
content-length: 3531
server: Apache
etag: "de19d144da0d68c80b12b2da91fe4458fc8050b8c07cae05f013c7174d732d28"
x-varnish: 155591726 146784676
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: Jx-E-oeCFL2Z4Eb9wh2tcXmCCEdy0lpe9rMo-uSeWQ5CfjrXDR16BQ==

GET
S 200 office365.png
cache-ssl.celtra.com/api/blobs/a41e26958d8f7e9e72947f6e992c3158f47956b9166329f958e856f0dabfdc2e/ Frame F7BC 63 KB
64 KB 10ms
10ms Image
image/png 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/a41e26958d8f7e9e72947f6e992c3158f47956b9166329f958e856f0dabfdc2e/office365.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 773c9f4c27c7c53401864ac6d24c39178bb580c49d06c39f220833ae41f184aa

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 17:33:56 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
age: 417354
x-cache: Hit from cloudfront
status: 200
content-length: 64809
server: Apache
etag: "773c9f4c27c7c53401864ac6d24c39178bb580c49d06c39f220833ae41f184aa"
x-varnish: 130247110 158205217
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: 1Zo4_YlvgQubTt7pbAc1ZxK6hxuELmkZ9ojxhlKCEfSr_mfhB2WtcA==

GET
S 200 unifiedsecuritymanagementvsSIEM.png
cache-ssl.celtra.com/api/blobs/9a9d1e00a6480e06bf7c43701e9e99b21f5eef569eea68c53adc1b50fdf9af41/ Frame F7BC 22 KB
22 KB 9ms
8ms Image
image/png 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/9a9d1e00a6480e06bf7c43701e9e99b21f5eef569eea68c53adc1b50fdf9af41/unifiedsecuritymanagementvsSIEM.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 0a5093e8c6db55d79f73d77391040b11e6f5c68a2cd1e90c804d6319b11b54c2

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 17:33:56 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
age: 417353
x-cache: Hit from cloudfront
status: 200
content-length: 22458
server: Apache
etag: "0a5093e8c6db55d79f73d77391040b11e6f5c68a2cd1e90c804d6319b11b54c2"
x-varnish: 117546770 111488508
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: fjhnssTadmQr-9-apQ4ebppUfNnQEzp1mkL8b7i8j6M-J6k4WKg7Uw==

GET
S 200 Ransomware_Detection_and_Protection_for_Beginners_Thumbnail.jpg
cache-ssl.celtra.com/api/blobs/a22f7e1e4f750446b92ad35152c49a1130d1c4fb15e121fbfbc4934af331f938/ Frame F7BC 4 KB
4 KB 9ms
8ms Image
image/jpeg 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/a22f7e1e4f750446b92ad35152c49a1130d1c4fb15e121fbfbc4934af331f938/Ransomware_Detection_and_Protection_for_Beginners_Thumbnail.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: c49814ce9b3277d249030bfc2cf94c9f9ceb5f20beb04c3ec4de49fb3db9e805

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 17:45:22 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
age: 416667
x-cache: Hit from cloudfront
status: 200
content-length: 3678
server: Apache
etag: "c49814ce9b3277d249030bfc2cf94c9f9ceb5f20beb04c3ec4de49fb3db9e805"
x-varnish: 117546771 110335166
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: twmUHOZTwoFyzbS16rC9aaFOrPldMka4ae67mbweyvOiU3DeMSYKKQ==

GET
S 200 beginnersguide.png
cache-ssl.celtra.com/api/blobs/ded855133407650f6223faaf81700288cd40b9a0b63238ea63e1d8a795dd40fb/ Frame F7BC 276 KB
277 KB 16ms
16ms Image
image/png 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/ded855133407650f6223faaf81700288cd40b9a0b63238ea63e1d8a795dd40fb/beginnersguide.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 8f3bdc6f3b2fe471b019df79b76c06f41fa5db79ca1e4d7998020660bb3ba146

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 17:33:56 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
age: 417353
x-cache: Hit from cloudfront
status: 200
content-length: 282982
server: Apache
etag: "8f3bdc6f3b2fe471b019df79b76c06f41fa5db79ca1e4d7998020660bb3ba146"
x-varnish: 158112605 155341174
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: aiqQXvYVqsHCqc3TVjZbNaHpHrd6JVRcxhm_Z3C1SFQkQkvw_5lWfg==

GET
S 200 li_hover.png
cache-ssl.celtra.com/api/blobs/e3228348fc17573d7db7d135ba5cf60985157f70dae6643939d3a6686b2aa699/ Frame F7BC 591 B
1 KB 8ms
8ms Image
image/png 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/e3228348fc17573d7db7d135ba5cf60985157f70dae6643939d3a6686b2aa699/li_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 07 Nov 2017 16:35:20 GMT
via: 1.1 varnish, 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
age: 21848070
x-cache: Hit from cloudfront
status: 200
content-length: 591
server: Apache
etag: "c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794"
x-varnish: 2142134884
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: g42GyyC0_cn8kOCbmkmDeIcPm2iMNhkNGlbGjp1XfdjjD_LH0oa1Fg==

GET
S 200 li.png
cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/ Frame F7BC 585 B
1 KB 9ms
7ms Image
image/png 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/li.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 09 Nov 2017 12:43:00 GMT
via: 1.1 varnish, 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
age: 21689210
x-cache: Hit from cloudfront
status: 200
content-length: 585
server: Apache
etag: "d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c"
x-varnish: 1596367355
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: qz4DznSHgy7x8g2VYBoOmrD5opeOn9YCPAklt1y5QvktyIOwao2XgA==

GET
S 200 fb_hover.png
cache-ssl.celtra.com/api/blobs/652ab50d0e331e4269bb4d847fcc5a5a4e3def07bb1ebca4d2d6fda889e52604/ Frame F7BC 348 B
814 B 15ms
14ms Image
image/png 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/652ab50d0e331e4269bb4d847fcc5a5a4e3def07bb1ebca4d2d6fda889e52604/fb_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 09 Nov 2017 10:59:07 GMT
via: 1.1 varnish, 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
age: 21695443
x-cache: Hit from cloudfront
status: 200
content-length: 348
server: Apache
etag: "9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39"
x-varnish: 2142601760
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: --FS6aIdJ49-CGtrMISSV5odUHsMWJlLprXu5ihN0svGFfU7MA2NtA==

GET
S 200 fb.png
cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/ Frame F7BC 348 B
815 B 15ms
15ms Image
image/png 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/fb.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 09 Nov 2017 02:12:32 GMT
via: 1.1 varnish, 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
age: 21727038
x-cache: Hit from cloudfront
status: 200
content-length: 348
server: Apache
etag: "e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395"
x-varnish: 1596235338
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: hF0JWWmOnPMAuGlxNrTo6vQtaHpTxMnqd71Qs6JSZfUl6LnabIMgPA==

GET
S 200 tw.png
cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/ Frame F7BC 781 B
1 KB 13ms
13ms Image
image/png 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/tw.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 18 Dec 2017 08:12:27 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
age: 18335843
x-cache: Hit from cloudfront
status: 200
content-length: 781
server: Apache
etag: "308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96"
x-varnish: 5839833
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: Df5eejQOfMGERJYZOOyIODXnpCcNQF4tyZ1VxlaeVGJWawZWdhroIg==

GET
S 200 tw_hover.png
cache-ssl.celtra.com/api/blobs/f0cccd681d168932db801410643c93f0df03370d5c638ab3e4a16e92b80b3aa0/ Frame F7BC 777 B
1 KB 15ms
15ms Image
image/png 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/f0cccd681d168932db801410643c93f0df03370d5c638ab3e4a16e92b80b3aa0/tw_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Sep 2017 05:30:55 GMT
via: 1.1 varnish, 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
age: 25516735
x-cache: Hit from cloudfront
status: 200
content-length: 777
server: Apache
etag: "1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e"
x-varnish: 1188842914
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: vH3ubmjtCjhEedw8AyqwKr1e_J4lhjscQDi1l6P1sy5Qck34KTLBGw==

