urlscan.io logo urlscan.io
SecurityTrails logo

www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Submission: On October 16 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 66 IPs in 7 countries across 47 domains to perform 263 HTTP transactions. The main IP is 104.20.59.209, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.bleepingcomputer.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 12th 2018. Valid for: 2 years.
This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.20.59.209 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
32 104.24.1.61 13335 (CLOUDFLAR...)
10 2a04:4e42:3::645 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
5 6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 212.71.236.117 63949 (LINODE-AP...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 23.210.248.44 16625 (AKAMAI-AS)
2 2600:9000:215... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
5 35.188.71.214 15169 (GOOGLE)
1 143.204.101.37 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 34.195.95.173 14618 (AMAZON-AES)
1 2600:9000:21f... 16509 (AMAZON-02)
2 143.204.101.23 16509 (AMAZON-02)
10 172.217.23.98 15169 (GOOGLE)
1 143.204.101.105 16509 (AMAZON-02)
4 52.85.185.67 16509 (AMAZON-02)
2 151.101.13.194 54113 (FASTLY)
2 13.225.78.7 16509 (AMAZON-02)
2 34.236.119.98 14618 (AMAZON-AES)
1 3.222.65.212 14618 (AMAZON-AES)
2 9 34.95.120.147 15169 (GOOGLE)
1 34.206.108.72 14618 (AMAZON-AES)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 151.101.113.140 54113 (FASTLY)
3 35.226.36.58 15169 (GOOGLE)
2 2.18.234.21 16625 (AKAMAI-AS)
7 69.173.144.141 26667 (RUBICONPR...)
4 37.252.173.62 29990 (ASN-APPNEXUS)
1 18.196.104.43 16509 (AMAZON-02)
2 3.221.180.180 14618 (AMAZON-AES)
4 104.16.190.66 13335 (CLOUDFLAR...)
1 18.194.151.167 16509 (AMAZON-02)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
4 52.72.165.42 14618 (AMAZON-AES)
13 54.194.10.250 16509 (AMAZON-02)
17 35.156.77.44 16509 (AMAZON-02)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 2a02:fa8:8806... 41041 (VCLK-EU-)
16 2a00:1450:400... 15169 (GOOGLE)
1 91.228.74.217 27281 (QUANTCAST)
2 2.18.235.93 16625 (AKAMAI-AS)
1 3 2.19.43.224 20940 (AKAMAI-ASN1)
1 2.18.234.163 16625 (AKAMAI-AS)
1 2600:9000:200... 16509 (AMAZON-02)
1 54.80.117.178 14618 (AMAZON-AES)
2 2a03:2880:f02... 32934 (FACEBOOK)
27 2a00:1450:400... 15169 (GOOGLE)
3 6 216.58.205.230 15169 (GOOGLE)
3 2a03:2880:f12... 32934 (FACEBOOK)
4 2.18.232.130 16625 (AKAMAI-AS)
1 1 143.204.101.13 16509 (AMAZON-02)
1 2 52.57.118.141 16509 (AMAZON-02)
1 104.109.78.125 20940 (AKAMAI-ASN1)
2 52.20.101.210 14618 (AMAZON-AES)
2 2.18.233.180 16625 (AKAMAI-AS)
1 104.17.119.107 13335 (CLOUDFLAR...)
263 66
1    104.20.59.209 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.bleepingcomputer.com
2    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
32    104.24.1.61 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.bleepstatic.com
10    2a04:4e42:3::645 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
cdn.connatix.com
cdns.connatix.com
ck.connatix.com
i.connatix.com
1    2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
6    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cse.google.com
2    2606:4700:20::6819:bf72 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
a.pub.network
1    212.71.236.117 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-212-71-236-117.london.nodebalancer.linode.com
ecdn.analysis.fi
6    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2600:9000:21f3:e000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
quantcast.mgr.consensu.org
2    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
4    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
4    23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com
s9.addthis.com
v1.addthisedge.com
s7.addthis.com
2    2600:9000:2156:ac00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
static.quantcast.mgr.consensu.org
2    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
adservice.google.com
7    2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
5    35.188.71.214 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 214.71.188.35.bc.googleusercontent.com
d.pub.network
1    143.204.101.37 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-37.fra50.r.cloudfront.net
freestar-io.videoplayerhub.com
3    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
1    34.195.95.173 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-195-95-173.compute-1.amazonaws.com
core.connatix.com
1    2600:9000:21f3:5000:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
vendorlist.consensu.org
2    143.204.101.23 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-23.fra50.r.cloudfront.net
audit.quantcast.mgr.consensu.org
10    172.217.23.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s45-in-f2.1e100.net
securepubads.g.doubleclick.net
1    143.204.101.105 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-105.fra50.r.cloudfront.net
api.quantcast.mgr.consensu.org
4    52.85.185.67 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-185-67.fra2.r.cloudfront.net
c.amazon-adsystem.com
2    151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
confiant-integrations.global.ssl.fastly.net
2    13.225.78.7 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-7.fra2.r.cloudfront.net
ad-delivery.net
2    34.236.119.98 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-236-119-98.compute-1.amazonaws.com
rtb.connatix.com
1    3.222.65.212 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-222-65-212.compute-1.amazonaws.com
trk.connatix.com
9    34.95.120.147 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com
connatix-d.openx.net
freestar-d.openx.net
eu-u.openx.net
1    34.206.108.72 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-206-108-72.compute-1.amazonaws.com
cluster-na.cdnjquery.com
2    2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
graph.facebook.com
2    151.101.113.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
www.reddit.com
3    35.226.36.58 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 58.36.226.35.bc.googleusercontent.com
c.pub.network
2    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
7    69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
4    37.252.173.62 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
2    3.221.180.180 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-221-180-180.compute-1.amazonaws.com
display.bfmio.com
4    104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dmx.districtm.io
cdn.districtm.io
1    18.194.151.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-194-151-167.eu-central-1.compute.amazonaws.com
tlx.3lift.com
4    2606:4700:10::6814:8528 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
i.connectad.io
cdn.connectad.io
4    52.72.165.42 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-72-165-42.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
13    54.194.10.250 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-10-250.eu-west-1.compute.amazonaws.com
g2.gumgum.com
17    35.156.77.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
hbopenbid.pubmatic.com
2    2a02:fa8:8806:13::1460 (Sweden)

