urlscan.io logo urlscan.io
SecurityTrails logo

www.guardicore.com Open in urlscan Pro
2001:4b98:dc2:950::102  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Submission: On June 19 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 17 domains to perform 98 HTTP transactions. The main IP is 2001:4b98:dc2:950::102, located in France and belongs to GANDI-AS Domain name registrar - http://www.gandi.net, FR. The main domain is www.guardicore.com.
TLS certificate: Issued by Gandi Standard SSL CA 2 on April 10th 2017. Valid for: 3 years.
This is the only time www.guardicore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
69 2001:4b98:dc2... 29169 (GANDI-AS ...)
2 2a00:1450:400... 15169 (GOOGLE)
5 192.0.73.2 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.164.210.24 8075 (MICROSOFT...)
2 54.192.129.53 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 52.85.245.254 16509 (AMAZON-02)
1 192.0.77.48 2635 (AUTOMATTIC)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 52.30.190.93 16509 (AMAZON-02)
2 216.137.61.144 16509 (AMAZON-02)
3 35.174.150.168 14618 (AMAZON-AES)
2 3 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2a05:f500:10:... 14413 (LINKEDIN)
98 17
69    2001:4b98:dc2:950::102 (France)

ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR)
www.guardicore.com
2    2a00:1450:4001:818::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
5    192.0.73.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
secure.gravatar.com
2    2a00:1450:4001:818::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    52.164.210.24 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
consent.cookiebot.com
2    54.192.129.53 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-129-53.ams50.r.cloudfront.net
www.comeet.co
2    2a00:1450:4001:817::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2a00:1450:4001:818::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a02:26f0:6c00:2bf::3adf (European Union)

ASN20940 (AKAMAI-ASN1, US)
sjs.bizographics.com
2    52.85.245.254 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-245-254.ams50.r.cloudfront.net
d26x5ounzdjojj.cloudfront.net
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: s.w.org
s.w.org
1    2a00:1450:400c:c00::9a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:818::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:818::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    52.30.190.93 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-190-93.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    216.137.61.144 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-216-137-61-144.fra2.r.cloudfront.net
drvizd1lyevz4.cloudfront.net
3    35.174.150.168 (Seattle, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: pi0-lba1-3-ue1.aws.pardot.com
pi.pardot.com
go.guardicore.com
3    2a05:f500:10:101::b93f:9105 (Ireland)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)
px.ads.linkedin.com
dc.ads.linkedin.com
1    2a05:f500:10:101::b93f:9101 (Ireland)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)
www.linkedin.com
Domain Requested by
69 www.guardicore.com www.guardicore.com
5 secure.gravatar.com www.guardicore.com
2 px.ads.linkedin.com 2 redirects
2 pi.pardot.com www.guardicore.com
pi.pardot.com
2 drvizd1lyevz4.cloudfront.net www.guardicore.com
2 match.prod.bidr.io 1 redirects www.guardicore.com
2 d26x5ounzdjojj.cloudfront.net www.guardicore.com
d26x5ounzdjojj.cloudfront.net
2 www.google-analytics.com www.googletagmanager.com
www.guardicore.com
2 fonts.gstatic.com www.guardicore.com
2 www.comeet.co www.guardicore.com
www.comeet.co
2 consent.cookiebot.com www.guardicore.com
consent.cookiebot.com
2 www.googletagmanager.com www.guardicore.com
2 fonts.googleapis.com www.guardicore.com
1 go.guardicore.com pi.pardot.com
1 dc.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 www.google.de www.guardicore.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 s.w.org www.guardicore.com
1 sjs.bizographics.com www.googletagmanager.com
98 21
Subject Issuer Validity Valid
*.guardicore.com
Gandi Standard SSL CA 2		 2017-04-10 -
2020-05-09		 3 years crt.sh
go.guardicore.com
Let's Encrypt Authority X3		 2018-05-14 -
2018-08-12		 3 months crt.sh
www.comeet.co
Amazon		 2018-02-05 -
2019-03-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Frame ID: 5F65764676852FBF94DC2BC7125800F5
Requests: 98 HTTP requests in this frame

Frame: https://www.comeet.co/jobs/preload-assets
Frame ID: AEACED526037369FAE1FB1266A9EB48D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • env /^mejs$/i
Overall confidence: 100%
Detected patterns
  • headers via /.*Varnish/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]*href="[^"]+lightbox(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • env /^pi(?:Tracker|Hostname|Protocol|CId|AId)$/i
Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i
  • html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i
  • env /pp_(?:alreadyInitialized|descriptions|images|titles)/i
Overall confidence: 100%
Detected patterns
  • html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i
  • env /pp_(?:alreadyInitialized|descriptions|images|titles)/i

Page Statistics

98
Requests

72 %
HTTPS

58 %
IPv6

17
Domains

21
Subdomains

17
IPs

4
Countries

4462 kB
Transfer

6056 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j68&tid=UA-53878132-1&cid=1422206449.1529415842&jid=1775577186&gjid=862989472&_gid=523930084.1529415842&_u=YGBAgEAB~&z=41400984 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53878132-1&cid=1422206449.1529415842&jid=1775577186&_v=j68&z=41400984 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53878132-1&cid=1422206449.1529415842&jid=1775577186&_v=j68&z=41400984&slf_rd=1&random=2545459242
Request Chain 88
  • https://match.prod.bidr.io/cookie-sync/tbw HTTP 303
  • https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1
Request Chain 94
  • https://px.ads.linkedin.com/collect/?time=1529415841976&pid=265698&url=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&pageUrl=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&ref=&fmt=js&s=1 HTTP 302
  • https://px.ads.linkedin.com/collect/?time=1529415841976&pid=265698&url=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&pageUrl=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&ref=&fmt=js&s=1&cookiesTest=true HTTP 302
  • https://www.linkedin.com/csp/dtag?_x=%2526s%253D1%2526url%253Dhttps%25253A%25252F%25252Fwww.guardicore.com%25252F2018%25252F06%25252Foperation-prowli-traffic-manipulation-cryptocurrency-mining%25252F%2526pageUrl%253Dhttps%25253A%25252F%25252Fwww.guardicore.com%25252F2018%25252F06%25252Foperation-prowli-traffic-manipulation-cryptocurrency-mining%25252F%2526ref%253D%2526cookiesTest%253Dtrue%2526opid%253D265698%2526fmt%253Djs%2526time%253D1529415841976&p=9 HTTP 302
  • https://dc.ads.linkedin.com/collect/?pid=6883&s=1&url=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&pageUrl=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&ref=&cookiesTest=true&opid=265698&fmt=js&time=1529415841976

98 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/ 		150 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 / PHP/5.4.45-0+deb7u8
Resource Hash
f851d41fad8c5703e220468829702876bb63d9eddb08bd13a50b92fbabbe32b8

Request headers

:method
GET
:authority
www.guardicore.com
:scheme
https
:path
/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
5F65764676852FBF94DC2BC7125800F5

Response headers

status
200
date
Tue, 19 Jun 2018 13:43:59 GMT
server
Apache/2.4.26
x-powered-by
PHP/5.4.45-0+deb7u8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
link
<https://www.guardicore.com/wp-json/>; rel="https://api.w.org/", <https://www.guardicore.com/?p=10974>; rel=shortlink
set-cookie
wfvt_2854934584=5b2908a02fe3f; expires=Tue, 19-Jun-2018 14:14:00 GMT; path=/; httponly PHPSESSID=195gbh0k9g7v1li29bvkvblbr5; path=/
content-encoding
gzip
content-length
29349
content-type
text/html; charset=UTF-8
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
vary
Accept-Encoding
x-cache-hits
0
x-cache
MISS
accept-ranges
bytes
age
0
css
fonts.googleapis.com/ 		652 B
343 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
SPDY
Server
2a00:1450:4001:818::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
acca94bf443b7912ed63e3d93910d25a747d3fd97974a7b7762d8a1ca4229659
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:44:00 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection
1; mode=block
expires
Tue, 19 Jun 2018 13:44:00 GMT
prettyPhoto.css
www.guardicore.com/wp-content/plugins/wp-video-lightbox/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/wp-video-lightbox/css/prettyPhoto.css?ver=4.7.10
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
c63be02717683d2efdc8c887d77d289092a50b7d51210e87033045ea2b7c9eed

Request headers

:path
/wp-content/plugins/wp-video-lightbox/css/prettyPhoto.css?ver=4.7.10
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 13 Feb 2017 20:49:52 GMT
server
Apache/2.4.26
age
2
etag
"4db0-5486f96caea4a-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
accept-ranges
bytes
content-length
2769
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
wp-video-lightbox.css
www.guardicore.com/wp-content/plugins/wp-video-lightbox/ 		242 B
432 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/wp-video-lightbox/wp-video-lightbox.css?ver=4.7.10
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
cea18aebba631b17440d548716aa4ae075cad150ea9fcee68638e278be3ded67

Request headers

:path
/wp-content/plugins/wp-video-lightbox/wp-video-lightbox.css?ver=4.7.10
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 13 Feb 2017 20:49:51 GMT
server
Apache/2.4.26
age
2
etag
"f2-5486f96cac8aa-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
accept-ranges
bytes
content-length
160
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
easy-modal-site.css
www.guardicore.com/wp-content/plugins/easy-modal/assets/styles/ 		1 KB
755 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/easy-modal/assets/styles/easy-modal-site.css?ver=0.1
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
5f626d986cb2b012e03225573f87ce60ecb1a44c997a24032cf905482faef82b

Request headers

:path
/wp-content/plugins/easy-modal/assets/styles/easy-modal-site.css?ver=0.1
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Sun, 28 May 2017 13:37:51 GMT
server
Apache/2.4.26
age
2
etag
"496-55095ad4db0a8-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
accept-ranges
bytes
content-length
482
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
settings.css
www.guardicore.com/wp-content/plugins/revslider/public/assets/css/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.1.6
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
db26f3c2e3a84aecf2d12646f30616438113f094e8f86610bd3904eb9fe4ff09