GET
S 200 g%2B_hover.png
cache-ssl.celtra.com/api/blobs/02260b5f4db80947699c5410e58b39c7be2227725b7ea84612f6951decf546ec/ Frame F7BC 920 B
1 KB 9ms
7ms Image
image/png 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/02260b5f4db80947699c5410e58b39c7be2227725b7ea84612f6951decf546ec/g%2B_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: a2d47920b183262726f3833c961cb98c24f65c396bb248c4539391d72553284e

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 18 Dec 2017 08:36:46 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
age: 18334384
x-cache: Hit from cloudfront
status: 200
content-length: 920
server: Apache
etag: "a2d47920b183262726f3833c961cb98c24f65c396bb248c4539391d72553284e"
x-varnish: 2328471
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: LYo6uUAIRNGyh6TKz3k69aBGbFwZ3Sf9D2SavwTZC5-S2O7qUqUR3A==

GET
H/1.1

200
OK

match
polo-v1.feathr.co/v1/analytics/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5b4f40cd03eec00001bcbf25
https://polo-v1.feathr.co/v1/analytics/match?f_id=5b4f40cd03eec00001bcbf25&ttd_id=6b16b8ad-6c4e-47fa-9328-4ceff66ce653

43 B
458 B

193ms
192ms

Image
image/gif

184.72.232.165
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://polo-v1.feathr.co/v1/analytics/match?f_id=5b4f40cd03eec00001bcbf25&ttd_id=6b16b8ad-6c4e-47fa-9328-4ceff66ce653
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 184.72.232.165 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-184-72-232-165.compute-1.amazonaws.com
Software: Apache/2.4.33 (Amazon) mod_wsgi/3.5 Python/3.6.5 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:50 GMT
Server: Apache/2.4.33 (Amazon) mod_wsgi/3.5 Python/3.6.5
Vary: User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0,no-cache,no-store
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Authorization
Content-Length: 43

Redirect headers

pragma: no-cache
date: Wed, 18 Jul 2018 13:29:50 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://polo-v1.feathr.co/v1/analytics/match?f_id=5b4f40cd03eec00001bcbf25&ttd_id=6b16b8ad-6c4e-47fa-9328-4ceff66ce653
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H/1.1 200
OK crumb
polo-v1.feathr.co/v1/analytics/ 43 B
458 B 316ms
315ms Image
image/gif 184.72.232.165
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://polo-v1.feathr.co/v1/analytics/crumb?cb=1531920590242&a_id=5772dda68e8027153edc8f4f&f_id=5b4f40cd03eec00001bcbf25&ses_id=5b4f40cd1ca579178c916fcf&flvr=page_view&loc_url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fcoin-miner-malware-spikes-629--in-telling-q1%2Fd%2Fd-id%2F1332166&s_w=1600&s_h=1200&b_w=1600&b_h=1200&cust_params=e30=
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 184.72.232.165 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-184-72-232-165.compute-1.amazonaws.com
Software: Apache/2.4.33 (Amazon) mod_wsgi/3.5 Python/3.6.5 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:50 GMT
Server: Apache/2.4.33 (Amazon) mod_wsgi/3.5 Python/3.6.5
Vary: User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0,no-cache,no-store
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Authorization
Content-Length: 43

GET
S 200 g%2B.png
cache-ssl.celtra.com/api/blobs/4738e9d1b0f3583df7bf47b7bd5ac0bd411deb216443aa46d443be8976fb6530/ Frame F7BC 910 B
1 KB 10ms
9ms Image
image/png 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/4738e9d1b0f3583df7bf47b7bd5ac0bd411deb216443aa46d443be8976fb6530/g%2B.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: e48b5b18cd4fa82b4a90346da0845bf73a3d9f752fa1e173ce141a98fddeaf6f

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 18 Dec 2017 06:14:34 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
age: 18342916
x-cache: Hit from cloudfront
status: 200
content-length: 910
server: Apache
etag: "e48b5b18cd4fa82b4a90346da0845bf73a3d9f752fa1e173ce141a98fddeaf6f"
x-varnish: 3550990 5449613
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: B2TnV4-8Su8Z3O6_v9Gj3PlJ6Cr2LqJbjDan48fNT_bpzOtGGehlNw==

GET
S 200 yt_hover.png
cache-ssl.celtra.com/api/blobs/05c871534a66ba01deefbc75b6ed2f9281993581e903223785a6f6a7ff82bebb/ Frame F7BC 918 B
1 KB 45ms
45ms Image
image/png 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/05c871534a66ba01deefbc75b6ed2f9281993581e903223785a6f6a7ff82bebb/yt_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Dec 2017 20:26:37 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
age: 19155793
x-cache: Hit from cloudfront
status: 200
content-length: 918
server: Apache
etag: "6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677"
x-varnish: 77243550
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: ht2dtWLYnSMTtQ6LbS0MG5__zmMu8AhL6e8TLt7pZglawEXdwD5Vqw==

GET
S 200 yt.png
cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/ Frame F7BC 914 B
1 KB 14ms
14ms Image
image/png 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/yt.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 09 Nov 2017 02:40:03 GMT
via: 1.1 varnish, 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
age: 21725387
x-cache: Hit from cloudfront
status: 200
content-length: 914
server: Apache
etag: "8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28"
x-varnish: 1057753892
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: MVIjNncLtjgufQMruJOm-9KsIncqagQLZtPD0S7MYJrys76PxKfFTA==

GET
S 200 AV.Logo.Icon%26Type.png
cache-ssl.celtra.com/api/blobs/e8808d3e0e398251ee7f5355c71100634d56a3f670012eaae9a17690db67004f/ Frame F7BC 6 KB
7 KB 10ms
10ms Image
image/png 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/e8808d3e0e398251ee7f5355c71100634d56a3f670012eaae9a17690db67004f/AV.Logo.Icon%26Type.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 5a0e9c35f254c2b12c6f2e793d49bf238bff062822d5b25d9029fb3e6d1fc9fd

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 18:08:04 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
age: 415306
x-cache: Hit from cloudfront
status: 200
content-length: 6639
server: Apache
etag: "5a0e9c35f254c2b12c6f2e793d49bf238bff062822d5b25d9029fb3e6d1fc9fd"
x-varnish: 155591727 154761202
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: lZTOFwjark9ggKjBVcw3Ty3KYmqX7mUUx7W2Bc2wS5tIsp1tjOC0BA==

GET
S 200 font
fonts.gstatic.com/l/ Frame F7BC 2 KB
2 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=S6uyw4BMUTPHvxw6WQevLimqrplwqb0UmZyWWNr7bw&skey=2d58b92a99e1c086&v=v14

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:817::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

a855b14aa4fa07fff51f4d906b86222879e9720e98ad477057cb3298df36f348

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400&text=VIDEOTWRBLGSUC
Origin: https://www.darkreading.com