ASN41041 (VCLK-EU-, SE)
web.hb.ad.cpe.dotomi.com
16    2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
1    91.228.74.217 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
secure.quantserve.com
2    2.18.235.93 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
hbx.media.net
3    2.19.43.224 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-43-224.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    2.18.234.163 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com
s.ntv.io
1    2600:9000:200d:ea00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
1    54.80.117.178 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-80-117-178.compute-1.amazonaws.com
jadserve.postrelease.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
27    2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
6    216.58.205.230 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f230.1e100.net
ad.doubleclick.net
3    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
4    2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    143.204.101.13 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-13.fra50.r.cloudfront.net
ib.3lift.com
2    52.57.118.141 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-118-141.eu-central-1.compute.amazonaws.com
eb2.3lift.com
1    104.109.78.125 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    52.20.101.210 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-20-101-210.compute-1.amazonaws.com
sync.bfmio.com
2    2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
biddr.brealtime.com
Apex Domain
Subdomains		 Transfer
32 bleepstatic.com
www.bleepstatic.com
232 KB
27 ampproject.org
cdn.ampproject.org
681 KB
23 doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net Failed
ad.doubleclick.net
111 KB
20 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
252 KB
17 sharethrough.com
btlr.sharethrough.com
3 KB
14 connatix.com
cdn.connatix.com
cdns.connatix.com
ck.connatix.com
core.connatix.com
rtb.connatix.com
i.connatix.com
trk.connatix.com
581 KB
13 gumgum.com
g2.gumgum.com
7 KB
10 pub.network
a.pub.network
d.pub.network
c.pub.network
234 KB
9 openx.net
connatix-d.openx.net
freestar-d.openx.net
eu-u.openx.net
2 KB
8 adnxs.com
ib.adnxs.com
acdn.adnxs.com
5 KB
8 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
17 KB
8 google.com
www.google.com
cse.google.com
adservice.google.com
2 KB
7 consensu.org
quantcast.mgr.consensu.org
static.quantcast.mgr.consensu.org
vendorlist.consensu.org
audit.quantcast.mgr.consensu.org
api.quantcast.mgr.consensu.org
118 KB
6 gstatic.com
fonts.gstatic.com
65 KB
5 facebook.com
graph.facebook.com
www.facebook.com
1 KB
4 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
55 KB
4 mantisadnetwork.com
mantodea.mantisadnetwork.com
634 B
4 connectad.io
i.connectad.io
cdn.connectad.io
1000 B
4 3lift.com
tlx.3lift.com
ib.3lift.com
eb2.3lift.com
2 KB
4 districtm.io
dmx.districtm.io
cdn.districtm.io
486 B
4 bfmio.com
display.bfmio.com
sync.bfmio.com
1 KB
4 amazon-adsystem.com
c.amazon-adsystem.com
26 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 googletagservices.com
www.googletagservices.com
72 KB
3 addthis.com
s9.addthis.com
s7.addthis.com
189 KB
2 facebook.net
connect.facebook.net
88 KB
2 media.net
hbx.media.net
7 KB
2 dotomi.com
web.hb.ad.cpe.dotomi.com
1 KB
2 casalemedia.com
as-sec.casalemedia.com
2 KB
2 reddit.com
www.reddit.com
625 B
2 ad-delivery.net
ad-delivery.net
1 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net
43 KB
2 google-analytics.com
www.google-analytics.com
18 KB
2 googleapis.com
fonts.googleapis.com
2 KB
1 brealtime.com
biddr.brealtime.com
1 postrelease.com
jadserve.postrelease.com
526 B
1 quantcount.com
rules.quantcount.com
1 KB
1 ntv.io
s.ntv.io
89 KB
1 quantserve.com
secure.quantserve.com
6 KB
1 emxdgt.com
hb.emxdgt.com
316 B
1 cdnjquery.com
cluster-na.cdnjquery.com
357 B
1 addthisedge.com
v1.addthisedge.com
923 B
1 videoplayerhub.com
freestar-io.videoplayerhub.com
22 KB
1 google.de
adservice.google.de
171 B
1 analysis.fi
ecdn.analysis.fi
1 KB
1 googletagmanager.com
www.googletagmanager.com
28 KB
1 bleepingcomputer.com
www.bleepingcomputer.com
15 KB
263 47
Domain Requested by
32 www.bleepstatic.com www.bleepingcomputer.com
cdn.connatix.com
www.google-analytics.com
pagead2.googlesyndication.com
27 cdn.ampproject.org securepubads.g.doubleclick.net
17 btlr.sharethrough.com a.pub.network
16 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.bleepingcomputer.com
13 g2.gumgum.com a.pub.network
10 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.bleepingcomputer.com
7 fastlane.rubiconproject.com a.pub.network
7 i.connatix.com www.bleepingcomputer.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.bleepingcomputer.com
6 ad.doubleclick.net 3 redirects www.bleepingcomputer.com
6 fonts.gstatic.com www.bleepingcomputer.com
6 www.google.com 5 redirects www.bleepingcomputer.com
5 d.pub.network a.pub.network
4 eu-u.openx.net 2 redirects a.pub.network
4 acdn.adnxs.com a.pub.network
4 mantodea.mantisadnetwork.com a.pub.network
4 ib.adnxs.com a.pub.network
4 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
4 pagead2.googlesyndication.com www.bleepingcomputer.com
pagead2.googlesyndication.com
3 www.facebook.com connect.facebook.net
3 sb.scorecardresearch.com 1 redirects a.pub.network
3 c.pub.network a.pub.network
3 connatix-d.openx.net cdns.connatix.com
3 www.googletagservices.com a.pub.network
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 cdn.districtm.io a.pub.network
2 ads.pubmatic.com a.pub.network
2 sync.bfmio.com a.pub.network
2 cdn.connectad.io a.pub.network
2 eb2.3lift.com 1 redirects a.pub.network
2 connect.facebook.net a.pub.network
connect.facebook.net
2 hbx.media.net a.pub.network
hbx.media.net
2 web.hb.ad.cpe.dotomi.com a.pub.network
2 hbopenbid.pubmatic.com a.pub.network
2 i.connectad.io a.pub.network
2 dmx.districtm.io a.pub.network
2 display.bfmio.com a.pub.network
2 freestar-d.openx.net a.pub.network
2 as-sec.casalemedia.com a.pub.network
2 www.reddit.com s9.addthis.com
2 graph.facebook.com s9.addthis.com
2 rtb.connatix.com cdns.connatix.com
2 ad-delivery.net freestar-io.videoplayerhub.com
www.bleepingcomputer.com
2 s7.addthis.com s9.addthis.com
2 confiant-integrations.global.ssl.fastly.net a.pub.network
confiant-integrations.global.ssl.fastly.net
2 audit.quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org
2 static.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
2 www.google-analytics.com www.googletagmanager.com
www.bleepingcomputer.com
2 a.pub.network www.bleepingcomputer.com
a.pub.network
2 fonts.googleapis.com www.bleepingcomputer.com
securepubads.g.doubleclick.net
1 biddr.brealtime.com a.pub.network
1 eus.rubiconproject.com a.pub.network
1 ib.3lift.com 1 redirects
1 jadserve.postrelease.com s.ntv.io
1 rules.quantcount.com secure.quantserve.com
1 s.ntv.io a.pub.network
1 secure.quantserve.com a.pub.network
1 tlx.3lift.com a.pub.network
1 hb.emxdgt.com a.pub.network
1 cluster-na.cdnjquery.com freestar-io.videoplayerhub.com
1 trk.connatix.com www.bleepingcomputer.com
1 api.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 v1.addthisedge.com s9.addthis.com
1 vendorlist.consensu.org quantcast.mgr.consensu.org
1 core.connatix.com cdns.connatix.com
1 freestar-io.videoplayerhub.com a.pub.network
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 ck.connatix.com cdns.connatix.com
1 s9.addthis.com www.bleepingcomputer.com
1 quantcast.mgr.consensu.org www.bleepstatic.com
1 cdns.connatix.com cdn.connatix.com
1 ecdn.analysis.fi www.bleepingcomputer.com
1 cse.google.com www.bleepingcomputer.com
1 www.googletagmanager.com www.bleepingcomputer.com
1 cdn.connatix.com www.bleepingcomputer.com
1 www.bleepingcomputer.com
0 cm.g.doubleclick.net Failed www.bleepingcomputer.com
263 77
Subject Issuer Validity Valid
bleepingcomputer.com
COMODO RSA Domain Validation Secure Server CA		 2018-05-12 -
2020-05-17		 2 years crt.sh
*.googleapis.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
ssl391376.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-09-01 -
2020-03-09		 6 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2018-08-20 -
2019-10-19		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-10-03 -
2019-12-26		 3 months crt.sh
ssl376957.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-07-09 -
2020-01-15		 6 months crt.sh
*.analysis.fi
Sectigo RSA Domain Validation Secure Server CA		 2019-06-13 -
2020-06-12		 a year crt.sh
quantcast.mgr.consensu.org
Amazon		 2019-05-06 -
2020-06-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2019-10-10 -
2020-09-04		 a year crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2019-02-09 -
2020-05-16		 a year crt.sh
*.videoplayerhub.com
Amazon		 2019-07-18 -
2020-08-18		 a year crt.sh
vendorlist.consensu.org
Amazon		 2019-03-06 -
2020-04-06		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2018-12-18 -
2019-11-21		 a year crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-01-02 -
2020-01-03		 a year crt.sh
ad-delivery.net
Amazon		 2019-03-07 -
2020-04-07		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
*.assetbucket.net
Amazon		 2019-09-11 -
2020-10-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-09-22 -
2019-12-20		 3 months crt.sh
*.reddit.com
DigiCert SHA2 Secure Server CA		 2018-08-17 -
2020-09-02		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2019-07-17 -
2020-07-17		 a year crt.sh
*.bfmio.com
Amazon		 2019-06-19 -
2020-07-19		 a year crt.sh
districtm.io
CloudFlare Inc ECC CA-2		 2019-03-26 -
2020-03-26		 a year crt.sh
*.3lift.com
Amazon		 2019-07-17 -
2020-08-17		 a year crt.sh
connectad.io
CloudFlare Inc ECC CA-2		 2019-07-18 -
2020-07-17		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2019-04-21 -
2020-05-21		 a year crt.sh
*.gumgum.com
Amazon		 2019-07-31 -
2020-08-31		 a year crt.sh
*.sharethrough.com
Go Daddy Secure Certificate Authority - G2		 2018-09-18 -
2019-11-17		 a year crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
ad.cpe.dotomi.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-05-25 -
2020-05-25		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-10-07		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2018-12-30 -
2020-03-30		 a year crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2018-06-12 -
2019-12-11		 a year crt.sh
*.postrelease.com
Amazon		 2019-03-27 -
2020-04-27		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-10-03 -
2019-12-26		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2019-04-23 -
2020-02-19		 10 months crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2017-03-22 -
2020-03-22		 3 years crt.sh