Request headers

:path
/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.1.6
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2016 22:38:48 GMT
server
Apache/2.4.26
age
2
etag
"8755-52b49dd482b99-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
accept-ranges
bytes
content-length
7714
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
grid.css
www.guardicore.com/wp-content/themes/whmcreative/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/themes/whmcreative/css/grid.css?ver=2
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
05de8bb85ecf6008078cb9974ad80c8ea854f204e7101370dd7b6d8d7515ffe0

Request headers

:path
/wp-content/themes/whmcreative/css/grid.css?ver=2
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Thu, 02 Nov 2017 23:54:14 GMT
server
Apache/2.4.26
age
2
etag
"23bc-55d08b491768d-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
accept-ranges
bytes
content-length
2108
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
base.css
www.guardicore.com/wp-content/themes/whmcreative/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/themes/whmcreative/css/base.css?ver=2
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
a09b39a46c796d02023f0ad9d9150bd4d6ff58e81682ff9da3db3e87a166ab6b

Request headers

:path
/wp-content/themes/whmcreative/css/base.css?ver=2
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 27 Nov 2017 16:48:09 GMT
server
Apache/2.4.26
age
2
etag
"3599-55ef9aad63cea-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
accept-ranges
bytes
content-length
4052
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
layout.css
www.guardicore.com/wp-content/themes/whmcreative/css/ 		98 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/themes/whmcreative/css/layout.css?ver=2
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
4525ef7ae7a5fce90a9351d58324eba1fb5537e3fabfaa9fe12ef4582bf93ee4

Request headers

:path
/wp-content/themes/whmcreative/css/layout.css?ver=2
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 27 Nov 2017 20:00:46 GMT
server
Apache/2.4.26
age
2
etag
"1883d-55efc5bad4282-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
accept-ranges
bytes
content-length
19823
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
shortcodes.css
www.guardicore.com/wp-content/themes/whmcreative/css/ 		163 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/themes/whmcreative/css/shortcodes.css?ver=2
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
eb1fe2f06f562ed0a2d08cb28377bbaec856f97498ac150bff698fc28b054416

Request headers

:path
/wp-content/themes/whmcreative/css/shortcodes.css?ver=2
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2016 22:07:27 GMT
server
Apache/2.4.26
age
2
etag
"28a43-52b496d2d0d3b-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
accept-ranges
bytes
content-length
29690
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
magnific-popup.css
www.guardicore.com/wp-content/themes/whmcreative/js/aviapopup/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/themes/whmcreative/js/aviapopup/magnific-popup.css?ver=1
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
89fa5089c37a32c5be8938c9ab9fb7aad4345b2c7cc4dcd1055e07cf8c9f0581

Request headers

:path
/wp-content/themes/whmcreative/js/aviapopup/magnific-popup.css?ver=1
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2016 22:31:22 GMT
server
Apache/2.4.26
age
2
etag
"1dd8-52b49c2b4c7f4-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
accept-ranges
bytes
content-length
1914
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
mediaelementplayer.css
www.guardicore.com/wp-content/themes/whmcreative/js/mediaelement/skin-1/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/themes/whmcreative/js/mediaelement/skin-1/mediaelementplayer.css?ver=1
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
611969fcccd89efd6c58a4e957ed5811d4f48efe3c1c1f04bcdafb8d04adfa91

Request headers

:path
/wp-content/themes/whmcreative/js/mediaelement/skin-1/mediaelementplayer.css?ver=1
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2016 22:43:10 GMT
server
Apache/2.4.26
age
2
etag
"4747-52b49ece9f429-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
accept-ranges
bytes
content-length
3274
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
whm_creative.css
www.guardicore.com/wp-content/uploads/dynamic_avia/ 		155 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/uploads/dynamic_avia/whm_creative.css?ver=5b1fb907cba02
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
5eeaddbaaeb0c2e5b30d47b5eeafce88ad65e371c2719c5bf230e7857c7f9869

Request headers

:path
/wp-content/uploads/dynamic_avia/whm_creative.css?ver=5b1fb907cba02
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:41:59 GMT
content-encoding
gzip
last-modified
Tue, 12 Jun 2018 12:12:44 GMT
server
Apache/2.4.26
age
121
etag
"26d5c-56e70c892b092-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
accept-ranges
bytes
content-length
19853
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
2
custom.css
www.guardicore.com/wp-content/themes/whmcreative/css/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/themes/whmcreative/css/custom.css?ver=2
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
8dcef79fd02ab3dc4f5486e57ccb4cd011ee43d11c44ff7203ad1f68344e5068

Request headers

:path
/wp-content/themes/whmcreative/css/custom.css?ver=2
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Sun, 11 Mar 2018 09:11:53 GMT
server
Apache/2.4.26
age
2
etag
"65cb-5671f6a979314-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
accept-ranges
bytes
content-length
5470
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
jquery.fancybox-1.3.8.min.css
www.guardicore.com/wp-content/plugins/easy-fancybox/fancybox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/easy-fancybox/fancybox/jquery.fancybox-1.3.8.min.css?ver=1.6
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
8403623695c3c7f672981e76d8d4244063c125148d1359bcca924691680ae597

Request headers

:path
/wp-content/plugins/easy-fancybox/fancybox/jquery.fancybox-1.3.8.min.css?ver=1.6
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Sun, 28 May 2017 13:37:20 GMT
server
Apache/2.4.26
age
2
etag
"f20-55095ab751912-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
accept-ranges
bytes
content-length
1094
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
jquery.js
www.guardicore.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Fri, 24 Jun 2016 20:15:23 GMT
server
Apache/2.4.26
age
2
etag
"17ba0-5360bd4a37eb1-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
33766
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
jquery-migrate.min.js
www.guardicore.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Fri, 24 Jun 2016 20:15:23 GMT
server
Apache/2.4.26
age
2
etag
"2748-5360bd4a35562-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
4014
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
jquery.prettyPhoto.min.js
www.guardicore.com/wp-content/plugins/wp-video-lightbox/js/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.min.js?ver=3.1.6
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
75274d1b2a2c5cdcd76d301f9a28634d2f8089cf304277645382f329cc988c8c

Request headers

:path
/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.min.js?ver=3.1.6
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 13 Feb 2017 20:49:52 GMT
server
Apache/2.4.26
age
2
etag
"542e-5486f96cb24d2-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
5955
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
video-lightbox.js
www.guardicore.com/wp-content/plugins/wp-video-lightbox/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
18e88ddff7db518b6acb0461eed61368f4f53bcbaf45e80ed1f5048fc14beec6

Request headers

:path
/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 13 Feb 2017 20:49:52 GMT
server
Apache/2.4.26
age
2
etag
"1ae7-5486f96cb5058-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
1378
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
jquery.themepunch.tools.min.js
www.guardicore.com/wp-content/plugins/revslider/public/assets/js/ 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.1.6
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
92983391bc58be712278f3e3312b8fa888bc44bc6942e7e29b43a1b88868a47b

Request headers

:path
/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.1.6
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2016 22:38:54 GMT
server
Apache/2.4.26
age
2
etag
"198b4-52b49dd9dfed4-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
36033
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
jquery.themepunch.revolution.min.js
www.guardicore.com/wp-content/plugins/revslider/public/assets/js/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.1.6
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
a6510bb32bdab74926f7d84bdf853aa2c1513925d4400a88d822d685dbcdf726

Request headers

:path
/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.1.6
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2016 22:38:53 GMT
server
Apache/2.4.26
age
2
etag
"bd75-52b49dd92c448-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
14034
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
wonderplugincarouselskins.js
www.guardicore.com/wp-content/plugins/wonderplugin-carousel/engine/ 		36 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarouselskins.js?ver=11.2C
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
279a7d24b24fd40ef8a901c57835999e7bb0436d75633f1bb791c4c9b35f11cf

Request headers

:path
/wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarouselskins.js?ver=11.2C
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Sat, 13 May 2017 06:58:01 GMT
server
Apache/2.4.26
age
2
etag
"8efe-54f6257c31b93-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
2545
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
wonderplugincarousel.js
www.guardicore.com/wp-content/plugins/wonderplugin-carousel/engine/ 		150 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarousel.js?ver=11.2C
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
736ec33871a03ea49628c0cdece612f6e8369da5850edca4841d8a272c925108

Request headers

:path
/wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarousel.js?ver=11.2C
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Sat, 13 May 2017 06:58:01 GMT
server
Apache/2.4.26
age
2
etag
"25747-54f6257c0420f-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
31910
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
avia-compat.js
www.guardicore.com/wp-content/themes/whmcreative/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/themes/whmcreative/js/avia-compat.js?ver=2
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
efdd464e865bd091ac6944b9d999124c8e19fa28a23f25f55651bbdea9a4bda9

Request headers

:path
/wp-content/themes/whmcreative/js/avia-compat.js?ver=2
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2016 22:07:52 GMT
server
Apache/2.4.26
age
2
etag
"83a-52b496e9dedac-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
960
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
guardicore_logo_opt-300x76.png
www.guardicore.com/wp-content/uploads/2018/01/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/01/guardicore_logo_opt-300x76.png
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
cb2ffb30a33b8b46d0ec0c1bf463919f076c9f13e66f8c3fbbab8ee3b4272229