Response headers

date: Wed, 18 Jul 2018 06:42:57 GMT
last-modified: Wed, 11 Oct 2017 18:44:21 GMT
server: ESF
age: 24413
status: 200
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1812
x-xss-protection: 1; mode=block
expires: Wed, 18 Jul 2018 06:42:57 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNTMxOTIwNTg5eDYwMjNmOThjNTlkNmYweDA0MjYzMzQ3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwNzI1NzQyMzA3ODE0NDk0MiIsImluZGV4I...
track.celtra.com/json/ 35 B
242 B 331ms
106ms Image
image/gif 52.202.3.209
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNTMxOTIwNTg5eDYwMjNmOThjNTlkNmYweDA0MjYzMzQ3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwNzI1NzQyMzA3ODE0NDk0MiIsImluZGV4IjoxLCJjbGllbnRUaW1lc3RhbXAiOjE1MzE5MjA1ODkuOTE5LCJzY29wZSI6Imdsb2JhbCIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsIm9yaWVudGF0aW9uIjowLCJ0b3Btb3N0UmVhY2hhYmxlV2luZG93Ijp7IndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDB9LCJob3N0V2luZG93Ijp7IndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDB9LCJuZXN0aW5nIjp7ImlmcmFtZSI6ZmFsc2UsImZyaWVuZGx5SWZyYW1lIjpmYWxzZSwiaWFiRnJpZW5kbHlJZnJhbWUiOmZhbHNlLCJob3N0aWxlSWZyYW1lIjpmYWxzZSwiaWZyYW1lRGVwdGgiOjB9LCJwYWdlVmlzaWJpbGl0eUFwaSI6dHJ1ZSwicmVxdWVzdEFuaW1hdGlvbkZyYW1lIjp0cnVlLCJ0b3BXaW5kb3dOYXRpdmVSQUZTdXBwb3J0ZWQiOnRydWUsImFsbG93Tm9uTmF0aXZlUkFGRm9yVmlld2FibGVUaW1lVXNlZCI6ZmFsc2UsImNsaWVudFRpbWVab25lT2Zmc2V0SW5NaW51dGVzIjowLCJzdXBwb3J0c0NvbnRhaW5lclZpZXdhYmlsaXR5Ijp0cnVlLCJzdXBwb3J0c0NvbnRhaW5lckluaXRpYWxWaWV3YWJpbGl0eSI6dHJ1ZSwidGFnUGFyZW50V2lkdGgiOjMzNiwidGFnUGFyZW50SGVpZ2h0IjowLCJhbXBEZXRlY3RlZCI6ZmFsc2UsImFtcE5lc3RpbmdMZXZlbCI6IiIsInNhZmVGcmFtZURldGVjdGVkIjpmYWxzZSwiZmV0Y2hTdXBwb3J0ZWQiOnRydWUsImFzYXBFbmFibGVkIjpudWxsLCJuYXRpdmVQcm9taXNlc1N1cHBvcnRlZCI6dHJ1ZSwiYmVhY29uU3VwcG9ydGVkIjp0cnVlLCJJbnRlcnNlY3Rpb25PYnNlcnZlclN1cHBvcnRlZCI6dHJ1ZSwiaXNNdXRhdGlvbk9ic2VydmVyU3VwcG9ydGVkIjp0cnVlLCJ3ZWJWaWV3IjpudWxsLCJ0b3BXaW5kb3dMb2NhdGlvbiI6Imh0dHBzOi8vd3d3LmRhcmtyZWFkaW5nLmNvbS90aHJlYXQtaW50ZWxsaWdlbmNlL2NvaW4tbWluZXItbWFsd2FyZS1zcGlrZXMtNjI5LS1pbi10ZWxsaW5nLXExL2QvZC1pZC8xMzMyMTY2IiwidG9wV2luZG93TG9jYXRpb25MZW5ndGgiOjEwNywibmFtZSI6ImVudmlyb25tZW50SW5mbyJ9LHsic2Vzc2lvbklkIjoiczE1MzE5MjA1ODl4NjAyM2Y5OGM1OWQ2ZjB4MDQyNjMzNDciLCJhY2NvdW50SWQiOiI0NGI3NGIzNSIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjA3MjU3NDIzMDc4MTQ0OTQyIiwiaW5kZXgiOjIsImNsaWVudFRpbWVzdGFtcCI6MTUzMTkyMDU5MC4zNDYsIm5hbWUiOiJjcmVhdGl2ZUxvYWRlZCIsInZpZXdhYmlsaXR5MDBNZWFzdXJhYmxlIjp0cnVlLCJ2aWV3YWJpbGl0eTUwMU1lYXN1cmFibGUiOnRydWUsInZpZXdhYmxlVGltZU1lYXN1cmFibGUiOnRydWUsImNkblZhcmlhbnQiOiJub25lIn0seyJzZXNzaW9uSWQiOiJzMTUzMTkyMDU4OXg2MDIzZjk4YzU5ZDZmMHgwNDI2MzM0NyIsImFjY291bnRJZCI6IjQ0Yjc0YjM1Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiMDcyNTc0MjMwNzgxNDQ5NDIiLCJpbmRleCI6MywiY2xpZW50VGltZXN0YW1wIjoxNTMxOTIwNTkwLjM2NCwibmFtZSI6InZpZXdwb3J0UGxhY2VtZW50R2VvbWV0cnkiLCJwYWdlRGltZW5zaW9ucyI6eyJoZWlnaHQiOjU5OTYsIndpZHRoIjoxNTg1fSwidmlld3BvcnRQb3NpdGlvblJlY3QiOnsid2lkdGgiOjE2MDAsImhlaWdodCI6MTIwMCwibGVmdCI6MCwidG9wIjowfSwiZmlyc3RQbGFjZW1lbnRQb3NpdGlvblJlY3QiOnsibGVmdCI6OTM0LjUsInRvcCI6NDExLjkyMTg3NSwid2lkdGgiOjMzNiwiaGVpZ2h0Ijo2MDB9fSx7InNlc3Npb25JZCI6InMxNTMxOTIwNTg5eDYwMjNmOThjNTlkNmYweDA0MjYzMzQ3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwNzI1NzQyMzA3ODE0NDk0MiIsImluZGV4Ijo0LCJjbGllbnRUaW1lc3RhbXAiOjE1MzE5MjA1OTAuMzc4LCJuYW1lIjoidmlld2FibGUwMCIsImNyaXRlcmlvbiI6eyJuYW1lIjoiQ29yZSIsInJhdGlvIjowLCJ0aW1lIjowfX0seyJzZXNzaW9uSWQiOiJzMTUzMTkyMDU4OXg2MDIzZjk4YzU5ZDZmMHgwNDI2MzM0NyIsImFjY291bnRJZCI6IjQ0Yjc0YjM1Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiMDcyNTc0MjMwNzgxNDQ5NDIiLCJpbmRleCI6NSwiY2xpZW50VGltZXN0YW1wIjoxNTMxOTIwNTkwLjM5NSwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOm51bGwsInNjcmVlbkxvY2FsSWQiOjEzNjgsInNjcmVlblRpdGxlIjoiUmVzb3VyY2VzIiwic2NyZWVuSXNNYXN0ZXIiOmZhbHNlLCJvYmplY3RMb2NhbElkIjpudWxsLCJvYmplY3ROYW1lIjpudWxsLCJvYmplY3RDbGF6eiI6bnVsbCwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTUzMTkyMDU5MC4zOTQsIm5hbWUiOiJzY3JlZW5TaG93biJ9LHsic2Vzc2lvbklkIjoiczE1MzE5MjA1ODl4NjAyM2Y5OGM1OWQ2ZjB4MDQyNjMzNDciLCJhY2NvdW50SWQiOiI0NGI3NGIzNSIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjA3MjU3NDIzMDc4MTQ0OTQyIiwiaW5kZXgiOjYsImNsaWVudFRpbWVzdGFtcCI6MTUzMTkyMDU5MC4zOTUsIm5hbWUiOiJjcmVhdGl2ZVJlbmRlcmVkIn1dfQ==?crc32c=958945723
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 52.202.3.209 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-3-209.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:50 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNTMxOTIwNTg5eDYwMjNmOThjNTlkNmYweDA0MjYzMzQ3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwNzI1NzQyMzA3ODE0NDk0MiIsImluZGV4Ijo3LCJjbGllbnRUaW1lc3RhbXAiOjE1MzE5MjA1OTAuNDI2LCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTUzMTkyMDU5MC4zOCwidG8iOjE1MzE5MjA1OTAuMzh9XX0=?crc32c=1979648274
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 52.202.3.209 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-3-209.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:50 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
S 200 player_api Show response
www.youtube.com/ Frame F7BC 859 B
931 B 19ms
19ms Script
application/javascript 2a00:1450:4001:811::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:811::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

f8a4191fa894388cccd9c16d920d66e728b8f0f6e4bc2184147acc40993e23a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:50 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 859
x-xss-protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
expires: Tue, 27 Apr 1971 19:44:06 EST

GET
S 200 user_timeline Show response
cache-ssl.celtra.com/api/twitter/statuses/ Frame F7BC 60 KB
5 KB 12ms
11ms Script
application/javascript 54.192.94.49
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/twitter/statuses/user_timeline?screen_name=alienvault&jsonp=jsonp_celtra_twitter_proxy_366
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 1518e192582f89bc18d077108fa3b31085d26ad467acad465c03fc6badb683cd