This page contains 32 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Frame ID: BB15AB0CB9578757850F78A8354F384B
Requests: 176 HTTP requests in this frame

Frame: https://cdns.connatix.com/p/1750/min/connatix.renderer.infeed.min_dc.js
Frame ID: 8892B8F760DC68A2C21DE4461FE00C83
Requests: 8 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v25/cmp-3pc-check.html
Frame ID: D0810804B3828238322A6EC390C4C332
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191014/r20190131/zrt_lookup.html
Frame ID: CDB3EB414EE4B7CAF10AD4FBF92BCADE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1560527290&rafmt=9&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1571248062031&bpp=8&bdt=226&fdt=165&idt=165&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&correlator=5680901217387&frm=20&pv=2&ga_vid=1515779948.1571248062&ga_sid=1571248062&ga_hid=1487263312&ga_fc=0&iag=0&icsg=142936514240512&dssz=44&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=4636&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2366062482257964&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tB0lvQDPzS&p=https%3A//www.bleepingcomputer.com&dtd=184
Frame ID: 2A8A377BCACF474D8BA72C831F4AC131
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1560527290&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1571248062146&bpp=4&bdt=341&fdt=85&idt=85&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=5680901217387&frm=20&pv=1&ga_vid=1515779948.1571248062&ga_sid=1571248062&ga_hid=1487263312&ga_fc=0&iag=0&icsg=142936514240512&dssz=45&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2366062482257964&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=89
Frame ID: 3F4287D5D083BDBC797901F7F51287E3
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C10000&https=1&gdpr=1&gdprconsent=2
Frame ID: 169424EEB2CC4CA230232EF4F3C4DBC6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Frame ID: 7E0BB58A8068ECA8F99DB597A3CAFB85
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Frame ID: 4E70126C1D0531F2637E98F5FF87C544
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Frame ID: AB537BD6D5946E8CC33BF461E607ED10
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8eMtuqh3ZwdYJCjFfS4PJh1hymPOu2vvsPgP1zj1qxjjEFyXIpo3mLf7RKzVkf1Oy0aSqC7XlRWDnOQQNtwH9QbOaR4d8jndZS1GLn0Fzgf2uja5I65JWhwLNpU7Yv2Qd8rdrRIQrkagJlMSaiwR7OknDAwApiuvnc0lV044vbTGSGAe87lU0HdLqRxdRjgE226iho72xjnP8SonBP4Fl7_HIA3PSymeoqRA5n_-wlXVdFZjF2AF3gyoV6xBQ-T7MVGURr6feewQpMKmZqNnj9SCWufJYgrPq&sai=AMfl-YSLYCAUPseAS8DSYd1GDVR2Wxrx3kIvYHEJDk0UmgWgveXt846F7Xr7rl-qbmit-UTUI6fyAuFihuyrvXlxjNrhPclQpTOXPd2ypzVH0A&sig=Cg0ArKJSzCm0hSVu4FUdEAE&urlfix=1&adurl=
Frame ID: 82E333165F840C23C45AC1262DCDB217
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Frame ID: 1CB16C2977A8771F336293840984EFEF
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/031910071804120/amp4ads-v0.js
Frame ID: AF1A023F3A5894B9FC26C26ADE09236F
Requests: 14 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1571248063952&secure=true&version=9&mobile=false&uuid=ecb8676d-005d-4254-b407-8a8b847e305f&title=Exposed%20Docker%20APIs%20Abused%20by%20DDoS%2C%20Cryptojacking%20Botnet%20Malware&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F
Frame ID: 44CDF30B0F98EB22761320EA9FCD29A1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 61DB6114885EF81C29FE143D9DCEA6B7
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1571248064566&secure=true&version=9&mobile=false&uuid=ecb8676d-005d-4254-b407-8a8b847e305f&title=Exposed%20Docker%20APIs%20Abused%20by%20DDoS%2C%20Cryptojacking%20Botnet%20Malware&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F
Frame ID: EA03EC9AD58EDCAD6F84F4BAEC65DC91
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 180589BFF293292E36C75BDF2881946E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 2AC24D1CCC25F2D29C93D0DF881B7FE0
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Frame ID: 3BE1741BBC06551A5C4FAB83B5EE78E5
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Frame ID: DC5B3ADEC452323725CE366A9568DF54
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 41E8E36F15B06CBBDCB27247996A6F53
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 1AEE91E6A8AA1E60458B04E0D18043AF
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Freestar+-+Header+Bidding+-+Display&gdpr=0&gc=&gce=1&cb=1571248063986
Frame ID: 7516A9B9FF73BECFE7989D6E083D6917
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D07286250AA0B4D83DCF91FD2FFEE55B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 4467014279E0531A8FCA7549228451A0
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Freestar+-+Header+Bidding+-+Display&gdpr=0&gc=&gce=1&cb=1571248064077
Frame ID: F5B8C9A9413204FE5508181681422CFE
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 1BDE89271952C1EEB5B3DC112892B690
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 643B977E50257C1C4CB99C386BB90D28
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: D0007DE290747CCF9D7E7797D98E5954
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 26DA867F706A302A6E81D44AB846E52B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 001E12C697FD84606ED0619EB0DD5E2E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 71C2993CCBE00AB7ECAF90BE8EADF734
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