Request headers

:path
/wp-content/uploads/2018/01/guardicore_logo_opt-300x76.png
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Wed, 03 Jan 2018 13:16:45 GMT
server
Apache/2.4.26
age
3
etag
"2f99-561df06ed1498"
x-cache
HIT
content-type
image/png
status
200
accept-ranges
bytes
content-length
12185
x-cache-hits
1
css
fonts.googleapis.com/ 		218 B
264 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
SPDY
Server
2a00:1450:4001:818::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e764c95f535df1ed26f6234e4ecd7a1c9ed2a605441a6a0e2551b093739f067b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:44:00 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection
1; mode=block
expires
Tue, 19 Jun 2018 13:44:00 GMT
header_blog_guardicore-1.png
www.guardicore.com/wp-content/uploads/2018/06/ 		224 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/header_blog_guardicore-1.png
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
96c3bfca23746f9c6a99311e21af0798b3f8d97fe9d6ff8a4367695a6c79c7a8

Request headers

:path
/wp-content/uploads/2018/06/header_blog_guardicore-1.png
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Thu, 07 Jun 2018 09:39:42 GMT
server
Apache/2.4.26
age
3
etag
"37f6e-56e0a1022a786"
x-cache
HIT
content-type
image/png
status
200
accept-ranges
bytes
content-length
229230
x-cache-hits
1
labs-inner.css
www.guardicore.com/wp-content/themes/whmcreative/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/themes/whmcreative/css/labs-inner.css?ver=3
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
d34c059d6b24f6d65f521fce8d9b5d5be9cea0d1ff36b2dcf4cb5ebc52599d68

Request headers

:path
/wp-content/themes/whmcreative/css/labs-inner.css?ver=3
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 12 Mar 2018 16:06:19 GMT
server
Apache/2.4.26
age
2
etag
"16e8-5673952908866-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
accept-ranges
bytes
content-length
1565
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
76b8040c60d7e22e58edb45863de4cd7
secure.gravatar.com/avatar/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/76b8040c60d7e22e58edb45863de4cd7?s=96&d=mm&r=g
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
SPDY
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
a81dcb3dd714e1969181f089a93f43c91e357e10b2d5d941babe7cea6efa59a0

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-nc
HIT fra 2
date
Tue, 19 Jun 2018 13:44:00 GMT
last-modified
Sun, 16 Jul 2017 15:42:56 GMT
server
nginx
source-age
122857
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="76b8040c60d7e22e58edb45863de4cd7.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/76b8040c60d7e22e58edb45863de4cd7?s=96&d=mm&r=g>; rel="canonical"
content-length
3698
expires
Tue, 19 Jun 2018 13:49:00 GMT
7ee5d104f79f0a099c5d6efabeed8141
secure.gravatar.com/avatar/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/7ee5d104f79f0a099c5d6efabeed8141?s=96&d=mm&r=g
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
SPDY
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
28925c6c251fd4b275424de25dac506ebfbd354a341799b3f44247de23f2b6d2

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-nc
HIT fra 2
date
Tue, 19 Jun 2018 13:44:00 GMT
last-modified
Sat, 30 Jul 2016 20:44:50 GMT
server
nginx
source-age
122858
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="7ee5d104f79f0a099c5d6efabeed8141.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/7ee5d104f79f0a099c5d6efabeed8141?s=96&d=mm&r=g>; rel="canonical"
content-length
4360
expires
Tue, 19 Jun 2018 13:49:00 GMT
mor-80x80.jpg
www.guardicore.com/wp-content/uploads/2017/12/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2017/12/mor-80x80.jpg
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
7462b2d28bfd9da565a8274900ad663dccb5c106870933b388dcace4191194cf

Request headers

:path
/wp-content/uploads/2017/12/mor-80x80.jpg
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Wed, 13 Dec 2017 13:50:04 GMT
server
Apache/2.4.26
age
3
etag
"632a-560390b674ba1"
x-cache
HIT
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
25386
x-cache-hits
1
prowli-op-Id-1-1030x601.jpg
www.guardicore.com/wp-content/uploads/2018/06/ 		148 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/prowli-op-Id-1-1030x601.jpg
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
dc2548bb56bea9977fe6d95461e15657ff0abd0899b70ab9b7f85538986ea45b

Request headers

:path
/wp-content/uploads/2018/06/prowli-op-Id-1-1030x601.jpg
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Tue, 05 Jun 2018 12:04:45 GMT
server
Apache/2.4.26
age
3
etag
"25119-56de3db2cdab4"
x-cache
HIT
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
151833
x-cache-hits
1
prowli-post2-e1528222482347.png
www.guardicore.com/wp-content/uploads/2018/06/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/prowli-post2-e1528222482347.png
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
99aa0188982affe97d218312e3aa666178cd0fdaf46ee2a83a62d2b46f417537

Request headers

:path
/wp-content/uploads/2018/06/prowli-post2-e1528222482347.png
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Tue, 05 Jun 2018 18:13:33 GMT
server
Apache/2.4.26
age
3
etag
"9e57-56de90210d0c9"
x-cache
HIT
content-type
image/png
status
200
accept-ranges
bytes
content-length
40535
x-cache-hits
1
prowli-post-services-distribution-1-1030x601.jpg
www.guardicore.com/wp-content/uploads/2018/06/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/prowli-post-services-distribution-1-1030x601.jpg
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
1966da9e88846a4e70e9327b4cd0cab12fab770ab1ebe30d9a5dbbab0d4e537e

Request headers

:path
/wp-content/uploads/2018/06/prowli-post-services-distribution-1-1030x601.jpg
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Sun, 03 Jun 2018 11:25:31 GMT
server
Apache/2.4.26
age
3
etag
"149b4-56dbb1330af59"
x-cache
HIT
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
84404
x-cache-hits
1
prowli-post4-map.jpg
www.guardicore.com/wp-content/uploads/2018/06/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/prowli-post4-map.jpg
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
5a4bdf8a901e60d828df7127f18b80effbd55ef0b6289d9e7a3a51e1dcdf6afe

Request headers

:path
/wp-content/uploads/2018/06/prowli-post4-map.jpg
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Sun, 03 Jun 2018 10:58:10 GMT
server
Apache/2.4.26
age
3
etag
"80b3-56dbab156832e"
x-cache
HIT
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
32947
x-cache-hits
1
prowli-post5.jpg
www.guardicore.com/wp-content/uploads/2018/06/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/prowli-post5.jpg
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
6c4658bc18c8170590c20012a4ac40444157595cba2df916127db96445893ff1

Request headers

:path
/wp-content/uploads/2018/06/prowli-post5.jpg
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Sun, 03 Jun 2018 11:03:24 GMT
server
Apache/2.4.26
age
3
etag
"7b1f-56dbac40df80e"
x-cache
HIT
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
31519
x-cache-hits
1
prowli-post6-monetization.jpg
www.guardicore.com/wp-content/uploads/2018/06/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/prowli-post6-monetization.jpg
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
446c32dcbc263e084d61109e41d097ac369e64b0fc44ae17ef5c6d80cde0d662

Request headers

:path
/wp-content/uploads/2018/06/prowli-post6-monetization.jpg
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Sun, 03 Jun 2018 11:05:59 GMT
server
Apache/2.4.26
age
3
etag
"ade8-56dbacd4c29d0"
x-cache
HIT
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
44520
x-cache-hits
1
prowli-post7-1-1030x535.png
www.guardicore.com/wp-content/uploads/2018/06/ 		379 KB
380 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/prowli-post7-1-1030x535.png
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
01814514f35a6da6ec550bbffe9a00ea4196a432eb4e716b26c459494478ccaf

Request headers

:path
/wp-content/uploads/2018/06/prowli-post7-1-1030x535.png
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Sun, 03 Jun 2018 11:26:33 GMT
server
Apache/2.4.26
age
3
etag
"5ebcd-56dbb16d6eab5"
x-cache
HIT
content-type
image/png
status
200
accept-ranges
bytes
content-length
388045
x-cache-hits
1
prowli-post8-1.png
www.guardicore.com/wp-content/uploads/2018/06/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/prowli-post8-1.png
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
742015ba408b07803d962ff00c90145ed0308fd1654b9f4d1a0dd80f3a5d3014

Request headers

:path
/wp-content/uploads/2018/06/prowli-post8-1.png
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Sun, 03 Jun 2018 08:59:53 GMT
server
Apache/2.4.26
age
3
etag
"14c31-56db90a5a1115"
x-cache
HIT
content-type
image/png
status
200
accept-ranges
bytes
content-length
85041
x-cache-hits
1
gtm.js
www.googletagmanager.com/ 		79 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
SPDY
Server
2a00:1450:4001:818::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
50fa66c89e905e2795fac692b35855444ef06a6e78afb41047987015afeb46e3
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:44:00 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
25200
x-xss-protection
1; mode=block
expires
Tue, 19 Jun 2018 13:44:00 GMT
gtm.js
www.googletagmanager.com/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M78Z53N
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
SPDY
Server
2a00:1450:4001:818::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
c6e8ec3deef4213c2f245e3d2203194f7ca34de7fbaa8289e522be289ead798f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:44:00 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
29300
x-xss-protection
1; mode=block
expires
Tue, 19 Jun 2018 13:44:00 GMT
prowli-post9.png
www.guardicore.com/wp-content/uploads/2018/06/ 		410 KB
410 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/prowli-post9.png
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
7158cb42e4beb208b338685d750ac10d01de661b43d508d0139bce3e48142884

Request headers

:path
/wp-content/uploads/2018/06/prowli-post9.png
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Sun, 03 Jun 2018 09:00:18 GMT
server
Apache/2.4.26
age
3
etag
"6671d-56db90bd81138"
x-cache
HIT
content-type
image/png
status
200
accept-ranges
bytes
content-length
419613
x-cache-hits
1
prowli-post10.png
www.guardicore.com/wp-content/uploads/2018/06/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/prowli-post10.png
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
794fd1d8d43573a418add7d71302fc5246bca589f760ece561458ad908f9a86f

Request headers

:path
/wp-content/uploads/2018/06/prowli-post10.png
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Sun, 03 Jun 2018 09:02:03 GMT
server
Apache/2.4.26
age
3
etag
"d884-56db91216c228"
x-cache
HIT
content-type
image/png
status
200
accept-ranges
bytes
content-length
55428
x-cache-hits
1
prowli-post11.png
www.guardicore.com/wp-content/uploads/2018/06/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/prowli-post11.png
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
b660f3910183c0fac473f820f0e0111d64453deb213fe7c54f3c7b5d808ac6e8