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:20:43 GMT
content-encoding: gzip
age: 546
x-cache: Hit from cloudfront
status: 200
content-length: 5099
access-control-allow-origin: *
server: Apache
etag: "1fab8a289d11922a427109f21703c3b40d1390b1600abde8551cffcd05d23363"
vary: Accept-Encoding
x-varnish: 168217983
via: 1.1 varnish (Varnish/5.0), 1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: JdZOfzY3tUHgfHzaVv0TwAsYHAtpzHlfGS9Fl5PkibwreYzbOvxLSA==

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3350 42 B
123 B 14ms
14ms Image
image/gif 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVWMIA7VxuRzW5vzrf-ceSBrx20cKIPcc5P9PpSGMq8_Dk17Tc_eh51unlxPnlwexsqHPMrbDun6U9TdUYKmPXHxidwiOwJZo&sig=Cg0ArKJSzG6uvodqEPviEAE&adk=4212726612&tt=1510&bs=1585%2C1200&mtos=1218%2C1218%2C1218%2C1218%2C1218&tos=1218%2C0%2C0%2C0%2C0&p=76%2C428%2C166%2C1156&mcvt=1218&rs=3&ht=0&tfs=291&tls=1508&mc=1&lte=1&bas=0&bac=0&avms=geo&bos=1600%2C1200&ps=1585%2C5396&ss=1600%2C1200&pt=-1&deb=1-0-8-12-13--1-110-5&tvt=1502&op=1&r=v&id=osdim&ti=1&uc=26&tgt=DIV&cl=1&cec=5&clc=1&cac=0&cd=728x90&v=r20180711

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jul 2018 13:29:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflLq-1W7/ Frame F7BC 20 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflLq-1W7/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a599232b27762d0deef401c854b6c5f7f9f7b69c63a22fdf36b99bac156946fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 06:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 458224
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 7696
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Jul 2018 05:39:58 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Sat, 21 Jul 2018 06:12:46 GMT

GET
S 200 U1x4jo79_normal.jpg
pbs.twimg.com/profile_images/710277174180184065/ Frame F7BC 2 KB
2 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/710277174180184065/U1x4jo79_normal.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

6881dba9204410b5151e4521f93d928524738297f8bf0fdc0a6af1ccab40ef72

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:50 GMT
x-content-type-options: nosniff
content-md5: aHI+65tQNzdlgY/d+V29Hg==
x-cache: HIT
status: 200
content-length: 1959
x-response-time: 141
surrogate-key: profile_images profile_images/bucket/7 profile_images/710277174180184065
last-modified: Thu, 17 Mar 2016 01:28:49 GMT
server: ECS (fcn/4191)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: aebc57181e3e8e104a418db76d6ff261
accept-ranges: bytes

GET
S 200 f253032d81044de1bf233d35708667f9797d2b99c95b5508656621ac3e0ff289
cache-ssl.celtra.com/api/videoThumb/ Frame F7BC 10 KB
10 KB 30ms
7ms Image
image/jpeg 54.192.94.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/videoThumb/f253032d81044de1bf233d35708667f9797d2b99c95b5508656621ac3e0ff289?transform=thumbnail&width=298&height=206&position=50
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-110.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: fb82ed8b27e8eaa3cbfcfe18d563e165dd522622e07622fd95ab9d57d4d2950d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Origin: https://www.darkreading.com

Response headers

date: Mon, 18 Dec 2017 06:24:51 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 bb93dfaee440e32ac88831363641e2c2.cloudfront.net (CloudFront)
age: 18342298
x-cache: Hit from cloudfront
status: 200
content-length: 10010
server: Apache
etag: "fb82ed8b27e8eaa3cbfcfe18d563e165dd522622e07622fd95ab9d57d4d2950d"
x-varnish: 1708015
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: cNizp7-ro-yLCT5Nggj_K9v0L6nD9xoRYkdcCEPC7FZxeeZkfCgn_w==

GET
S 200 abf9a8dfd8950af7dc86e10d354683d5a120a9218f68d04bdf8039593daad52c
cache-ssl.celtra.com/api/videoThumb/ Frame F7BC 13 KB
14 KB 30ms
8ms Image
image/jpeg 54.192.94.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/videoThumb/abf9a8dfd8950af7dc86e10d354683d5a120a9218f68d04bdf8039593daad52c?transform=thumbnail&width=298&height=206&position=50
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: SPDY
Server: 54.192.94.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-110.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 214530f3bc19e4d5b40fbd96bb6096c9551979478f9ff2a88b8288b3e83f78f0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Origin: https://www.darkreading.com

Response headers

date: Fri, 13 Jul 2018 17:33:57 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 bb93dfaee440e32ac88831363641e2c2.cloudfront.net (CloudFront)
age: 417352
x-cache: Hit from cloudfront
status: 200
content-length: 13751
server: Apache
etag: "214530f3bc19e4d5b40fbd96bb6096c9551979478f9ff2a88b8288b3e83f78f0"
x-varnish: 118528766 117546407
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: z90ZSkG8RASdWVZGnEINXunW9UPX0vO-Zqh677stnS9ZgT97KteIRQ==

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C83F 42 B
123 B 15ms
15ms Image
image/gif 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsk_Je33-S9wOxUuvbiSDNHTFzTpJTdA_LndW8QALC_WDjPFr8eDuQJyOxY9fpQS3fftDF8kPyEe2f6Lx-Z_otJn16v2toSKQ&sig=Cg0ArKJSzP9zB4gvU9M9EAE&adk=1970779331&tt=1765&bs=1585%2C1200&mtos=942%2C942%2C1197%2C1197%2C1197&tos=942%2C0%2C255%2C0%2C0&p=1032%2C953%2C1282%2C1253&mcvt=1197&rs=3&ht=0&tfs=566&tls=1763&mc=1&lte=1&bas=0&bac=0&avms=geo&bos=1600%2C1200&ps=1585%2C5996&ss=1600%2C1200&pt=-1&deb=1-0-8-14-14--1-175-6&tvt=1757&op=1&r=v&id=osdim&ti=1&uc=20&tgt=DIV&cl=1&cec=5&clc=1&cac=0&cd=300x250&v=r20180711

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jul 2018 13:29:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 1EEB
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

7ms
7ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B3) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E88D36113169FDDE12FD6800890E2B17

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 18 Jul 2018 13:29:51 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Tue, 10 Jul 2018 21:20:19 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B3)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Wed, 18 Jul 2018 13:29:51 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Wed, 18 Jul 2018 13:29:51 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 7dbd2decc53c7cd4768bc29d40254c64
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 127
x-transaction: 00664776005d12f6
x-tsa-request-body-time: 1
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 29 KB
10 KB 8ms
8ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
Protocol: HTTP/1.1
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a92edd7ad5b7f10281070e3aa645895623648fbc16bc17eafa75a20964dd5080

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: tLCkucq4UEc8mbRNv4pGPvWDU5VDKRN7
Content-Encoding: gzip
ETag: "950ab6e99d0b40d25b3c62e71d145086"
x-amz-request-id: DD8E190F3EB8EF53
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 9309
x-amz-id-2: VeTHe55mFOOVyFuzrzfLfoaXjXYTRA+gy5dISTUo+OX6JZCMrpztiLWEMd+wsSENrL1nkvhyaMk=
Last-Modified: Mon, 16 Jul 2018 17:46:20 GMT
Server: AmazonS3
Date: Wed, 18 Jul 2018 13:29:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK TQSV74R4GVCSJITSZC2MCP Show response
d.adroll.com/consent/check/ 34 B
194 B 121ms
27ms Script
application/javascript 54.195.254.9
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/TQSV74R4GVCSJITSZC2MCP?_s=8cc56f29159d46eb14d9829be8100b20
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Server: 54.195.254.9 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-195-254-9.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: c0d37b38e7616118748aa9870740cb57b94778610c8e92efb0a065fd61b5025d

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:51 GMT
Server: nginx/1.12.1
Connection: keep-alive
Content-Length: 34
Content-Type: application/javascript