263
Requests

100 %
HTTPS

35 %
IPv6

47
Domains

77
Subdomains

66
IPs

7
Countries

2982 kB
Transfer

8528 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 302
  • https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
Request Chain 89
  • https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&cb=ce931a0447740b1490e21571248062487&vwd=834&vht=469&gdpr=1&gdpr_consent=0 HTTP 302
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&cb=ce931a0447740b1490e21571248062487&vwd=834&vht=469&gdpr=1&gdpr_consent=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 175
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1571248063808&ns_c=UTF-8&cv=3.1&c8=Exposed%20Docker%20APIs%20Abused%20by%20DDoS%2C%20Cryptojacking%20Botnet%20Malware&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1571248063808&ns_c=UTF-8&cv=3.1&c8=Exposed%20Docker%20APIs%20Abused%20by%20DDoS%2C%20Cryptojacking%20Botnet%20Malware&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&c9=
Request Chain 189
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=3435460993;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_pre=CJiv5ZWroeUCFQ72dwod0vwBlA;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=3435460993;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 224
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=1896008293;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_pre=CMKP6JWroeUCFYrydwodHFwJog;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=1896008293;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 230
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 231
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 232
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 246
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=4107445298;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_pre=CJy6jparoeUCFUOYdwod_ZUNtg;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=4107445298;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 249
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 256
  • https://ib.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 258
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Request Chain 259
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1

263 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/ 		68 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
83bad666770b2b946abaa63c9ab1f4bc800b9aa7675f7ae8b4f8a8ad782e56ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.bleepingcomputer.com
:scheme
https
:path
/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
date
Wed, 16 Oct 2019 17:47:41 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d67f7351be6fdd5c020c6ff2a06f70d431571248061; expires=Thu, 15-Oct-20 17:47:41 GMT; path=/; domain=.bleepingcomputer.com; HttpOnly; Secure session_id=01f207e4a2d87561e4c72fa214fa9c23; path=/; domain=.bleepingcomputer.com; httponly;Secure lav=6178; expires=Fri, 15-Nov-2019 17:47:41 GMT; Max-Age=2592000; path=/;Secure
content-security-policy
upgrade-insecure-requests;
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
last-modified
Fri, 14 Jun 2019 15:48:10 GMT
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
526bdbfeae58dfbb-FRA
content-encoding
br
css
fonts.googleapis.com/ 		14 KB
908 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d229886fc63edf6b95865ad6a9e90b589ca7585d2203bc61b69f73f61f746830
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 16 Oct 2019 17:47:41 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 16 Oct 2019 17:47:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 16 Oct 2019 17:47:41 GMT
bootstrap.css
www.bleepstatic.com/css/redesign/ 		111 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/bootstrap.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
content-encoding
br
cf-cache-status
HIT
age
1645177
cf-polished
origSize=137522
status
200
last-modified
Fri, 23 Sep 2016 14:33:06 GMT
server
cloudflare
etag
W/"2184297232"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Fri, 01 Nov 2019 16:48:04 GMT
cache-control
max-age=3024000
cf-ray
526bdc025eddcb9c-VIE
cf-bgj
minify
main.css
www.bleepstatic.com/css/redesign/ 		51 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
content-encoding
br
cf-cache-status
HIT
age
1575554
cf-polished
origSize=60842
status
200
last-modified
Thu, 16 Aug 2018 15:28:40 GMT
server
cloudflare
etag
W/"4249134023"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Sat, 02 Nov 2019 12:08:26 GMT
cache-control
max-age=3024000
cf-ray
526bdc025ee0cb9c-VIE
cf-bgj
minify
home.css
www.bleepstatic.com/css/redesign/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/home.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
content-encoding
br
cf-cache-status
HIT
age
1645177
cf-polished
origSize=14998
status
200
last-modified
Sat, 24 Mar 2018 16:18:00 GMT
server
cloudflare
etag
W/"2402535603"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Fri, 01 Nov 2019 16:48:04 GMT
cache-control
max-age=3024000
cf-ray
526bdc025ee1cb9c-VIE
cf-bgj
minify
news.css
www.bleepstatic.com/css/redesign/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/news.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c237e0ee4bb4f57215b8ea2c46b4c70b62bfdc6753cc019971ded30e06c96246

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
content-encoding
br
cf-cache-status
HIT
age
1645120
cf-polished
origSize=32759
status
200
last-modified
Fri, 09 Aug 2019 18:26:37 GMT
server
cloudflare
etag
W/"3737855504"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Fri, 01 Nov 2019 16:49:00 GMT
cache-control
max-age=3024000
cf-ray
526bdc025ee2cb9c-VIE
cf-bgj
minify
jquery-1.11.1.min.js
www.bleepstatic.com/js/redesign/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-1.11.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2015 12:36:44 GMT
server
cloudflare
age
1645177
status
200
etag
W/"3647451394"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
526bdc025ee3cb9c-VIE
expires
Fri, 01 Nov 2019 16:48:04 GMT
news.js
www.bleepstatic.com/js/redesign/ 		183 B
223 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/news.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
content-encoding
br
cf-cache-status
HIT
age
1645120
cf-polished
origSize=247
status
200
last-modified
Wed, 16 Dec 2015 15:41:46 GMT
server
cloudflare
etag
W/"4218930423"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
expires
Fri, 01 Nov 2019 16:49:00 GMT
cache-control
max-age=3024000
cf-ray
526bdc025ee4cb9c-VIE
cf-bgj
minify
connatix.renderer.infeed.min.js
cdn.connatix.com/min/ 		957 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Varnish /
Resource Hash
92cdce569cd5f92954f01d533ef8b698827b22e90bc75923011f4cb1813e2a82

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
via
1.1 varnish
server
Varnish
age
0
x-served-by
cache-fra19126-FRA
x-cache
HIT
content-type
application/javascript
status
200
x-referer-host
bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
x-timer
S1571248062.832439,VS0,VE0
content-length
957
retry-after
0
x-cache-hits
0
qc-consent.js
www.bleepstatic.com/js/qc-consent/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
content-encoding
br
cf-cache-status
HIT
age
1738974
cf-polished
origSize=3848
status
200
last-modified
Thu, 07 Feb 2019 13:49:44 GMT
server
cloudflare
etag
W/"3981350888"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
expires
Thu, 31 Oct 2019 14:44:47 GMT
cache-control
max-age=3024000
cf-ray
526bdc028f95cb9c-VIE
cf-bgj
minify
js
www.googletagmanager.com/gtag/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
327e85db077019cf3763323074077f8e9085d024f865379115224094834e6071
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
content-encoding
br
last-modified
Wed, 16 Oct 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28462
x-xss-protection
0
expires
Wed, 16 Oct 2019 17:47:41 GMT
logo.png
www.bleepstatic.com/images/site/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/logo.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
cf-cache-status
HIT
age
509993
cf-polished
origFmt=png, origSize=1882
status
200
content-disposition
inline; filename="logo.webp"
content-length
1152
last-modified
Sat, 04 Mar 2017 04:12:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 09 Nov 2019 20:07:48 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
526bdc02a812cb9c-VIE
cf-bgj
imgq:85
brand
cse.google.com/coop/cse/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
pfe /
Resource Hash
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
pfe
age
1112
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1181
x-xss-protection
0
expires
Wed, 16 Oct 2019 17:59:09 GMT