Request headers

:path
/wp-content/uploads/2018/06/prowli-post11.png
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Sun, 03 Jun 2018 09:05:10 GMT
server
Apache/2.4.26
age
3
etag
"9972-56db91d429d0c"
x-cache
HIT
content-type
image/png
status
200
accept-ranges
bytes
content-length
39282
x-cache-hits
1
prowli-post12-1.png
www.guardicore.com/wp-content/uploads/2018/06/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/prowli-post12-1.png
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
cbe6d86fabbbf1033d50111c74731db9c839bbc5d8f543e9a6d47325d9f37747

Request headers

:path
/wp-content/uploads/2018/06/prowli-post12-1.png
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Sun, 03 Jun 2018 11:26:17 GMT
server
Apache/2.4.26
age
3
etag
"2e9e-56dbb15e443e7"
x-cache
HIT
content-type
image/png
status
200
accept-ranges
bytes
content-length
11934
x-cache-hits
1
prowli-post13-1-1030x127.png
www.guardicore.com/wp-content/uploads/2018/06/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/prowli-post13-1-1030x127.png
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
c6b5d20c02c73fbe4d7ff18e4b6d3b6eefda8b68e938226fa314941c9ee530f4

Request headers

:path
/wp-content/uploads/2018/06/prowli-post13-1-1030x127.png
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Sun, 03 Jun 2018 11:26:14 GMT
server
Apache/2.4.26
age
3
etag
"1a882-56dbb15b4ebf1"
x-cache
HIT
content-type
image/png
status
200
accept-ranges
bytes
content-length
108674
x-cache-hits
1
prowli-post14-1.png
www.guardicore.com/wp-content/uploads/2018/06/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/prowli-post14-1.png
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
89d6124af900683e61f6aba408fcef364e7e0ae84da408fbc18ea2bc26ade197

Request headers

:path
/wp-content/uploads/2018/06/prowli-post14-1.png
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Sun, 03 Jun 2018 11:26:08 GMT
server
Apache/2.4.26
age
3
etag
"266a4-56dbb156458a7"
x-cache
HIT
content-type
image/png
status
200
accept-ranges
bytes
content-length
157348
x-cache-hits
1
prowli-post19-901x1030.png
www.guardicore.com/wp-content/uploads/2018/06/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/prowli-post19-901x1030.png
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
f50d9df9e37e0c067b4a18817315f174fd692c27c456c8fe02db0daf37e73364

Request headers

:path
/wp-content/uploads/2018/06/prowli-post19-901x1030.png
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Mon, 04 Jun 2018 11:38:27 GMT
server
Apache/2.4.26
age
3
etag
"11c88b-56dcf5f3d8b6a"
x-cache
HIT
content-type
image/png
status
200
accept-ranges
bytes
content-length
1165451
x-cache-hits
1
prowli-post16-1-1030x502.png
www.guardicore.com/wp-content/uploads/2018/06/ 		514 KB
514 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/prowli-post16-1-1030x502.png
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
e5c06b855d55ee31ba7997975f831ffce02dc1ef28782256973bdc982c55ebe7

Request headers

:path
/wp-content/uploads/2018/06/prowli-post16-1-1030x502.png
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Sun, 03 Jun 2018 11:25:49 GMT
server
Apache/2.4.26
age
3
etag
"8079a-56dbb14446cdd"
x-cache
HIT
content-type
image/png
status
200
accept-ranges
bytes
content-length
526234
x-cache-hits
1
prowli-post17-1-1030x511.png
www.guardicore.com/wp-content/uploads/2018/06/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/prowli-post17-1-1030x511.png
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
586de29e3fdddfddb5912fa5300c022845337e3af4434f1ace002ab06bdbc5cd

Request headers

:path
/wp-content/uploads/2018/06/prowli-post17-1-1030x511.png
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Sun, 03 Jun 2018 11:25:42 GMT
server
Apache/2.4.26
age
3
etag
"21d41-56dbb13d715c7"
x-cache
HIT
content-type
image/png
status
200
accept-ranges
bytes
content-length
138561
x-cache-hits
1
2d1499ca5df4c307155bd0143506f666
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/2d1499ca5df4c307155bd0143506f666?s=60&d=mm&r=g
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
SPDY
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
643a860832456b5a74825b79d625434b5c4c2a344b8f9bef3614b327bea52646

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-nc
HIT fra 4
date
Tue, 19 Jun 2018 13:44:00 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
source-age
122858
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="2d1499ca5df4c307155bd0143506f666.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/2d1499ca5df4c307155bd0143506f666?s=60&d=mm&r=g>; rel="canonical"
content-length
1186
expires
Tue, 19 Jun 2018 13:49:00 GMT
7cdc0e15d3638cf8bc079ee9e18acaaa
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/7cdc0e15d3638cf8bc079ee9e18acaaa?s=60&d=mm&r=g
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
SPDY
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
643a860832456b5a74825b79d625434b5c4c2a344b8f9bef3614b327bea52646

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-nc
HIT fra 3
date
Tue, 19 Jun 2018 13:44:01 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
source-age
122858
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="7cdc0e15d3638cf8bc079ee9e18acaaa.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/7cdc0e15d3638cf8bc079ee9e18acaaa?s=60&d=mm&r=g>; rel="canonical"
content-length
1186
expires
Tue, 19 Jun 2018 13:49:01 GMT
96a620772c32a16a359c0617671231a4
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/96a620772c32a16a359c0617671231a4?s=60&d=mm&r=g
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
SPDY
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
643a860832456b5a74825b79d625434b5c4c2a344b8f9bef3614b327bea52646

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-nc
HIT fra 1
date
Tue, 19 Jun 2018 13:44:01 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
source-age
122857
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="96a620772c32a16a359c0617671231a4.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/96a620772c32a16a359c0617671231a4?s=60&d=mm&r=g>; rel="canonical"
content-length
1186
expires
Tue, 19 Jun 2018 13:49:01 GMT
title_background-710x375.jpg
www.guardicore.com/wp-content/uploads/2018/04/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/04/title_background-710x375.jpg
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
1155676fe44c17d2000eccb1f9b78be5bf2683701037aac23227aa087a193480

Request headers

:path
/wp-content/uploads/2018/04/title_background-710x375.jpg
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Mon, 02 Apr 2018 08:26:36 GMT
server
Apache/2.4.26
age
3
etag
"6e41-568d959276e0c"
x-cache
HIT
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
28225
x-cache-hits
1
azure_password_post-710x375.jpg
www.guardicore.com/wp-content/uploads/2018/03/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/03/azure_password_post-710x375.jpg
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
065af70b10d0de11bacd355af4c40eb20e8919504de2bad94558eabb29d0ac7e

Request headers

:path
/wp-content/uploads/2018/03/azure_password_post-710x375.jpg
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Thu, 15 Mar 2018 09:50:51 GMT
server
Apache/2.4.26
age
3
etag
"4fbe-567706d4eae70"
x-cache
HIT
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
20414
x-cache-hits
1
London_Infosec_2018_post-80x80.png
www.guardicore.com/wp-content/uploads/2018/06/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/London_Infosec_2018_post-80x80.png
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
889a38151db1b74691af6f7fd5ba49bf58704199a015769fb52cc691507d7bf1

Request headers

:path
/wp-content/uploads/2018/06/London_Infosec_2018_post-80x80.png
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Mon, 04 Jun 2018 10:29:49 GMT
server
Apache/2.4.26
age
3
etag
"2c1b-56dce69d6a1c1"
x-cache
HIT
content-type
image/png
status
200
accept-ranges
bytes
content-length
11291
x-cache-hits
1
Guardicore-Logo-5-2-80x80.png
www.guardicore.com/wp-content/uploads/2016/02/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2016/02/Guardicore-Logo-5-2-80x80.png
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
8bc6430c07e21a5669de56fcffdac3bce6b0d95cc6cebbe1cb38bb0fd06f297f

Request headers

:path
/wp-content/uploads/2016/02/Guardicore-Logo-5-2-80x80.png
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Tue, 23 Feb 2016 13:54:13 GMT
server
Apache/2.4.26
age
3
etag
"94d-52c7048dcfc41"
x-cache
HIT
content-type
image/png
status
200
accept-ranges
bytes
content-length
2381
x-cache-hits
1
form.js
www.guardicore.com/wp-content/plugins/akismet/_inc/ 		700 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/akismet/_inc/form.js?ver=3.3.2
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531

Request headers

:path
/wp-content/plugins/akismet/_inc/form.js?ver=3.3.2
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Sun, 28 May 2017 13:37:40 GMT
server
Apache/2.4.26
age
2
etag
"2bc-55095aca1af2a-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
318
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
core.min.js
www.guardicore.com/wp-includes/js/jquery/ui/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960

Request headers

:path
/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 13 Feb 2017 20:52:17 GMT
server
Apache/2.4.26
age
2
etag
"fa0-5486f9f73c69f-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
1821
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
position.min.js
www.guardicore.com/wp-includes/js/jquery/ui/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
49af6b83569c5e8c707e93884d9ba619b402f0a115925951301e2e3c844f0ad8

Request headers

:path
/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 13 Feb 2017 20:52:17 GMT
server
Apache/2.4.26
age
2
etag
"197f-5486f9f749540-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
2562
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
jquery.transit.min.js
www.guardicore.com/wp-content/plugins/easy-modal/assets/scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/easy-modal/assets/scripts/jquery.transit.min.js?ver=0.9.11
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
b259de534ce1ec151a383c5cfbc69f8fc568399e0d400b60f2d9534d072c76e0