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNTMxOTIwNTg5eDYwMjNmOThjNTlkNmYweDA0MjYzMzQ3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwNzI1NzQyMzA3ODE0NDk0MiIsImluZGV4Ijo4LCJjbGllbnRUaW1lc3RhbXAiOjE1MzE5MjA1OTEuMzk5LCJuYW1lIjoidmlld2FibGU1MDEiLCJjcml0ZXJpb24iOnsibmFtZSI6IjUwLzEiLCJyYXRpbyI6MC41LCJ0aW1lIjoxMDAwfX1dfQ==?crc32c=1509937809
Protocol: HTTP/1.1
Server: 52.202.3.209 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-3-209.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK consent.js Show response
s.adroll.com/j/ 53 KB
53 KB 7ms
7ms Script
application/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 675cc67353a23bd6630a745554af162a5a253dd86d329390564c67ab5c46ca71

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: bL3l2hH64qz56UTvovg12e_fKLpf9TsP
ETag: "88c2d0838342c69a46c22b15923d526d"
x-amz-request-id: E3589E1D11499060
Connection: keep-alive
Content-Length: 53985
x-amz-id-2: 3x9KFb8VfNdePC30ozlW5dJOhRWkR4XKlgyLkEJ4L1LIjYLq5IVeo0hia5DyJ2S+2Yp6jEOtx2c=
Last-Modified: Mon, 16 Jul 2018 17:52:08 GMT
Server: AmazonS3
Date: Wed, 18 Jul 2018 13:29:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNTMxOTIwNTg5eDYwMjNmOThjNTlkNmYweDA0MjYzMzQ3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwNzI1NzQyMzA3ODE0NDk0MiIsImluZGV4I...
track.celtra.com/json/ 35 B
242 B 118ms
118ms Image
image/gif 52.202.3.209
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNTMxOTIwNTg5eDYwMjNmOThjNTlkNmYweDA0MjYzMzQ3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwNzI1NzQyMzA3ODE0NDk0MiIsImluZGV4Ijo5LCJjbGllbnRUaW1lc3RhbXAiOjE1MzE5MjA1OTEuNDkyLCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTUzMTkyMDU5MC4zOCwidG8iOjE1MzE5MjA1OTEuNDI2fV19?crc32c=3228997593
Protocol: HTTP/1.1
Server: 52.202.3.209 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-3-209.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK hod
d.adroll.com/consent/ 42 B
264 B 28ms
27ms Image
image/gif 54.195.254.9
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/consent/hod?_e=view_banner&_s=8cc56f29159d46eb14d9829be8100b20&_b=5&_a=TQSV74R4GVCSJITSZC2MCP
Protocol: HTTP/1.1
Server: 54.195.254.9 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-195-254-9.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 13:29:51 GMT
Cache-Control: no-transform,public,max-age=300,s-maxage=900
Server: nginx/1.12.1
Connection: keep-alive
Content-Length: 42
Vary: Cookie
Content-Type: image/gif

GET
S 200 closeButton.png
i.ubm-us.net/oas/newsletter/ 2 KB
2 KB 20ms
20ms Image
image/png 2400:cb00:2048:1::6818:7875
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ubm-us.net/oas/newsletter/closeButton.png
Protocol: SPDY
Server: 2400:cb00:2048:1::6818:7875 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4993fb8970cbb80dda24f8295debe6c5dd4b17b8194dc7a5cce23582234fdc0

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:29:52 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2016 15:40:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 43c54cb649049738-FRA
content-length: 2264
expires: Thu, 19 Jul 2018 13:29:52 GMT

GET
S 200 imgad
tpc.googlesyndication.com/pagead/ 26 KB
26 KB 7ms
7ms Image
image/png 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLhLve3AEQARgBMggCMeB5bsgzbA

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

5b0230af1f9ff22f41de8ae079f9e1ee47bc889cdd520d28333d904959b5d018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 13:28:37 GMT
x-content-type-options: nosniff
server: cafe
age: 75
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
status: 200
cache-control: public, max-age=604800
content-disposition: attachment; filename="image.png"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26406
x-xss-protection: 1; mode=block
expires: Wed, 25 Jul 2018 13:28:37 GMT

GET
S 200 imgad
tpc.googlesyndication.com/pagead/ 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLhNvJfxABGAEyCLwzqkMkUH-i

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

348158f15212f6a235b492fe2a76572c180e59fb7f53402267dc61d17ebac671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 14 Jul 2018 08:11:32 GMT
x-content-type-options: nosniff
server: cafe
age: 364700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
status: 200
cache-control: public, max-age=604800
content-disposition: attachment; filename="image.png"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2361
x-xss-protection: 1; mode=block
expires: Sat, 21 Jul 2018 08:11:32 GMT

GET
H/1.1 200
OK svrGP Show response
s2150.t.eloqua.com/visitor/v200/ 0
400 B 155ms
154ms Script
application/javascript 209.167.231.17
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://s2150.t.eloqua.com/visitor/v200/svrGP?pps=50&siteid=2150&DLKey=f09b5473ef7642a085c28ad29c30c1d2&DLLookup=&ms=517

Requested by

Host: img.en25.com
URL: https://img.en25.com/i/elqCfg.min.js

Protocol

HTTP/1.1

Server

209.167.231.17 , United States, ASN7160 (NETDYNAMICS - Oracle Corporation, US),

Reverse DNS

e017.en25.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=3600;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 18 Jul 2018 13:29:52 GMT
Vary: Accept-Encoding
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA"
Cache-Control: private,no-cache, no-store
Content-Type: application/javascript
Content-Length: 20
Expires: -1

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNTMxOTIwNTg5eDYwMjNmOThjNTlkNmYweDA0MjYzMzQ3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwNzI1NzQyMzA3ODE0NDk0MiIsImluZGV4I...
track.celtra.com/json/ 35 B
242 B 107ms
106ms Image
image/gif 52.202.3.209
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNTMxOTIwNTg5eDYwMjNmOThjNTlkNmYweDA0MjYzMzQ3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwNzI1NzQyMzA3ODE0NDk0MiIsImluZGV4IjoxMCwiY2xpZW50VGltZXN0YW1wIjoxNTMxOTIwNTkyLjQ5NSwibmFtZSI6InZpZXdhYmxlVGltZSIsImZyb20iOjE1MzE5MjA1OTEuNDI2LCJ0byI6MTUzMTkyMDU5Mi40OTN9XX0=?crc32c=793487886
Protocol: HTTP/1.1
Server: 52.202.3.209 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-3-209.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNTMxOTIwNTg5eDYwMjNmOThjNTlkNmYweDA0MjYzMzQ3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwNzI1NzQyMzA3ODE0NDk0MiIsImluZGV4I...
track.celtra.com/json/ 35 B
242 B 106ms
106ms Image
image/gif 52.202.3.209
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNTMxOTIwNTg5eDYwMjNmOThjNTlkNmYweDA0MjYzMzQ3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwNzI1NzQyMzA3ODE0NDk0MiIsImluZGV4IjoxMSwiY2xpZW50VGltZXN0YW1wIjoxNTMxOTIwNTkzLjQ5OCwibmFtZSI6InZpZXdhYmxlVGltZSIsImZyb20iOjE1MzE5MjA1OTIuNDkzLCJ0byI6MTUzMTkyMDU5My40OTd9XX0=?crc32c=2118702993
Protocol: HTTP/1.1
Server: 52.202.3.209 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-3-209.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNTMxOTIwNTg5eDYwMjNmOThjNTlkNmYweDA0MjYzMzQ3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwNzI1NzQyMzA3ODE0NDk0MiIsImluZGV4I...
track.celtra.com/json/ 35 B
242 B 116ms
115ms Image
image/gif 52.202.3.209
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNTMxOTIwNTg5eDYwMjNmOThjNTlkNmYweDA0MjYzMzQ3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIwNzI1NzQyMzA3ODE0NDk0MiIsImluZGV4IjoxMiwiY2xpZW50VGltZXN0YW1wIjoxNTMxOTIwNTk1LjUxMiwibmFtZSI6InZpZXdhYmxlVGltZSIsImZyb20iOjE1MzE5MjA1OTMuNDk3LCJ0byI6MTUzMTkyMDU5NS40OTd9XX0=?crc32c=2023393887
Protocol: HTTP/1.1
Server: 52.202.3.209 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-3-209.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.darkreading.com/threat-intelligence/coin-miner-malware-spikes-629--in-telling-q1/d/d-id/1332166
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jul 2018 13:29:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