Redirect headers

date
Wed, 16 Oct 2019 17:47:41 GMT
x-content-type-options
nosniff
server
sffe
status
302
content-type
text/html; charset=UTF-8
location
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
266
x-xss-protection
0
pubfig.min.js
a.pub.network/bleepingcomputer-com/ 		430 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:bf72 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfa3507c6a168b5b4317084c353f83cda256ab1d6674be4765e207ffc21efcba

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
content-encoding
br
cf-cache-status
HIT
age
40
x-guploader-uploadid
AEnB2UrCW86zdKNyAXPSbxiJfWuB8kwUaZWLz2V26WRiB65JTDuqHJVKAC9qoDwmXzSuTskM9S17DQcTDIsLEXEd_WP7CyqGUw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Fri, 11 Oct 2019 22:01:45 GMT
server
cloudflare
etag
W/"7c2440a408eec0b65f4bb9648a9929db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=ZewTmg==, md5=fCRApAjuwLZfS7lkipkp2w==
x-goog-generation
1570831305384839
cache-control
public, max-age=1800
x-goog-stored-content-length
439949
cf-ray
526bdc03099d59ac-VIE
expires
Wed, 16 Oct 2019 18:17:41 GMT
fab.js
ecdn.analysis.fi/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.71.236.117 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-212-71-236-117.london.nodebalancer.linode.com
Software
nginx/1.12.2 /
Resource Hash
6c8d16fd525d689560442806ff2b2e6909949950453cb8215aa30ab3da66845f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 17:51:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Jul 2015 00:00:00 GMT
Server
nginx/1.12.2
ETag
"55a5a280-3ab"
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
close
Content-Length
939
Expires
Wed, 16 Oct 2019 18:51:32 GMT
login_bg.png
www.bleepstatic.com/images/site/ 		126 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login_bg.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
cf-cache-status
HIT
age
1645176
cf-polished
origFmt=png, origSize=187
status
200
content-disposition
inline; filename="login_bg.webp"
content-length
126
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 27 Oct 2019 16:48:04 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
526bdc02c859cb9c-VIE
cf-bgj
imgq:85
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 15:58:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
438561
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11016
x-xss-protection
0
expires
Sat, 10 Oct 2020 15:58:20 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 14:50:26 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
442635
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11020
x-xss-protection
0
expires
Sat, 10 Oct 2020 14:50:26 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
nav_bg.png
www.bleepstatic.com/images/site/ 		72 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/nav_bg.png
Requested by
Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
cf-cache-status
HIT
age
1534821
cf-polished
origFmt=png, origSize=83
status
200
content-disposition
inline; filename="nav_bg.webp"
content-length
72
last-modified
Sat, 04 Mar 2017 07:57:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 28 Oct 2019 23:27:19 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
526bdc02d8b4cb9c-VIE
cf-bgj
imgq:85
connatix.renderer.infeed.min_dc.js
cdns.connatix.com/p/1750/min/ Frame 8892 		717 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdns.connatix.com/p/1750/min/connatix.renderer.infeed.min_dc.js
Requested by
Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
29c16587b0ccdf084143e97a222591f7ae53dcc643a998800f2d5fda68e28c25

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
content-encoding
gzip
age
15814
x-cache
HIT, HIT
status
200
content-length
190282
x-served-by
cache-dca17747-DCA, cache-fra19126-FRA
access-control-allow-origin
*
last-modified
Wed, 16 Oct 2019 13:23:16 GMT
x-timer
S1571248062.894040,VS0,VE0
etag
"a71993b0cd7eaafafc32c01f158c1a60"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 942
20x20-printer.png
www.bleepstatic.com/images/site/ 		422 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
cf-cache-status
HIT
age
1645119
cf-polished
origFmt=png, origSize=824
status
200
content-disposition
inline; filename="20x20-printer.webp"
content-length
422
last-modified
Sat, 03 Oct 2015 03:18:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 27 Oct 2019 16:49:02 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
526bdc02e8decb9c-VIE
cf-bgj
imgq:85
calendar.png
www.bleepstatic.com/images/site/ 		86 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/calendar.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
cf-cache-status
HIT
age
507146
cf-polished
origFmt=png, origSize=129
status
200
content-disposition
inline; filename="calendar.webp"
content-length
86
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 09 Nov 2019 20:55:14 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
526bdc02e8e2cb9c-VIE
cf-bgj
imgq:85
clock.png
www.bleepstatic.com/images/site/ 		252 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/clock.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
cf-cache-status
HIT
age
1645176
cf-polished
origFmt=png, origSize=1316
status
200
content-disposition
inline; filename="clock.webp"
content-length
252
last-modified
Fri, 29 May 2015 07:08:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 27 Oct 2019 16:48:05 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
526bdc02e8e5cb9c-VIE
cf-bgj
imgq:85
comment-light.png
www.bleepstatic.com/images/site/ 		96 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/comment-light.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
cf-cache-status
HIT
age
1645119
cf-polished
origFmt=png, origSize=1034
status
200
content-disposition
inline; filename="comment-light.webp"
content-length
96
last-modified
Fri, 29 May 2015 07:08:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 27 Oct 2019 16:49:02 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
526bdc02e8e7cb9c-VIE
cf-bgj
imgq:85
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 12:53:28 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
622453
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11180
x-xss-protection
0
expires
Thu, 08 Oct 2020 12:53:28 GMT
cmp.js
quantcast.mgr.consensu.org/ 		177 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:e000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c26fd569cbff7c7b33fe25517c92338cf7fee0beacb4fb93a55885eb506f01d5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:33:45 GMT
content-encoding
gzip
last-modified
Wed, 28 Aug 2019 16:50:55 GMT
server
AmazonS3
age
962
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Yr6lI-Rf7LDD6L9F7-48hwWbIb5XPRWWWH8gKfrkjlrdVc_Y7sQgWw==
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
785
date
Wed, 16 Oct 2019 17:34:36 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Wed, 16 Oct 2019 19:34:36 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		103 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0742fa81292e959a7a1e80cdf4bd2f6f8864e032d8178cbb13d2038636a5383e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
36791
x-xss-protection
0
server
cafe
etag
6948917632285590280
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Oct 2019 17:47:41 GMT
twitter.png
www.bleepstatic.com/images/site/login/ 		282 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login/twitter.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
cf-cache-status
HIT
age
1645177
cf-polished
origFmt=png, origSize=475
status
200
content-disposition
inline; filename="twitter.webp"
content-length
282
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 27 Oct 2019 16:48:04 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
526bdc03097dcb9c-VIE
cf-bgj
imgq:85
bootstrap.js
www.bleepstatic.com/js/redesign/ 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
content-encoding
br
cf-cache-status
HIT
age
1821462
cf-polished
origSize=65813
status
200
last-modified
Thu, 23 Apr 2015 12:36:43 GMT
server
cloudflare
etag
W/"3930092018"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
expires
Wed, 30 Oct 2019 15:49:59 GMT
cache-control
max-age=3024000
cf-ray
526bdc030981cb9c-VIE
cf-bgj
minify
blazy.min.js
www.bleepstatic.com/js/blazy/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Aug 2018 21:06:19 GMT
server
cloudflare
age
1645177
status
200
etag
W/"753357888"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
526bdc03097bcb9c-VIE
expires
Fri, 01 Nov 2019 16:48:04 GMT
bleep.js
www.bleepstatic.com/js/redesign/ 		3 KB
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bleep.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
content-encoding
br
cf-cache-status
HIT
age
1821461
cf-polished
origSize=3600
status
200
last-modified
Mon, 01 Oct 2018 12:47:57 GMT
server
cloudflare
etag
W/"2696894447"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
expires
Wed, 30 Oct 2019 15:49:59 GMT
cache-control
max-age=3024000
cf-ray
526bdc031998cb9c-VIE
cf-bgj
minify
jquery.fancybox.js
www.bleepstatic.com/js/redesign/fancybox/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
content-encoding
br
cf-cache-status
HIT
age
2112920
cf-polished
origSize=48706
status
200
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"327140449"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
expires
Sun, 27 Oct 2019 06:52:21 GMT
cache-control
max-age=3024000
cf-ray
526bdc0319b5cb9c-VIE
cf-bgj
minify
fixto.min.js
www.bleepstatic.com/js/fixto/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 13 Jun 2015 21:34:42 GMT
server
cloudflare
age
2005765
status
200
etag
W/"1740214911"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
526bdc030995cb9c-VIE
expires
Mon, 28 Oct 2019 12:38:16 GMT
addthis_widget.js
s9.addthis.com/js/300/ 		349 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s9.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
a95ebbca9b2c9a1cbd25f9b5070862c532bf98170e12f9d53b0212e2569622c2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Thu, 10 Oct 2019 17:01:35 GMT
server
nginx/1.15.8
etag
"5d9f63ef-573ea"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
status
200
cache-control
public, max-age=600
date
Wed, 16 Oct 2019 17:47:41 GMT
x-host
s9.addthis.com
content-length
114882
32x32-printer.png
www.bleepstatic.com/images/site/ 		256 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
cf-cache-status
HIT
age
1200713
cf-polished
origFmt=png, origSize=618
status
200
content-disposition
inline; filename="32x32-printer.webp"
content-length
256
last-modified
Fri, 02 Oct 2015 21:57:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 01 Nov 2019 20:15:48 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
526bdc0329facb9c-VIE
cf-bgj
imgq:85
71f54ec34151fbdfe89e478d7b6e5ddf.jpg
www.bleepstatic.com/author/photos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/author/photos/71f54ec34151fbdfe89e478d7b6e5ddf.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a6bfabe65ca353e4359be32e10d40b8b514590b536dd93499bc1067e4bf6329