Request headers

:path
/wp-content/plugins/easy-modal/assets/scripts/jquery.transit.min.js?ver=0.9.11
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Sun, 28 May 2017 13:37:51 GMT
server
Apache/2.4.26
age
2
etag
"1e9b-55095ad4dfab4-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
2754
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
easy-modal-site.js
www.guardicore.com/wp-content/plugins/easy-modal/assets/scripts/ 		22 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/easy-modal/assets/scripts/easy-modal-site.js?defer&ver=2
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
1fdcbc103efd36c93cec22826c56503704e3f4ea9defe97c43521c562d6ce140

Request headers

:path
/wp-content/plugins/easy-modal/assets/scripts/easy-modal-site.js?defer&ver=2
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:44:01 GMT
content-encoding
gzip
last-modified
Sun, 28 May 2017 13:37:51 GMT
server
Apache/2.4.26
age
0
etag
"5756-55095ad4e3450-gzip"
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
4055
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
0
avia.js
www.guardicore.com/wp-content/themes/whmcreative/js/ 		109 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/themes/whmcreative/js/avia.js?ver=3
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
438fa1a2d52cb6de7e3bdf4fae5bfc8bd675b9d0f40e51d2946b0e4b85b22ab5

Request headers

:path
/wp-content/themes/whmcreative/js/avia.js?ver=3
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2016 22:07:52 GMT
server
Apache/2.4.26
age
2
etag
"1b2e9-52b496e9e5951-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
30113
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
shortcodes.js
www.guardicore.com/wp-content/themes/whmcreative/js/ 		137 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/themes/whmcreative/js/shortcodes.js?ver=3
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
3648b9990c6ea0c16527567c24d519594d96d1c7b5402c3d67a6a1d3c595f809

Request headers

:path
/wp-content/themes/whmcreative/js/shortcodes.js?ver=3
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2016 22:07:53 GMT
server
Apache/2.4.26
age
2
etag
"22312-52b496ebc4d01-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
32943
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
jquery.magnific-popup.min.js
www.guardicore.com/wp-content/themes/whmcreative/js/aviapopup/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/themes/whmcreative/js/aviapopup/jquery.magnific-popup.min.js?ver=2
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
4ef35581d56516af9c0a792f09316bda2494a5f497edf5de30e6ab74052bc380

Request headers

:path
/wp-content/themes/whmcreative/js/aviapopup/jquery.magnific-popup.min.js?ver=2
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2016 22:31:20 GMT
server
Apache/2.4.26
age
2
etag
"51d3-52b49c29823fa-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
7594
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
mediaelement-and-player.min.js
www.guardicore.com/wp-includes/js/mediaelement/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=2.22.0
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
8b3c48ab6cfd3833e80cd18e8eee56e5d8fcbcaf48c48d00dc6969278c269ed7

Request headers

:path
/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=2.22.0
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 13 Feb 2017 20:52:17 GMT
server
Apache/2.4.26
age
2
etag
"142c1-5486f9f721ab1-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
22923
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
wp-mediaelement.min.js
www.guardicore.com/wp-includes/js/mediaelement/ 		796 B
709 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=4.7.10
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
aa7b97da927ffc548662117d715395465ac2b512485965599a5757f7c6897144

Request headers

:path
/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=4.7.10
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Fri, 24 Jun 2016 20:15:23 GMT
server
Apache/2.4.26
age
3
etag
"31c-5360bd4a13a86-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
422
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
comment-reply.min.js
www.guardicore.com/wp-includes/js/ 		1 KB
876 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-includes/js/comment-reply.min.js?ver=4.7.10
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

:path
/wp-includes/js/comment-reply.min.js?ver=4.7.10
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2016 22:59:43 GMT
server
Apache/2.4.26
age
3
etag
"436-52b4a280c5c51-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
589
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
wp-embed.min.js
www.guardicore.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-includes/js/wp-embed.min.js?ver=4.7.10
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=4.7.10
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 13 Feb 2017 20:52:17 GMT
server
Apache/2.4.26
age
3
etag
"576-5486f9f779594-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
751
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
jquery.fancybox-1.3.8.min.js
www.guardicore.com/wp-content/plugins/easy-fancybox/fancybox/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/easy-fancybox/fancybox/jquery.fancybox-1.3.8.min.js?ver=1.6
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
08f26bef009017d1d6ef309b3578453a969ecc8024a9521b7f739e44a3fb5bf0

Request headers

:path
/wp-content/plugins/easy-fancybox/fancybox/jquery.fancybox-1.3.8.min.js?ver=1.6
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Sun, 28 May 2017 13:37:20 GMT
server
Apache/2.4.26
age
3
etag
"3e6a-55095ab76158f-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
5471
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
jquery.easing.min.js
www.guardicore.com/wp-content/plugins/easy-fancybox/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.0
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
b29bd83837b7fef974f0a302c56b652b77a7563ffae0e3ea6d292b11a707daae

Request headers

:path
/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.0
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Sun, 28 May 2017 13:37:20 GMT
server
Apache/2.4.26
age
3
etag
"8e8-55095ab768cb2-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
752
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
jquery.mousewheel.min.js
www.guardicore.com/wp-content/plugins/easy-fancybox/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64

Request headers

:path
/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Sun, 28 May 2017 13:37:20 GMT
server
Apache/2.4.26
age
3
etag
"a31-55095ab767a9c-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
1145
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
uc.js
consent.cookiebot.com/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
SPDY
Server
52.164.210.24 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a746e7c2999d988395897258a8f1a0abc5f6bad8a96e27a214ebb7613764af23

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:44:00 GMT
content-encoding
gzip
etag
"80e3b750257d41:0"
last-modified
Mon, 18 Jun 2018 16:56:35 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public,max-age=86401
accept-ranges
bytes
content-length
6186
wp-emoji-release.min.js
www.guardicore.com/wp-includes/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-includes/js/wp-emoji-release.min.js?ver=4.7.10
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
549bffa1c6d412e36a8eab7630e90783665ac071220b220be545478500cae0f8

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=4.7.10
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 13 Feb 2017 20:52:17 GMT
server
Apache/2.4.26
age
3
etag
"2c96-5486f9f7e9852-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
4230
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
print.css
www.guardicore.com/wp-content/themes/whmcreative/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/themes/whmcreative/css/print.css?ver=1
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
d8e4c36e000345e67552643da87fdb32064ad591e9e08cb634444c4f1d9dc4a7

Request headers

:path
/wp-content/themes/whmcreative/css/print.css?ver=1
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:57 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2016 22:07:26 GMT
server
Apache/2.4.26
age
3
etag
"11fd-52b496d18dbbf-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
accept-ranges
bytes
content-length
1623
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
api.js
www.comeet.co/careers-api/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.comeet.co/careers-api/api.js
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
HTTP/1.1
Server
54.192.129.53 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-129-53.ams50.r.cloudfront.net
Software
Apache/2.4.6 (Ubuntu) /
Resource Hash
04da6300c199c7447f1c60f418152c5690f34b9f1e7291ea35824afb1f40b306

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 13:40:08 GMT
Content-Encoding
gzip
Allow
OPTIONS, GET
Server
Apache/2.4.6 (Ubuntu)
Age
233
Vary
Cookie,Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
H1V79QPu5WwD0bMkPbiU7Bc4o2Sh-2Dk-Sf8lX-BF9_9SHowznE9Pg==
Via
1.1 4973b351452bebd97817a8a5711b6576.cloudfront.net (CloudFront)
S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v14/ 		57 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPHA.ttf
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
SPDY
Server
2a00:1450:4001:817::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9cc39c759cd72b2f53c5c177a239eec038cf2a6614a686f150fdd59435df222f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin
https://www.guardicore.com

Response headers

date
Wed, 09 May 2018 04:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3577189
status
200
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
29554
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:24:09 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 May 2019 04:04:11 GMT
S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v14/ 		59 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wWw.ttf
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
SPDY
Server
2a00:1450:4001:817::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9c4590446dbf83edae05be4ca28ef789ee50a01ef2cb8f1b51c5937d029cac76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin
https://www.guardicore.com

Response headers

date
Fri, 15 Jun 2018 21:05:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319115
status
200
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
30035
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:23:16 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jun 2019 21:05:25 GMT
op-prowli-Header-3-e1528198646174.jpg
www.guardicore.com/wp-content/uploads/2018/06/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guardicore.com/wp-content/uploads/2018/06/op-prowli-Header-3-e1528198646174.jpg
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
6eb1b14ae3b1d7814df14cd42771e6bf7b4e942c8422d4c8944a831e6e056041

Request headers

:path
/wp-content/uploads/2018/06/op-prowli-Header-3-e1528198646174.jpg
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:58 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Tue, 05 Jun 2018 11:36:19 GMT
server
Apache/2.4.26
age
2
etag
"13eef-56de37575dcc5"
x-cache
HIT
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
81647
x-cache-hits
1
entypo-fontello.woff
www.guardicore.com/wp-content/themes/whmcreative/config-templatebuilder/avia-template-builder/assets/fonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/themes/whmcreative/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff?v=3
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
75e801b453bd677c68d4af036055b3036b8fc0390a76bf4661ab50e22b1137ee

Request headers

:path
/wp-content/themes/whmcreative/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff?v=3
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5
origin
https://www.guardicore.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.guardicore.com
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Origin
https://www.guardicore.com

Response headers

date
Tue, 19 Jun 2018 13:44:01 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Mon, 08 Feb 2016 22:53:48 GMT
server
Apache/2.4.26
age
0
etag
"7854-52b4a12f13e60"
x-cache
MISS
content-type
application/x-font-woff
status
200
accept-ranges
bytes
content-length
30804
x-cache-hits
0
revolution.extension.slideanims.min.js
www.guardicore.com/wp-content/plugins/revslider/public/assets/js/extensions/ 		27 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
a70f6cd4d5e2e3feff8f3a41502ae8871c91cfd180ad8db858e7962c515e9e7f