533 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.teads.tv/	1970-01-19 02:16:10	Name: tt_viewer Value: b183f76d-3454-45ed-b225-37f40da3a5f1
.teads.tv/iframe	1970-01-18 17:33:26	Name: tt_emetriq Value:
.teads.tv/iframe	1970-01-18 17:33:26	Name: tt_bluekai Value:
.teads.tv/iframe	1970-01-18 17:33:26	Name: tt_exelate Value:
ng.techweb.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: C07BE28C497A5573F95D60E3BDBBFE74
.google.com/	1970-01-18 21:55:31	Name: NID Value: 134=S-A_F9R3BI9r3LE4ZXTzFc0ycvho4SY1UrHLiLUl0xb9YCPuXZXjWxJFWb_D7HY26SN3CNSl5976MMaommMtXes-fXlkl1h7JZ9-jBzmATwZaA2nU-xa35ETPCQzl0Ol
.facebook.com/	1970-01-18 19:41:36	Name: fr Value: 0xF5iChR1rRZYbhkt..BbT0DP...1.0.BbT0DP.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://twimgs.com/nojitter/js/dev_adBlockerTrack.js?v1(Line 47) Message: 15
console-api	log	URL: https://twimgs.com/nojitter/js/dev_adBlockerTrack.js?v1(Line 49) Message: false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
accounts.google.com
ad.mail.ru
ads.celtra.com
adservice.google.de
api-cache.adsnative.com
apis.google.com
bat.bing.com
cache-ssl.celtra.com
cdn.feathr.co
cdn.syndication.twimg.com
cdn.teads.tv
cm.everesttech.net
connect.facebook.net
d.adroll.com
dev.visualwebsiteoptimizer.com
dpm.demdex.net
dsimg.ubm-us.net
epromos.ubmcanon.com
f1.media.brightcove.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ubm-us.net
ib.adnxs.com
img.deusm.com
img.en25.com
ins.techweb.com
marco.feathr.co
match.adsrvr.org
ng.techweb.com
pagead2.googlesyndication.com
pbs.twimg.com
platform.linkedin.com
platform.twitter.com
polo-v1.feathr.co
rudy.adsnative.com
s.adroll.com
s.ytimg.com
s2150.t.eloqua.com
s657486201.t.eloqua.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.adsnative.com
static.licdn.com
staticxx.facebook.com
sync.teads.tv
syndication.twitter.com
t.teads.tv
ton.twimg.com
tpc.googlesyndication.com
track.celtra.com
twimgs.com
u.heatmap.it
ubm.demdex.net
ubm.tt.omtrdc.net
ubmtech.d3.sc.omtrdc.net
www.darkreading.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
104.111.214.103
104.111.238.191
104.111.240.34
104.244.42.72
142.0.160.13
151.101.14.109
151.139.239.5
159.122.87.148
159.122.87.153
172.217.16.194
172.82.228.18
176.34.134.245
184.72.232.165
185.33.223.210
2.18.233.40
2.18.234.227
204.79.197.200
209.167.231.17
216.58.206.2
23.111.11.217
2400:cb00:2048:1::6811:7863
2400:cb00:2048:1::6818:452
2400:cb00:2048:1::6818:7875
2400:cb00:2048:1::6819:f763
2400:cb00:2048:1::681b:85c7
2400:cb00:2048:1::681c:1636
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:1a46:1c04:1676:610:129d
2606:2800:234:46c:e8b:1e2f:2bd:694
2620:103::192:155:48:119
2620:103::192:155:48:22
2620:103::192:155:48:48
2a00:1148:db00::18
2a00:1450:4001:80b::2002
2a00:1450:4001:811::200e
2a00:1450:4001:817::2003
2a00:1450:4001:817::2004
2a00:1450:4001:817::2008
2a00:1450:4001:817::200d
2a00:1450:4001:817::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::2001
2a00:1450:400e:803::200a
2a00:1450:400e:803::200e
2a02:26f0:6c00:296::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8186:face:b00c:0:50fb
34.241.222.191
46.105.202.39
52.202.3.209
52.203.24.244
52.210.103.2
52.25.33.8
52.33.200.77
52.50.88.138
54.192.94.110
54.192.94.49
54.192.94.74
54.195.254.9
54.221.226.172
54.72.188.174
54.76.26.3
66.117.28.86
66.117.29.3
012855cb1423bb44035532360d13878068aeee580745df244aade4d25fe75600
0237cd593053b78613c470475a2634d02ee10f8bdae83266f1da027d80c28ec4
04f784c83e6dde0588704c7fcc52d62e657f5b09012bb62a1d309d3adc774306
0773c5b41fd3946a1b4ac421f6d5f9174ddb5995a67305de0e316b694ecef102
0a4f12795a11d0957a7e476cdd2516967e3e00f54841456fbd8c0dd607984d92
0a5093e8c6db55d79f73d77391040b11e6f5c68a2cd1e90c804d6319b11b54c2
0a50c695cbcb759240c0c5b4a3e6ac8a8fd908e52df60fb8b45ddef748ada26a
0a59036c0fd834748c8e4ba48af3d0982890df78c3d529b5d8d923855e85c518
0c02bf028cf5f3ab2f76fb80a463aff6f7d2258fbaf668ef12763fda4344868d
0c9111d9514a49ad97e7c6d5fd97a00f3232b73537e9155726f32f123eb69b5a
0fb0f3abed20c1112a0eb52745ba589a5ec9c2fe0582f82b40c1208a5aebaaf6
0ff931a9bd195069d4eac95f39d5df119feebd2dc692044ea9bd0ecfef4bf94b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
125a206a2b5c62726d73e063719b503d74bf109a09e9bc1e947d42726c0b3feb
12dae5bf701d04ae24093bc6150c6a9d7a4f58c5c893f96180ef13e08734d4a2
1518e192582f89bc18d077108fa3b31085d26ad467acad465c03fc6badb683cd
17f8ee4b20bb10212f98818a396b8c2a49e66b0b58969997c14837b289d14d39
190f689e0f479324a217a5ea88c1acc132b66d24b16559052d59b892ff5dcba2
191d783dc280e1bdb1570c2bc95280d8eee37f9bc1e6e38cbaf20b728e58e47a
1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e
1e2203c9221187d6ae9b612a1f38283466f0b353c4d17d1ce8e58eaa4ba86dda
1e938ccc4226bbf2f325c85b7747671f4076075575c44bc5effc89f68235d4d6
1e97210e22581e4b07521a644b8874bf38e72bf51fb77691c4394aecbac3081b
2014095de604ead647724ba4b12e37e2f4b2510dc2b2d13f749d38e314dbab2a
214530f3bc19e4d5b40fbd96bb6096c9551979478f9ff2a88b8288b3e83f78f0
23818277c974e4ed1d48a04077c6a133bde3435f3d0bafe8dcca49150ebcb986
2465f67342841d5db9f96c3ec1d4428c00e6d62c10424d6f9262403d599e9e92
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
24e53bb83f4ded1621c7fab49bf441930b55725d8c22ef8e1d3b8766cca3af34
250e08377de1d5a5090f873e5857d3ff489c8a5013a6350d09f9a4cbbfd1c02a
25b438de3e944547e69c6de98e403f46a9aa4fb98e6d1bb34954fd30ebc19b56
268819e04d4f1da7b25f24454f9f28e172289c17bff9b635468babeeb1992892
276c5585a85e7098d2f9d771e9313bde913fa9c24239673766e8f6612230970f
27d0b2f79b3a90ccf74c8be137edd09fd3be6230e634ab3308213a5d9d47ef44
2a73eb05f040c713e924f46a094b36123db178f032724768d40a2d0606b54a02
2d10b2760e19fc3c238a0cba2477685678033fa40602d6129e268ce2d7920e83
2d7481c72a3827dee23254b8198fa70f7ce5c637791658b4e0c6550a568af105