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
cf-cache-status
HIT
age
1534107
cf-polished
origSize=6170, status=webp_bigger
status
200
content-length
4965
last-modified
Wed, 02 Jan 2019 02:04:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 28 Oct 2019 23:39:14 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
526bdc033a23cb9c-VIE
cf-bgj
imgq:85
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 14:57:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
442228
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11056
x-xss-protection
0
expires
Sat, 10 Oct 2020 14:57:13 GMT
cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v25/ Frame D081 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v25/cmp-3pc-check.html
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
static.quantcast.mgr.consensu.org
:scheme
https
:path
/v25/cmp-3pc-check.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

status
200
content-type
text/html
content-length
583
last-modified
Wed, 28 Aug 2019 16:50:51 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
server
AmazonS3
date
Wed, 16 Oct 2019 17:37:59 GMT
etag
"2382c3f01978a379e8fa8bc1a3bec605"
x-cache
Hit from cloudfront
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
EmNUtcd4-HzWUY_ToJGgDiRr8SIueUE7RX9d6fsHM6Dkk7oJGeNu6w==
age
850
g
ck.connatix.com/ 		46 B
103 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.connatix.com/g?callback=cnxJSONP_410574e645d3d0e0d4981571248061957
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1750/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Varnish /
Resource Hash
dcc28ca60da9d588529a611b80efabff7d85ef8f69fa74e2cb8009e5ae846806

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
via
1.1 varnish
server
Varnish
age
0
x-served-by
cache-fra19126-FRA
x-cache
HIT
status
200
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
x-timer
S1571248062.969875,VS0,VE0
content-length
46
retry-after
0
x-cache-hits
0
h4-bg.png
www.bleepstatic.com/images/site/ 		38 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/h4-bg.png
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
cf-cache-status
HIT
age
1534821
cf-polished
origFmt=png, origSize=72
status
200
content-disposition
inline; filename="h4-bg.webp"
content-length
38
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 28 Oct 2019 23:27:20 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
526bdc035a74cb9c-VIE
cf-bgj
imgq:85
news_email_icon.png
www.bleepstatic.com/images/site/ 		126 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news_email_icon.png
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/home.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:41 GMT
cf-cache-status
HIT
age
1645176
cf-polished
origFmt=png, origSize=1105
status
200
content-disposition
inline; filename="news_email_icon.webp"
content-length
126
last-modified
Fri, 29 May 2015 07:10:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 27 Oct 2019 16:48:05 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
526bdc036a93cb9c-VIE
cf-bgj
imgq:85
collect
www.google-analytics.com/r/ 		35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1487263312&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ul=en-us&de=UTF-8&dt=Exposed%20Docker%20APIs%20Abused%20by%20DDoS%2C%20Cryptojacking%20Botnet%20Malware&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1348063320&gjid=140669185&cid=1515779948.1571248062&tid=UA-91740-1&_gid=713470112.1571248062&_r=1&gtm=2ouaa0&z=972909677
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
news_footer_icon.png
www.bleepstatic.com/images/site/ 		110 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news_footer_icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
cf-cache-status
HIT
age
509632
cf-polished
origFmt=png, origSize=186
status
200
content-disposition
inline; filename="news_footer_icon.webp"
content-length
110
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 09 Nov 2019 20:13:50 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
526bdc039b26cb9c-VIE
cf-bgj
imgq:85
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Oct 2019 17:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Oct 2019 17:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/ 		238 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
44ac654a5d74e0f55d383818e9fb4782ea064fdc7cac8e5a4bcb71a011cad952
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
89450
x-xss-protection
0
server
cafe
etag
1429027213900407418
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Oct 2019 17:47:42 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191014/r20190131/ Frame CDB3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20191014/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20191014/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 14 Oct 2019 14:21:56 GMT
expires
Mon, 28 Oct 2019 14:21:56 GMT
content-type
text/html; charset=UTF-8
etag
8648543205226238674
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
7402
x-xss-protection
0
cache-control
public, max-age=1209600
age
185146
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
cmpui-popup.js
static.quantcast.mgr.consensu.org/v25/ 		210 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v25/cmpui-popup.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
78c372f8aece809225131a8fe9f7b117cf1675c07bcaade16598740bac0ed36c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:38:20 GMT
content-encoding
gzip
last-modified
Wed, 28 Aug 2019 16:50:51 GMT
server
AmazonS3
age
1146
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
5Etze9iFa22SfyOO3iCrVNz60VAd3-IzJp79Zx1-Qf6PyPzDlHerPQ==
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cookie
d.pub.network/ 		36 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/cookie
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
0e80f31eb6c2da1b044007b6f3975400984053db02b9687126cd9babe3284ad0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 16 Oct 2019 17:47:42 GMT
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
gallery.js
freestar-io.videoplayerhub.com/ 		93 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freestar-io.videoplayerhub.com/gallery.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.37 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-37.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3009133fca80d9f314853b1ae500485985e1bc422d2ce6eb20e36305fd5c544c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
339RjMpegljHYkfDCwMhrBvBhbUiy_wA
Content-Encoding
gzip
Last-Modified
Fri, 04 Oct 2019 23:01:28 GMT
Server
AmazonS3
Age
29
Date
Wed, 16 Oct 2019 17:47:28 GMT
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
elsnJIgJ636nfsJ-BpLyO37gE81Ih_UCOeq5vARmLLwiqUlQ0KO2PA==
gpt.js
www.googletagservices.com/tag/js/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f7b71df270660f7958f60859209972586494aff37327672ef85951f29c151716
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"308 / 612 of 1000 / last-modified: 1571176937"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14544
x-xss-protection
0
expires
Wed, 16 Oct 2019 17:47:42 GMT
prebid-analytics-2.32.0.js
a.pub.network/core/ 		389 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-2.32.0.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:bf72 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c752c5c17da084b3de4bb748c2bb5856d487e818dd646dbf839925f7a74944d2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
content-encoding
br
cf-cache-status
MISS
x-guploader-uploadid
AEnB2UpaudFIa6deZKoYi3YD2tsKHutHVUmeYyJem3ZrltFJhB926gTpjy0AJXbMfufAfhirwSW0uYKYxHoJUjGHLk4uSgih_Q
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
content-type
text/html
last-modified
Mon, 30 Sep 2019 19:54:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=F0HIYA==, md5=2UHjadi2gOYq0U+2H/FztA==
x-goog-generation
1569873287635989
cache-control
public, max-age=31536000
x-goog-stored-content-length
398587
cf-ray
526bdc045a8859ac-VIE
expires
Thu, 15 Oct 2020 17:47:42 GMT
location
d.pub.network/ 		25 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/location
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
98f88d642acd9024773bf77b93f9546e3cd6fd8fa3d539d16f7b018e0cb513f2