Request headers

:path
/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5; referrerf2_008=www.guardicore.com; guard_ref=
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.guardicore.com
x-requested-with
XMLHttpRequest
:scheme
https
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:58 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2016 22:52:27 GMT
server
Apache/2.4.26
age
2
etag
"6dda-52b4a0e1b2c3a-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
6622
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
revolution.extension.layeranimation.min.js
www.guardicore.com/wp-content/plugins/revslider/public/assets/js/extensions/ 		29 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.guardicore.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4b98:dc2:950::102 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),
Reverse DNS
Software
Apache/2.4.26 /
Resource Hash
7d45f7595d818f4ed33cf0ce19859f2875fe7f3dfb30fabb2a8c3ca0d7dee633

Request headers

:path
/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js
pragma
no-cache
cookie
wfvt_2854934584=5b2908a02fe3f; PHPSESSID=195gbh0k9g7v1li29bvkvblbr5; referrerf2_008=www.guardicore.com; guard_ref=
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.guardicore.com
x-requested-with
XMLHttpRequest
:scheme
https
referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:43:58 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2016 22:52:25 GMT
server
Apache/2.4.26
age
2
etag
"74ed-52b4a0dfb5040-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
8295
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-cache-hits
1
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M78Z53N
Protocol
SPDY
Server
2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
3656
date
Tue, 19 Jun 2018 12:43:05 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
14386
expires
Tue, 19 Jun 2018 14:43:05 GMT
insight.min.js
sjs.bizographics.com/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sjs.bizographics.com/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRGX6B
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:2bf::3adf , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
656099b1659bc72032a58e03ced048ca583dec3870bf87eb7c4cdaaef8dc6bc5

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 13:44:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Apr 2018 21:09:56 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=78366
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4010
tbw_analytics_v1.0.js
d26x5ounzdjojj.cloudfront.net/tbw/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?13
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
HTTP/1.1
Server
52.85.245.254 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-245-254.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3017f8092c3d71e4f60be3564dcd11a4697a834e96c593613eeb2c25094c4b8f

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 29 May 2018 18:59:54 GMT
Via
1.1 43518f697c0e9bc767698eecd48d0fba.cloudfront.net (CloudFront)
Last-Modified
Thu, 05 Apr 2018 20:59:43 GMT
Server
AmazonS3
Age
66714
ETag
"8e4c80bb656719244e8b060ffcfe2934"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11898
X-Amz-Cf-Id
mfTtj8S92vhspDZiMN6aXCulzsddw7zfgjllveaF4j3nbk4noMD-IA==
cc.js
consent.cookiebot.com/4404fc52-2130-467e-8f56-c75ef5b5f27e/ 		87 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/4404fc52-2130-467e-8f56-c75ef5b5f27e/cc.js?renew=false&referer=https%3A%2F%2Fwww.guardicore.com&dnt=false&forceshow=false&cbid=4404fc52-2130-467e-8f56-c75ef5b5f27e&whitelabel=false&brandid=Cookiebot
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
SPDY
Server
52.164.210.24 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ebbb8d5cea8ea2dc3304705946d0174a8072c478fbb6837f55ee9fd5db4a9b23

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:44:00 GMT
content-encoding
gzip
last-modified
Tue, 19 Jun 2018 13:44:01 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=7200
content-length
21665
1f642.svg
s.w.org/images/core/emoji/2.2.1/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/2.2.1/svg/1f642.svg
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
SPDY
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
54a56a26622d9ee0165f03f2690e6c883b5310ee48423f201207b6a643351f02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-nc
HIT fra 48
date
Tue, 19 Jun 2018 13:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2017 04:08:08 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j68&a=1163401312&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&ul=en-us&de=UTF-8&dt=Operation%20Prowli%3A%20Monetizing%2040%2C000%20Victim%20Machines%20%7C%20GuardiCore&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgEAB~&jid=1775577186&gjid=862989472&cid=1422206449.1529415842&tid=UA-53878132-1&_gid=523930084.1529415842&gtm=G64M78Z53N&z=1988736598
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
SPDY
Server
2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jun 2018 13:11:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1297922
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j68&tid=UA-53878132-1&cid=1422206449.1529415842&jid=1775577186&gjid=862989472&_gid=523930084.1529415842&_u=YGBAgEAB~&z=41400984
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53878132-1&cid=1422206449.1529415842&jid=1775577186&_v=j68&z=41400984
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53878132-1&cid=1422206449.1529415842&jid=1775577186&_v=j68&z=41400984&slf_rd=1&random=2545459242
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53878132-1&cid=1422206449.1529415842&jid=1775577186&_v=j68&z=41400984&slf_rd=1&random=2545459242
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
SPDY
Server
2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jun 2018 13:44:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Jun 2018 13:44:01 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53878132-1&cid=1422206449.1529415842&jid=1775577186&_v=j68&z=41400984&slf_rd=1&random=2545459242
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
tbw
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/tbw
  • https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1
44 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
HTTP/1.1
Server
52.30.190.93 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-190-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bd098bac2ba83169ea4860f302645fcec6b6cab3715dd9a0c592bec560ce1b72
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 13:44:01 GMT
x-content-type-options
nosniff
Server
nginx
Connection
keep-alive
Content-Length
44
content-type
application/javascript

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1
Date
Tue, 19 Jun 2018 13:44:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
truncated
/ 		973 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
sp.js
d26x5ounzdjojj.cloudfront.net/2.5.3/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d26x5ounzdjojj.cloudfront.net/2.5.3/sp.js
Requested by
Host: d26x5ounzdjojj.cloudfront.net
URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?13
Protocol
HTTP/1.1
Server
52.85.245.254 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-245-254.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f009965bacbe5c0e640baad0f002e9155f386e62f807766dec41c12f90505

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 24 Feb 2017 10:38:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Jan 2016 17:57:38 GMT
Server
AmazonS3
Age
9947076
ETag
"e1a39ad30353de24ff2cd550d228fb11"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 43518f697c0e9bc767698eecd48d0fba.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24148
X-Amz-Cf-Id
7jQf7LWae3t4ZCbJsIqTJwKyMqBSVAQSYmbaw5FmIe91YCbDdkKTXQ==
i
drvizd1lyevz4.cloudfront.net/ 		37 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://drvizd1lyevz4.cloudfront.net/i?e=pv&url=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&page=Operation%20Prowli%3A%20Monetizing%2040%2C000%20Victim%20Machines%20%7C%20GuardiCore&tv=js-2.5.3&tna=co&aid=L0774c8c6263d526f&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=04fb2825-a10c-4f50-a7c0-d2bed9c7af58&dtm=1529415841924&vp=1600x1200&ds=1585x20935&vid=1&sid=162007a8-e9c9-49f5-9935-7b8bebd5fd7b&duid=78e73354acc0727e&fp=1498438248&uid=tbw_bw_uid%7Cbito.ADgSGk62UhEAADuCvazR6w&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiI1MzgyY2Q4Ni1kNWQ3LTQ0MmYtOGM1Yy0yYWQ1YjcxNWEwNjEifX1dfQ
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
HTTP/1.1
Server
216.137.61.144 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-216-137-61-144.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 22 Sep 2017 13:54:46 GMT
Via
1.1 f2cdeae9faa9c871a27c20811b04af58.cloudfront.net (CloudFront)
Last-Modified
Wed, 27 Apr 2016 10:24:35 GMT
Server
AmazonS3
Age
19922
ETag
"3eacd0132310ea44cad756b378a3bc07"
X-Cache
Hit from cloudfront
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37
X-Amz-Cf-Id
2foNX3kKbHL3mqXGrF__tlrZNmVNG5F35X6X0xQ9Igdi7oMtjBGZJA==
i
drvizd1lyevz4.cloudfront.net/ 		37 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://drvizd1lyevz4.cloudfront.net/i?e=se&se_ca=DEFAULT&se_ac=DEFAULT&se_la=DEFAULT&se_pr=DEFAULT&se_va=1.0&tv=js-2.5.3&tna=co&aid=L0774c8c6263d526f&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=015ecbce-0de3-4a3d-92ca-27321794f9b7&dtm=1529415841933&vp=1600x1200&ds=1585x20935&vid=1&sid=162007a8-e9c9-49f5-9935-7b8bebd5fd7b&duid=78e73354acc0727e&fp=1498438248&uid=tbw_bw_uid%7Cbito.ADgSGk62UhEAADuCvazR6w&url=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiI1MzgyY2Q4Ni1kNWQ3LTQ0MmYtOGM1Yy0yYWQ1YjcxNWEwNjEifX1dfQ
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
HTTP/1.1
Server
216.137.61.144 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-216-137-61-144.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 22 Sep 2017 13:54:46 GMT
Via
1.1 f2cdeae9faa9c871a27c20811b04af58.cloudfront.net (CloudFront)
Last-Modified
Wed, 27 Apr 2016 10:24:35 GMT
Server
AmazonS3
Age
19922
ETag
"3eacd0132310ea44cad756b378a3bc07"
X-Cache
Hit from cloudfront
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37
X-Amz-Cf-Id
zWxuzBPn9mxx3GghA7knpKz9ERmuBr6eByTcT3TGbn5TxmouJOT90g==
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: www.guardicore.com
URL: https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Protocol
HTTP/1.1
Server
35.174.150.168 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
pi0-lba1-3-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
ce221b09b94f7561ec5cae2b3b6ce0d000e8d92d8d4b7ae9d47128a364139fd1