2e9b6fed568a85ee88f1eb2aa1d51cb2073d907cbb0109a5dd703f0b1e5651d6
2f1cf9739a34689b6b42bf838eba7e72bf691f695a3a86653d49e0d911fbae73
308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96
32821e69d091e71a62b9dbefcd09516c2133b50c50a3f8d597207d9cab5d59b8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
348158f15212f6a235b492fe2a76572c180e59fb7f53402267dc61d17ebac671
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586
37207020ad439c6088d20d1828813ac87f273b632bc3c805fd33500a493bb31a
37c5fa3e10b9c5efe235ea79656573eac168676a4983801acd4fbfa23d0883cd
3a08be5766c0e198ba8171f7decd09065c08a5c850276325cc1792f25e7b356e
3b5080a2b48b797b64810118ff4001ba4b5bc198b4d711e1f6b1b3945e0183cd
3c5b83e390d046c3623c4b8e35b58aaf64a7481bb2372fb51ae2e0e7818f7407
3cbf81a765cbfb571ed6b456e2ef659ea7d97c05eac2580e2d786169044b247c
3d99e0fb6774db09d1d291a448925ce0e88f9b8dc22297cf415e02f60d1a347e
403c689f9b86705d527d50cb4ecb836fd640d0ef48f71fbef5cfbe02f96314d9
4164e3387f0161deb95d516092ab936da8219d81a1c870cd7ce52960f6a1fc88
42eb48be2f9f6fc91fcda10af9802cb6aa0733e2dd007c224570ae6ece3dac33
4425fb27b6358a4bf89513cc75f00b6446480d153082f6062d8d93b4f6bc9a61
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
4587735e3d5dc5ef5149eae835aeb69f971575da9d4a293d9bffbb1dc25afa6b
45e31bcb4f072d9f442333ad139c3085bcf881955711d866035342f3028f4558
48d211ee8f54e0f314ee98a2b63e6e470b33fb1de29d326c742be16125bda71a
4a95b07ec54d49e694b07142995eea1a12d961ed430270d137b3c29cdb9cf3d6
4cf4a9e8494f0ba7b75c1321d45f9e9ed280e574cd5f8a3a8635b3481d8a015f
4e19e8f9902a8b9ec4840aaf54110d6f502c5fb500303dc605f8776c40f7fb67
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
4f65ccd30d1c95588b51035a804dd49090d7fbe6c2829a576a31d1b6a3e0f86b
4f89a03faa36f0b6eeb92b9a8f0b8d2f9d3e564ba8bf13bb169bf05b126ca81e
523296d1a2c9a67ee707b5e0bc582f488e5786ec9b343c7b3da58a0d162d643b
545712edaa3b24336596165ffc141ae4b85fbf5d8c566b48c28b16ab7df1edf0
54b0ba8d66a7beb2c6046cf1242bc48e67c77f32d36d279f7f3e8b7f29f3a9cc
553d6da57d8275938c60b032517c87b2d6cb834f7b57d8f89adf96a4ddcf96a1
55aa37476c1749f53ee68b887ee451d0bd884acbeee966284b35ca027952e5f1
5609656183f4eea3d53de66a9244232489686ef629604a71e5919fb187bf10e2
57d73d9916fd4cad4a66b5c8b61626ed5d6b02d1949016e38a31cde654fe13e0
5a0e9c35f254c2b12c6f2e793d49bf238bff062822d5b25d9029fb3e6d1fc9fd
5b0230af1f9ff22f41de8ae079f9e1ee47bc889cdd520d28333d904959b5d018
5c0f79d0286f1fd3db48e1b689358017b302c0f4babde540329e8c644cf119c7
60aa4d4da446982e0adcf67285cc72488272580df7666f1a7a6a27e7f53a445a
611aa9f02b152c3e9a171475d6b9623300d51c92a96edd39a1e84d72336d83e5
61494fd1b573b217034bef7e22044bda91962797d68efada6726910d32bb995b
63484bd691450c081b848e5159315bfcd02720741d3f72a69717643d6630e578
643ca3bddc30489dbdfa50b9b7c9803877371403531813b9c42fc814de0dd339
67033275deb8b25d22abf896920ccf74e05f41db680929449c04bbfb9fca5681
675cc67353a23bd6630a745554af162a5a253dd86d329390564c67ab5c46ca71
68795cb80606f19d4ec0d92744af85048164f53500ad9535229c470fe24fe28a
6881dba9204410b5151e4521f93d928524738297f8bf0fdc0a6af1ccab40ef72
6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677
71ef2be76ecf12f431795805b6bfb5a20523b7692be0e6106e8e2d18d3d33632
730f8c30578deacc8094c3ba25949fa5c177557d229cece0607245f0f64d12e5
734861971103d62465b7df8119811eec77597c64746fc571c18036a6f273d271
773c9f4c27c7c53401864ac6d24c39178bb580c49d06c39f220833ae41f184aa
782a340d057803677dc10a367af55c945c4df5aaad306b88b0f4feded7dab609
79bafaff3b54a8fe654b51e547eba194d3606f7d77e2ab516fe9a85f81dddac2
7b02cdb496b954e874c4b87d48eb1ea16f088258786ed0d2f0771acc3d01649e
7b5688f8b168e06251901442c4f2f72b30c4477cb472833cde7979a8dca0a862
7b6908c1ddefad4b526966ba3f51d6e03f1f40747b658fbe64b9e3471ce6faf8
7bb0d75d42e3ccf1a9d1a055bcddfbc23003ed3ab75bb0eb49c05ba747bce8c9
8212328c31d444c460351381e3cefcaeb1366196ac51d8a0051328f7faa9047a
82395f454c0974f042781ffe60c05db3b470ba25b386421db0eafd5e3b1c5d70
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8420f59cd348cf0e10e05482724523ad6b83f88467bbfacf6826eaadd3a03985
8634d585a349a15fb27c4710dd1d433431e8b46231243296567755bfc15ce23d
88f6b155f6df559c17b78785558ec29de6429ef62232a26ad2ddbf8f8de07209
89cf868c1487237ef35c8af6260b1a08e2208b3868ac0f198c6ee5b97ff2e37c
8a9b65c008f5392c90bb4019809889bd090dff5c5ec15c002eb5a175d0e6b9a5
8c055f4fc89b73bc480ac07d607782cb3482fc98cbec6f89135ff76ce5512280
8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28
8d1723053829d193f99048103c55c14c63646d43b7dd1ff106b61c8a89b1c84d
8ec6d166aa1158dc381e0db6f9d6c44754ee904009d6007956b76e1b858d2375
8ef61561455f65561aa6ae0652a8fdb3c7da5647be27174e6e22d98bd33bcf82
8f3bdc6f3b2fe471b019df79b76c06f41fa5db79ca1e4d7998020660bb3ba146
8f9e8d232b4903954913897bf8b60e5422be07d7b55ae0703c00712d7f274253
902118c5436b3d46d79f44c3f8e7012eb9acc9b4b341e034e7bf0259aca4b425
906fe8798eeaa303394db1cce162a4068073978bf3a6f8308dfbaf1ea49d2fb7
9182e8a1e20a5437d2f311b096b2a98a33d54e94d4d9d6d01c5db3861460d04e
919e1856b70890616790bf15579c7a34d8d8e3d1be1d7bdfc3b74170b24ecc7d
924b3a471d549de6251aea0e74fe6eb136141d3f0a8bf001906fff933dec45d4
9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39
976aabc512994a6ecc5981a85c489d1bb242ba6734b746a964d69db615f72875
984cd1fa5dd20c2b1b8fd77b6bb876a3a211cdf14aaaed6bc1481e3c98027544
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98fb88ec226feae902fb7f98528a41db7abd7de155a6d7b65658c6ab7f2b95f4
9e0e2ad3a93ec78d016efee0993b5856ba9b4acafcee3aa4d6f7162f039fcce4
9f61400081191bf755c967c186a8fd356b02010fac3412f84cf83d5dfe10dd5d
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a207a69795818b273d59459675372a9e22006cb782657cfa4a834819fb5993b0
a290ede885635a3f7bb2b8e630bf795f15dde146fea32520b775bee1b2926ff3
a2d47920b183262726f3833c961cb98c24f65c396bb248c4539391d72553284e