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 16 Oct 2019 17:47:43 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
pls
core.connatix.com/ Frame 8892 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://core.connatix.com/pls?callback=jQuery32107354490877463458_1571248061955&token=83c6e833-8c07-474c-b10f-079d46320a80&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&c_v=1750_1_0_1_0&page_guid=9be05011160aee7c12ab1571248062126&spp=1&_=1571248061956
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1750/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.95.173 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-195-95-173.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
0cc5fd17331507451e51960383125343555269d927132ccb72d954c064aa4648

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 16 Oct 2019 17:47:42 GMT
content-encoding
gzip
server
nginx/1.15.9 (Ubuntu)
access-control-allow-origin
*
Docker.jpg
www.bleepstatic.com/content/hl-images/2019/06/14/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2019/06/14/Docker.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba34dc66a2967a9dad839e413ede700c2fdd4d0ecb8295f7e9453cafa2705991

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
cf-cache-status
MISS
last-modified
Fri, 14 Jun 2019 15:31:58 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
526bdc048ec4cb9c-VIE
content-length
41270
expires
Fri, 15 Nov 2019 17:47:41 GMT
292x176_sudo-header.jpg
www.bleepstatic.com/content/hl-images/2019/10/14/thumb/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2019/10/14/thumb/292x176_sudo-header.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
42a18ed45095cfff307cc5f41a9a68fbee62debfaffdf69382b33923d4f45bae

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
cf-cache-status
HIT
age
112944
cf-polished
qual=85, origFmt=jpeg, origSize=9381
status
200
content-disposition
inline; filename="292x176_sudo-header.webp"
content-length
8366
last-modified
Mon, 14 Oct 2019 22:42:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 14 Nov 2019 10:25:17 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
526bdc048ec9cb9c-VIE
cf-bgj
imgq:85
292x176_windows-security-2.jpg
www.bleepstatic.com/content/hl-images/2017/11/06/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2017/11/06/thumb/292x176_windows-security-2.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
be60598ed5b27ee3de4ce47d709b66b5f3f18c12461c57a770784d0da809f879

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
cf-cache-status
HIT
age
136007
cf-polished
qual=85, origFmt=jpeg, origSize=26994
status
200
content-disposition
inline; filename="292x176_windows-security-2.webp"
content-length
3776
last-modified
Mon, 06 Nov 2017 22:44:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 14 Nov 2019 04:00:55 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
526bdc048ececb9c-VIE
cf-bgj
imgq:85
vendorlist.json
vendorlist.consensu.org/ 		88 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.consensu.org/vendorlist.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:5000:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea10733ffb72cf46260738527ae359e08653da22f630df320ce477a003acb7c8