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 13:44:02 GMT
Content-Encoding
gzip
X-Pardot-Route
ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
Last-Modified
Tue, 17 Apr 2018 19:03:52 GMT
Server
PardotServer
ETag
"1487-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=63072000
Accept-Ranges
bytes
Content-Length
1836
Expires
Thu, 18 Jun 2020 13:44:02 GMT
/
dc.ads.linkedin.com/collect/
Redirect Chain
  • https://px.ads.linkedin.com/collect/?time=1529415841976&pid=265698&url=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&pageUrl=https%3A...
  • https://px.ads.linkedin.com/collect/?time=1529415841976&pid=265698&url=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&pageUrl=https%3A...
  • https://www.linkedin.com/csp/dtag?_x=%2526s%253D1%2526url%253Dhttps%25253A%25252F%25252Fwww.guardicore.com%25252F2018%25252F06%25252Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2525...
  • https://dc.ads.linkedin.com/collect/?pid=6883&s=1&url=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&pageUrl=https%3A%2F%2Fwww.guardic...
0
94 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dc.ads.linkedin.com/collect/?pid=6883&s=1&url=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&pageUrl=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&ref=&cookiesTest=true&opid=265698&fmt=js&time=1529415841976
Protocol
SPDY
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 19 Jun 2018 13:44:02 GMT
content-encoding
gzip
server
Play
vary
Accept-Encoding
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5-icwd24
content-type
application/javascript
content-length
20
x-li-uuid
7GwC/ZqTORVgDRihuioAAA==

Redirect headers

date
Tue, 19 Jun 2018 13:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-li-fabric
prod-lva1
status
302
strict-transport-security
max-age=2592000
x-li-uuid
vakQ9ZqTORWAmyDcHisAAA==
server
Apache-Coyote/1.1
pragma
no-cache
x-li-pop
prod-efr5-icwd24
vary
Accept-Encoding
content-language
en-US
location
https://dc.ads.linkedin.com/collect/?pid=6883&s=1&url=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&pageUrl=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&ref=&cookiesTest=true&opid=265698&fmt=js&time=1529415841976
x-xss-protection
1; mode=block
cache-control
no-store, private
content-security-policy
default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ wss://*.linkedin.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com; object-src 'none'; media-src blob: *; frame-ancestors http://*.adnxs.com https://*.adnxs.com http://*.linkedin.com https://*.linkedin.com http://*.slideshare.net https://*.slideshare.net https://*.msn.com http://*.msn.com http://*.outlook.com https://*.outlook.com translate.googleusercontent.com pemberly.www.linkedin.com:4443; report-uri https://www.linkedin.com/lite/contentsecurity?f=ad
x-li-proto
http/2
x-fs-uuid
bda910f59a933915809b20dc1e2b0000
analytics
pi.pardot.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&pi_opt_in=&campaign_id=2330&account_id=504441&title=Operation%20Prowli%3A%20Monetizing%2040%2C000%20Victim%20Machines%20%7C%20GuardiCore&url=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.0
Server
35.174.150.168 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
pi0-lba1-3-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
ede070c3a2fe0f31d0043945e261f05b2a1900385bd93a37e3bfe64421b77e22

Request headers

Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Jun 2018 13:44:02 GMT
Content-Encoding
gzip
X-Pardot-Route
13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
X-Pardot-Rsp
16/125/107
Vary
Accept-Encoding,User-Agent
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
506
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cookie set analytics
go.guardicore.com/ 		45 B
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.guardicore.com/analytics?conly=true&visitor_id=48719215&pi_opt_in=&campaign_id=2330&account_id=504441&title=Operation%20Prowli%3A%20Monetizing%2040%2C000%20Victim%20Machines%20%7C%20GuardiCore&url=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&referrer=&visitor_id_sign=bfb85c3c6c02c845072a06f9a2c0098aab78e998c069295ae68d1cb88b01c596f46d904c94c3347d0131ec1cffe4a19f7d71adb5
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&pi_opt_in=&campaign_id=2330&account_id=504441&title=Operation%20Prowli%3A%20Monetizing%2040%2C000%20Victim%20Machines%20%7C%20GuardiCore&url=https%3A%2F%2Fwww.guardicore.com%2F2018%2F06%2Foperation-prowli-traffic-manipulation-cryptocurrency-mining%2F&referrer=
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.150.168 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
pi0-lba1-3-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
c699f1728b301d74d6af80a9373aab4b9885b9d083ffd2e04fc7b4ba020729d1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
go.guardicore.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Cookie
_ga=GA1.2.1422206449.1529415842; _gid=GA1.2.523930084.1529415842; _dc_gtm_UA-53878132-1=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Jun 2018 13:44:03 GMT
X-Pardot-Route
13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
X-Pardot-Rsp
16/106/39
Vary
User-Agent
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Set-Cookie
pardot=8uofesdcppqrdmb9ucdnq1qsa1; path=/ visitor_id503441=48719215; expires=Thu, 08-Aug-2019 13:44:03 GMT; Max-Age=35856000; path=/ visitor_id503441-hash=be6175e583825f0afda08a5ba51304d85803e8f7d2b5d1a9c2bdbfba12ce9ab0988b1db6afb65f6313004cad094128dbdbf03168; expires=Thu, 08-Aug-2019 13:44:03 GMT; Max-Age=35856000; path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
45
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT
preload-assets
www.comeet.co/jobs/ Frame AEAC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.comeet.co/jobs/preload-assets
Requested by
Host: www.comeet.co
URL: https://www.comeet.co/careers-api/api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.129.53 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-129-53.ams50.r.cloudfront.net
Software
Apache/2.4.6 (Ubuntu) /
Resource Hash

Request headers

Host
www.comeet.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
5F65764676852FBF94DC2BC7125800F5
Referer
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Date
Tue, 19 Jun 2018 13:41:23 GMT
Server
Apache/2.4.6 (Ubuntu)
Vary
Accept-Encoding
Age
160
X-Cache
Hit from cloudfront
Via
1.1 4973b351452bebd97817a8a5711b6576.cloudfront.net (CloudFront)
X-Amz-Cf-Id
abpf_82v54fDqKxLefpVPYKPqYpNL0FqHoIy1EcMGDgapKMY1zxTvw==

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| _wpemojiSettings function| $ function| jQuery boolean| pp_alreadyInitialized object| vlpp_vars undefined| oldgs object| punchgs object| _gsScope undefined| oldgs_queue undefined| GreenSockGlobals undefined| _gsQueue object| WONDERPLUGIN_CAROUSEL_SKIN_OPTIONS function| ASTimer object| ACPlatforms object| wonderplugincarouselObjects boolean| ASYouTubeIframeAPIReady number| ASYouTubeTimeout number| wonderplugincarouselId function| onYouTubeIframeAPIReady boolean| avia_is_mobile object| fb_timeout object| fb_opts function| easy_fancybox_handler function| easy_fancybox_auto function| comeetInit object| htmlDiv string| htmlDivCss function| setREVStartSize function| revslider_showDoubleJqueryError function| tpj object| revapi33 object| elem number| elem_top object| ch_elem number| elem_width number| widget_width object| jQuery1124020738732844152685 object| google_tag_manager function| postscribe function| iFrameResize function| onLoadComeetIframe object| COMEET number| c_start object| avia_framework_globals string| piCId string| piAId string| piHostname object| ak_js object| commentForm undefined| replyRowContainer undefined| children object| emodal_themes function| Froogaloop object| eventie function| docReady function| EventEmitter function| getStyleProperty function| getSize function| matchesSelector function| Outlayer function| Isotope function| Masonry function| Waypoint function| $f function| aviaOnGoogleMapsLoaded object| mejsL10n object| _wpmejsSettings object| mejs function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| MediaElement function| MediaElementPlayer object| wp object| addComment function| guarGetCookie function| guarSetCookie string| ref_url string| guar_ref boolean| doresize object| scroll_pos boolean| hashtag string| GoogleAnalyticsObject function| ga string| _bizo_data_partner_id undefined| _bizo_data_partner_title undefined| _bizo_data_partner_domain undefined| _bizo_data_partner_company undefined| _bizo_data_partner_location undefined| _bizo_data_partner_employee_range undefined| _bizo_data_partner_sics undefined| _bizo_data_partner_email object| script object| CookieConsent object| CookieControl object| Cookiebot object| twemoji object| gaplugins object| gaGlobal object| gaData object| tbw_parameters function| tbw_set_cookie function| tbw_get_all_cookies function| tbw_get_cookie function| tbw_get_part_of_cookie function| tbw_check_cookie function| tbw_get_host_name function| tbw_collector function| tbw_get_first_party_cookie function| tbw_get_parameters function| tbw_callback_other function| tbw_callback function| tbw_bw_call function| tbw_make_bw_call function| tbw_event_tracker function| tbw_form_event_tracker function| tbw_set_event_listeners function| tbw_get_bwid_from_url function| tbw_get_current_utc_time function| tbw_send_data function| tbw_parse object| CookiebotDialog object| CookieConsentDialog object| that object| cookieTable number| j object| GlobalSnowplowNamespace function| snowplow object| Snowplow function| _bizo_local_logger function| _bizo_fire_partners boolean| _bizo_main_already_called function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie number| piScriptNum object| piScriptObj object| pi string| property function| piResponse

11 Cookies

Domain/Path Name / Value
www.guardicore.com/ Name: _sp_id.cd69
Value: 78e73354acc0727e.1529415842.1.1529415842.1529415842.162007a8-e9c9-49f5-9935-7b8bebd5fd7b
www.guardicore.com/ Name: tbw_bw_sd
Value: 1529415842
.guardicore.com/ Name: _dc_gtm_UA-53878132-1
Value: 1
www.guardicore.com/ Name: _sp_ses.cd69
Value: *
.guardicore.com/ Name: _ga
Value: GA1.2.1422206449.1529415842
www.guardicore.com/ Name: guard_ref
Value:
www.guardicore.com/ Name: tbw_bw_uid
Value: bito.ADgSGk62UhEAADuCvazR6w
.guardicore.com/ Name: _gid
Value: GA1.2.523930084.1529415842
www.guardicore.com/ Name: PHPSESSID
Value: 195gbh0k9g7v1li29bvkvblbr5
www.guardicore.com/ Name: referrerf2_008
Value: www.guardicore.com
www.guardicore.com/ Name: wfvt_2854934584
Value: 5b2908a02fe3f