a4a203507148f6ac9ac807eaabbcc715e08966d4c8d41374851c5813da246425
a53f2c4fb40f36c41ccfadc9f4f51b4ee02bc48d22f4920b96763a540e59c973
a595433d67e962d907ba55eee2997f0a4d93eef66f96f42a70cae2b0d198481f
a599232b27762d0deef401c854b6c5f7f9f7b69c63a22fdf36b99bac156946fc
a642eae92f5a383eb9d9729860f50822ad5cd81d1ca54ee90e154ef049f1c6dc
a6595372db2688a9dfb0991bc6cea16343042dd3caa33483b393d21a77d1c4be
a855b14aa4fa07fff51f4d906b86222879e9720e98ad477057cb3298df36f348
a8f4fa7376444ffe05d0f7b296439401fb9729bdee84d760ee6286e7b663c753
a8fc74838ba253a4076b8eb46aeed79c10341380609dcfe11bed40d974d1fd10
a92edd7ad5b7f10281070e3aa645895623648fbc16bc17eafa75a20964dd5080
aa92b44ae441805b86a9603ffea3890a8df348fb2269d716c557b6970c11e9f4
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b051420a41347f3e04fbe6745d5fa58c3dfd40a7209b8dc09a138bc6381bd8dc
b19f14d674857362b6e10d0dcb1703b149d9dda6f350d1737562fc36e4e67a81
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b309c9c4a6c27c7cfc64ab2bc7f545e8d7b41a795c46202ab2a9c633f7128287
b388e920bb8954872f4b428857c5c5c42590e5f1b3508bb89b946271d6299f56
b4cf7d6d50b6a36f070f6c49e975198a9a8930838695b64e480bf1f6199f0572
b5b8b243e29c5ae0861d2dd82bb4e23152cef3a883d9955194875767ff2b5226
b5c543f59d71e1e4f6b51c896febf86975206dcf9e34757f475b125d64d16ea6
b66e41af63c9ab0ab86c7dd06c1915aaeda181134ef6af007246b2f09b29c2ed
b6eba78727a5f82c5d95e1daa98ad8365eb9754da3dd0060a5be5e2ae46b7644
b90279154254e108748dc80dd226eab336e2c320e4a40569952b46dc5d785536
ba8023a3e4a52540fb3736991313a3ee9d5d6783c73d6e05c36f18103ca707da
baf22a1e345422d047b9874c8f25142ff4704b03e6a40a443abb5d162270dcd4
bec4f2f082be46c47ba8f2398813bb3c90495d69405fa0981506b1fd13ba29d6
bf298157a19ff06a7b27a36eb4a3be2994016452a5f9c1ad6b480aa7ce3799ff
bfc1797e85a0565d0cfba1621eac801dc5ebd78a02f45e0ab8de5c6c2eb3f987
c0d37b38e7616118748aa9870740cb57b94778610c8e92efb0a065fd61b5025d
c15efc058d86ff1a908b094e82326900ccabb0755b7c0aafc6659a4db1ccabe7
c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794
c2557ee01d8b87df714fa265e47e102e9662a45dd3d7219adac802655474dfdb
c3534f498b08fbb29e3ea4623a1558a8ef2b58143f233881a016788a8f2a760d
c49814ce9b3277d249030bfc2cf94c9f9ceb5f20beb04c3ec4de49fb3db9e805
c5a37d18a14fb428d01bfe23b0e28db9b7a189e886513a7098683cb01f0929ee
c7226f44a59791c68713cb9aa83441c3662008d669ae233630588c51d99c60c5
c7d1ee4f5a608fa05b8f9c6cbd47e3eab7516facc3380d704b7332805877afff
c7fe9f3ef41048988ca528f7ff45a3d503cdb99f5f0844034160f10ee3e38899
c94ad448b05002218551938d40e2baf3617a3d56a4455729d84993a5b7b311cf
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca6b17e5dc2b1e309dfa3c52997318943326a519de92ad1c1c913ad45e4c6077
cd7887cf9a61431f64864df1e5fe9823e163638bf811dc97ee556268886bf865
cddbf405266cd4b3e66229592e63666012dbceaaad02635af5da9d303bfd3ed1
cf167be72549318f78f8c03d0d93b923f8e8e290acec47b870a1cede920e859b
cf7bdb0487590885c13a3cc0a2a1450b3ac649a465de267af12f552be8bcb5fe
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c
d11075cd7df2682b221d194573250d4aed0a6a4e3a151acf41d1b14053495b85
d61b7d35da47536ed3481e9341eea1645d69be6ec472b52c45d94af814054a49
d6df7d1f2b9c65c06c5ae1e798650b6c388f26f6852b8814f942557d712b9745
d86535603bd79537d32a08e173e8b56877377941756eb8550b1c69b1d10c4dfe
d88da936f62f574064016b9a09360a34583089f648bb6ab4c5b9bfdc9826f9e6
d8b7ea5cc75abc79d502a95c5ccac8f97aa82fd8c13acc74c84c754eb86cc4c3
d9053ec3a7a0bdbdcb96173299c0ba89bc15f3134849fff570e37d6322676304
dafb72bcf008c9b9754482b88e8ba8b8e854f1a69483f0753b1c3f12101c1a9f
dbcb662e44916189321c628e7f1fada00542385eefe737d85090087767b9bea6
de19d144da0d68c80b12b2da91fe4458fc8050b8c07cae05f013c7174d732d28
e14d4e36fede709207c2745214d0d4c29d09f08df902c95997b2da292cf58f8a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48b5b18cd4fa82b4a90346da0845bf73a3d9f752fa1e173ce141a98fddeaf6f
e5cc2027e2da5b3d553fba6a4d2d7276aafa604001e9b0321e18d1fd62b03b3f
e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395
e9df4118d14665e191e29d99ee21ce5b2ee8ed3bab913c51ef2cd6a5119504c7
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848
ebe3a0272a317857bf566a0deec42181bf0e89d280bb3143bba14da1ae1ddb10
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8b76802728222a2ca9cbc4dd81c377cb810f4dd04d8cae8f0b7e8c48c3934b
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f30d5c0433d74c8224a2343a3c6c08468015909c22315b8693f9bdee33f48217
f4993fb8970cbb80dda24f8295debe6c5dd4b17b8194dc7a5cce23582234fdc0
f4e46034db7ed19c7eea57ee4ad8df37199c55bc4e3eb36eb56a4707806ed726
f841d5275f24b4cbf1415f68d8820bfde75dc02a7cacef4ed20ea033f9bd567c
f8a4191fa894388cccd9c16d920d66e728b8f0f6e4bc2184147acc40993e23a7
f9b0a8bcc91ed7136ce89dd900f73f9efd8b71de479232df493e2d708bc2460b
fa61606cfbd7e7766bc290753e5d5c160088474ae21d9412bdabd4b9d0b71876
fa646ef4a31c107b90cc95d480ff9395cc621d20fa440156da3b21cfd5a3ca26
fa8dd1e3bb1fe9270f30d61b615e3921483883786e984e24e5c872d3e597cbd4
fb82ed8b27e8eaa3cbfcfe18d563e165dd522622e07622fd95ab9d57d4d2950d
fc66b8961dd55ad2fd1cd14401e7f6fcbd7dc881cbdee501d93e6d0e34d9574f
ff4684bb35018afa9c303baab1e083b32c72a4d7ea7862995850676c2df41a0d
ffcaeef328a1e67717f714997426aaf936e4b9d378a5fbe1bd2a063dfeb50750

www.darkreading.com Open in urlscan Pro 2400:cb00:2048:1::6811:7863 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

263 Requests

8 %HTTPS

42 %IPv6

41 Domains

66 Subdomains

61 IPs

7 Countries

3633 kBTransfer

7373 kBSize

7 Cookies

76 Outgoing links

Redirected requests

263 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.darkreading.com Open in urlscan Pro
2400:cb00:2048:1::6811:7863 Public Scan

Screenshot
Live screenshot

Full Image

263
Requests

8 %
HTTPS

42 %
IPv6

41
Domains

66
Subdomains

61
IPs

7
Countries

3633 kB
Transfer

7373 kB
Size

7
Cookies

263 HTTP transactions
5 data transactions