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.guardicore.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent.cookiebot.com
d26x5ounzdjojj.cloudfront.net
dc.ads.linkedin.com
drvizd1lyevz4.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
go.guardicore.com
match.prod.bidr.io
pi.pardot.com
px.ads.linkedin.com
s.w.org
secure.gravatar.com
sjs.bizographics.com
stats.g.doubleclick.net
www.comeet.co
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.guardicore.com
www.linkedin.com
192.0.73.2
192.0.77.48
2001:4b98:dc2:950::102
216.137.61.144
2a00:1450:4001:817::2003
2a00:1450:4001:818::2003
2a00:1450:4001:818::2004
2a00:1450:4001:818::2008
2a00:1450:4001:818::200a
2a00:1450:4001:818::200e
2a00:1450:400c:c00::9a
2a02:26f0:6c00:2bf::3adf
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
35.174.150.168
52.164.210.24
52.30.190.93
52.85.245.254
54.192.129.53
01814514f35a6da6ec550bbffe9a00ea4196a432eb4e716b26c459494478ccaf
04da6300c199c7447f1c60f418152c5690f34b9f1e7291ea35824afb1f40b306
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
05de8bb85ecf6008078cb9974ad80c8ea854f204e7101370dd7b6d8d7515ffe0
065af70b10d0de11bacd355af4c40eb20e8919504de2bad94558eabb29d0ac7e
08f26bef009017d1d6ef309b3578453a969ecc8024a9521b7f739e44a3fb5bf0
1155676fe44c17d2000eccb1f9b78be5bf2683701037aac23227aa087a193480
18e88ddff7db518b6acb0461eed61368f4f53bcbaf45e80ed1f5048fc14beec6
1966da9e88846a4e70e9327b4cd0cab12fab770ab1ebe30d9a5dbbab0d4e537e
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
1fdcbc103efd36c93cec22826c56503704e3f4ea9defe97c43521c562d6ce140
279a7d24b24fd40ef8a901c57835999e7bb0436d75633f1bb791c4c9b35f11cf
28925c6c251fd4b275424de25dac506ebfbd354a341799b3f44247de23f2b6d2
3017f8092c3d71e4f60be3564dcd11a4697a834e96c593613eeb2c25094c4b8f
3648b9990c6ea0c16527567c24d519594d96d1c7b5402c3d67a6a1d3c595f809
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
438fa1a2d52cb6de7e3bdf4fae5bfc8bd675b9d0f40e51d2946b0e4b85b22ab5
446c32dcbc263e084d61109e41d097ac369e64b0fc44ae17ef5c6d80cde0d662
4525ef7ae7a5fce90a9351d58324eba1fb5537e3fabfaa9fe12ef4582bf93ee4
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49af6b83569c5e8c707e93884d9ba619b402f0a115925951301e2e3c844f0ad8
4ef35581d56516af9c0a792f09316bda2494a5f497edf5de30e6ab74052bc380
50fa66c89e905e2795fac692b35855444ef06a6e78afb41047987015afeb46e3
549bffa1c6d412e36a8eab7630e90783665ac071220b220be545478500cae0f8
54a56a26622d9ee0165f03f2690e6c883b5310ee48423f201207b6a643351f02
586de29e3fdddfddb5912fa5300c022845337e3af4434f1ace002ab06bdbc5cd
5a4bdf8a901e60d828df7127f18b80effbd55ef0b6289d9e7a3a51e1dcdf6afe
5eeaddbaaeb0c2e5b30d47b5eeafce88ad65e371c2719c5bf230e7857c7f9869
5f626d986cb2b012e03225573f87ce60ecb1a44c997a24032cf905482faef82b
611969fcccd89efd6c58a4e957ed5811d4f48efe3c1c1f04bcdafb8d04adfa91
643a860832456b5a74825b79d625434b5c4c2a344b8f9bef3614b327bea52646
656099b1659bc72032a58e03ced048ca583dec3870bf87eb7c4cdaaef8dc6bc5
6c4658bc18c8170590c20012a4ac40444157595cba2df916127db96445893ff1
6eb1b14ae3b1d7814df14cd42771e6bf7b4e942c8422d4c8944a831e6e056041
7158cb42e4beb208b338685d750ac10d01de661b43d508d0139bce3e48142884
736ec33871a03ea49628c0cdece612f6e8369da5850edca4841d8a272c925108
742015ba408b07803d962ff00c90145ed0308fd1654b9f4d1a0dd80f3a5d3014
7462b2d28bfd9da565a8274900ad663dccb5c106870933b388dcace4191194cf
75274d1b2a2c5cdcd76d301f9a28634d2f8089cf304277645382f329cc988c8c
75e801b453bd677c68d4af036055b3036b8fc0390a76bf4661ab50e22b1137ee
794fd1d8d43573a418add7d71302fc5246bca589f760ece561458ad908f9a86f
7d45f7595d818f4ed33cf0ce19859f2875fe7f3dfb30fabb2a8c3ca0d7dee633
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8403623695c3c7f672981e76d8d4244063c125148d1359bcca924691680ae597
889a38151db1b74691af6f7fd5ba49bf58704199a015769fb52cc691507d7bf1
89d6124af900683e61f6aba408fcef364e7e0ae84da408fbc18ea2bc26ade197
89fa5089c37a32c5be8938c9ab9fb7aad4345b2c7cc4dcd1055e07cf8c9f0581
8b3c48ab6cfd3833e80cd18e8eee56e5d8fcbcaf48c48d00dc6969278c269ed7
8bc6430c07e21a5669de56fcffdac3bce6b0d95cc6cebbe1cb38bb0fd06f297f
8dcef79fd02ab3dc4f5486e57ccb4cd011ee43d11c44ff7203ad1f68344e5068
92983391bc58be712278f3e3312b8fa888bc44bc6942e7e29b43a1b88868a47b
936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960
96c3bfca23746f9c6a99311e21af0798b3f8d97fe9d6ff8a4367695a6c79c7a8
99aa0188982affe97d218312e3aa666178cd0fdaf46ee2a83a62d2b46f417537
9c4590446dbf83edae05be4ca28ef789ee50a01ef2cb8f1b51c5937d029cac76
9cc39c759cd72b2f53c5c177a239eec038cf2a6614a686f150fdd59435df222f
9e3f009965bacbe5c0e640baad0f002e9155f386e62f807766dec41c12f90505
a09b39a46c796d02023f0ad9d9150bd4d6ff58e81682ff9da3db3e87a166ab6b
a6510bb32bdab74926f7d84bdf853aa2c1513925d4400a88d822d685dbcdf726
a70f6cd4d5e2e3feff8f3a41502ae8871c91cfd180ad8db858e7962c515e9e7f
a746e7c2999d988395897258a8f1a0abc5f6bad8a96e27a214ebb7613764af23
a81dcb3dd714e1969181f089a93f43c91e357e10b2d5d941babe7cea6efa59a0
aa7b97da927ffc548662117d715395465ac2b512485965599a5757f7c6897144
acca94bf443b7912ed63e3d93910d25a747d3fd97974a7b7762d8a1ca4229659
b259de534ce1ec151a383c5cfbc69f8fc568399e0d400b60f2d9534d072c76e0
b29bd83837b7fef974f0a302c56b652b77a7563ffae0e3ea6d292b11a707daae
b660f3910183c0fac473f820f0e0111d64453deb213fe7c54f3c7b5d808ac6e8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd098bac2ba83169ea4860f302645fcec6b6cab3715dd9a0c592bec560ce1b72
c63be02717683d2efdc8c887d77d289092a50b7d51210e87033045ea2b7c9eed
c699f1728b301d74d6af80a9373aab4b9885b9d083ffd2e04fc7b4ba020729d1
c6b5d20c02c73fbe4d7ff18e4b6d3b6eefda8b68e938226fa314941c9ee530f4
c6e8ec3deef4213c2f245e3d2203194f7ca34de7fbaa8289e522be289ead798f
cb2ffb30a33b8b46d0ec0c1bf463919f076c9f13e66f8c3fbbab8ee3b4272229
cbe6d86fabbbf1033d50111c74731db9c839bbc5d8f543e9a6d47325d9f37747
ce221b09b94f7561ec5cae2b3b6ce0d000e8d92d8d4b7ae9d47128a364139fd1
cea18aebba631b17440d548716aa4ae075cad150ea9fcee68638e278be3ded67
d34c059d6b24f6d65f521fce8d9b5d5be9cea0d1ff36b2dcf4cb5ebc52599d68
d8e4c36e000345e67552643da87fdb32064ad591e9e08cb634444c4f1d9dc4a7
db26f3c2e3a84aecf2d12646f30616438113f094e8f86610bd3904eb9fe4ff09
dc2548bb56bea9977fe6d95461e15657ff0abd0899b70ab9b7f85538986ea45b
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c06b855d55ee31ba7997975f831ffce02dc1ef28782256973bdc982c55ebe7
e764c95f535df1ed26f6234e4ecd7a1c9ed2a605441a6a0e2551b093739f067b
eb1fe2f06f562ed0a2d08cb28377bbaec856f97498ac150bff698fc28b054416
ebbb8d5cea8ea2dc3304705946d0174a8072c478fbb6837f55ee9fd5db4a9b23
ede070c3a2fe0f31d0043945e261f05b2a1900385bd93a37e3bfe64421b77e22
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdd464e865bd091ac6944b9d999124c8e19fa28a23f25f55651bbdea9a4bda9
f50d9df9e37e0c067b4a18817315f174fd692c27c456c8fe02db0daf37e73364
f851d41fad8c5703e220468829702876bb63d9eddb08bd13a50b92fbabbe32b8
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9