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
q7OrXM5caPg6muiNdwBRV1ZPCEDP3Dak
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
72770
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 10 Oct 2019 16:00:18 GMT
server
AmazonS3
date
Tue, 15 Oct 2019 21:34:53 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
sqPNDp423j5dHD1hZy1uwUYL16HWuExZxT6MKgFV25qd1ClRmihJeA==
/
audit.quantcast.mgr.consensu.org/ 		80 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit.quantcast.mgr.consensu.org/?log=;1571248062159;BleepingComputer.com;https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F;;;;;p,off,false,,1,en;CMP_Display:initializationdisplay,;Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36
Requested by
Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v25/cmpui-popup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.23 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-23.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 09:19:11 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
vary
Origin
age
30512
x-cache
Hit from cloudfront
status
200
content-length
80
last-modified
Mon, 11 Jun 2018 22:07:34 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
3GwQp1pwvaV28OIYqdURJ0JQ1r7-WjVv7lxyMSOmha3oAH8SFPwYqQ==
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/ 		2 KB
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/_ate.track.config_resp
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.8.v20180619) /
Resource Hash
5fe405e64b42b49a5813c2c7b8e48ccf290310c5eb351d2b15966856d1a2f06e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
content-encoding
gzip
surrogate-key
ra-561517d2c7f964d6
server
Jetty(9.4.8.v20180619)
cache-tag
ra-561517d2c7f964d6
etag
-1808207170--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
public, max-age=2, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
678
ads
googleads.g.doubleclick.net/pagead/ Frame 2A8A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1560527290&rafmt=9&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1571248062031&bpp=8&bdt=226&fdt=165&idt=165&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&correlator=5680901217387&frm=20&pv=2&ga_vid=1515779948.1571248062&ga_sid=1571248062&ga_hid=1487263312&ga_fc=0&iag=0&icsg=142936514240512&dssz=44&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=4636&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2366062482257964&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tB0lvQDPzS&p=https%3A//www.bleepingcomputer.com&dtd=184
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1560527290&rafmt=9&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1571248062031&bpp=8&bdt=226&fdt=165&idt=165&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&correlator=5680901217387&frm=20&pv=2&ga_vid=1515779948.1571248062&ga_sid=1571248062&ga_hid=1487263312&ga_fc=0&iag=0&icsg=142936514240512&dssz=44&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=4636&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2366062482257964&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tB0lvQDPzS&p=https%3A//www.bleepingcomputer.com&dtd=184
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 16 Oct 2019 17:47:42 GMT
server
cafe
content-length
18900
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 16-Oct-2019 18:02:42 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 16 Oct 2019 17:47:42 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f425f66d90f1150499b36ab47b56fa6fb1a68136e4f42befca20a920ff85306b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1571051767941600"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29055
x-xss-protection
0
expires
Wed, 16 Oct 2019 17:47:42 GMT
jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
content-encoding
br
cf-cache-status
HIT
age
1645116
cf-polished
origSize=4895
status
200
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"9108074"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Fri, 01 Nov 2019 16:49:06 GMT
cache-control
max-age=3024000
cf-ray
526bdc04f883cb9c-VIE
cf-bgj
minify
font-awesome.css
www.bleepstatic.com/css/redesign/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/font-awesome.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
content-encoding
br
cf-cache-status
HIT
age
1645176
cf-polished
origSize=26776
status
200
last-modified
Tue, 03 May 2016 04:39:29 GMT
server
cloudflare
etag
W/"1700274315"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Fri, 01 Nov 2019 16:48:06 GMT
cache-control
max-age=3024000
cf-ray
526bdc04f885cb9c-VIE
cf-bgj
minify
ads
googleads.g.doubleclick.net/pagead/ Frame 3F42 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1560527290&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1571248062146&bpp=4&bdt=341&fdt=85&idt=85&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=5680901217387&frm=20&pv=1&ga_vid=1515779948.1571248062&ga_sid=1571248062&ga_hid=1487263312&ga_fc=0&iag=0&icsg=142936514240512&dssz=45&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2366062482257964&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=89
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1560527290&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1571248062146&bpp=4&bdt=341&fdt=85&idt=85&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=5680901217387&frm=20&pv=1&ga_vid=1515779948.1571248062&ga_sid=1571248062&ga_hid=1487263312&ga_fc=0&iag=0&icsg=142936514240512&dssz=45&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2366062482257964&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=89
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 16 Oct 2019 17:47:42 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 16-Oct-2019 18:02:42 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 16 Oct 2019 17:47:42 GMT
cache-control
private
pubads_impl_modern_2019100301.js
securepubads.g.doubleclick.net/gpt/ 		145 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019100301.js?21064579
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
df9504754d592b8d76e897236d749bbf896e26edae92c2f669fa46946624e3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 13:06:21 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
56672
x-xss-protection
0
expires
Wed, 16 Oct 2019 17:47:42 GMT
fontawesome-webfont.woff
www.bleepstatic.com/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepstatic.com/css/redesign/font-awesome.css
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2015 09:36:00 GMT
server
cloudflare
age
1934
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
accept-ranges
bytes
cf-ray
526bdc052b48cba4-VIE
access-control-allow-origin
*
content-length
65452
CookieAccess
api.quantcast.mgr.consensu.org/ 		30 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.quantcast.mgr.consensu.org/CookieAccess
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.105 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-105.fra50.r.cloudfront.net
Software
/
Resource Hash
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
2722c833-307d-4bda-a13a-0bc88302ff72
x-cache
Error from cloudfront
status
404
x-amz-apigw-id
BqqlyHE4oAMF-hA=
content-length
50
access-control-allow-origin
https://www.bleepingcomputer.com
x-amzn-trace-id
Root=1-5da757be-396235a441b0647467729ed7;Sampled=0
vary
Origin
access-control-allow-methods
GET, POST
content-type
application/json
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
x-amz-cf-id
lwkc7bc9OYcE8udaq0X2pdc88x2f7qRFcs7FxRpgPgpLJh65s5tEOA==
apstag.js
c.amazon-adsystem.com/aax2/ 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.185.67 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-185-67.fra2.r.cloudfront.net
Software
Server /
Resource Hash
b49f9652600af1ab2cc3c152c6f0b8fa6ad0dde122650e210ae205a9ad054ff9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 15:58:38 GMT
content-encoding
gzip
server
Server
age
6544
etag
5a4f9f32ac99ca23e5212674e506921d
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
rO8hRPSGJwl7QKMyUI822fnEDiNQaBuGro0wdBA--Ix1n9j6EArCKw==
via
1.1 bd785324d865b594e6f1838b58cb0dae.cloudfront.net (CloudFront)
config.js
confiant-integrations.global.ssl.fastly.net/dvS98IKwDukcG6gPDYBBcCk9sKY/gpt_and_prebid/ 		150 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/dvS98IKwDukcG6gPDYBBcCk9sKY/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
784d075043c085210848d7f65cd6004c09bb3af79d9f78d678354bd51931956d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 17:47:42 GMT
Content-Encoding
gzip
Age
3049
X-Cache
HIT
Connection
keep-alive
Content-Length
31832
x-amz-id-2
+vWw1eq+Ujqq2JL3rexIzgikiPvG8vtaxgXwIj8aEC7Pv7mEPtAI+6caLRTuMa7vE9FV4o4WhQE=
X-Served-By
cache-fra19125-FRA
Last-Modified
Wed, 16 Oct 2019 16:55:24 GMT
Server
AmazonS3
X-Timer
S1571248062.372554,VS0,VE0
ETag
"05a30ddb7abe66881ca719aa9a380e62"
x-amz-request-id
BF8D4DB2B9B71A71
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
48
v2
d.pub.network/floors/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/floors/v2?key=535desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
f85d644fd74ec5ff9286424ae2faf33670843ca6aa620fdb7f273253930b10e2

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 16 Oct 2019 17:47:42 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
layers.ab5cd98fe1b9a38a4a9f.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 18 Sep 2019 14:16:17 GMT
server
nginx/1.15.8
etag
W/"5d823c31-41b9f"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Wed, 16 Oct 2019 17:47:42 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77528
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.185.67 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-185-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 15 Oct 2019 18:46:20 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
82882
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Fri, 24 Aug 2018 07:13:51 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 42eda27a8f21acb511ddb91858ee5d5b.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2
x-amz-cf-id
oOtm101_ASlIJ5aKitE9eOt0m5_wFHwdiEzcaJb77mZIeve8xEBRMw==
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/201910111253/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid/201910111253/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/dvS98IKwDukcG6gPDYBBcCk9sKY/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92d1994cace793adb74ca4a9e69eb746448b20aac8fd7124b03fb95694761187

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 17:47:42 GMT
Content-Encoding
gzip
Age
414
X-Cache
HIT
Connection
keep-alive
Content-Length
10742
x-amz-id-2
qR1qwZzR6KzHcisdKrPT3L9ztMxr85oD8Zgqku6UhedwdtBaSXhRT9BKsx3NRNYoWMlj4LgETJY=
X-Served-By
cache-fra19127-FRA
Last-Modified
Mon, 14 Oct 2019 17:55:56 GMT
Server
AmazonS3
X-Timer
S1571248062.407739,VS0,VE0
ETag
"3c1cf1e98c0364f9ee211400c245f9b9"
x-amz-request-id
4FA54A64AFEF537E
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
869
beacon.js
ad-delivery.net/ 		1 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/beacon.js
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.7 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 31 Jan 2017 15:06:54 GMT
server
AmazonS3
age
1212
date
Wed, 16 Oct 2019 17:27:36 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
DAvAfXX9_FXAlaAFNHWWmEOaM10RUGWzLUPm9vVavn4xBf40PUQNqg==
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
truncated
/ 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
g
rtb.connatix.com/ 		124 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb.connatix.com/g?c_pw=834&c_ph=469&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&c_ivt=0&connatix_sess=I0fUGpRy22M-VA3dI5wRgH2tRyrfTEmh-t9JLUQltETvdqAAchZADKp9xEb29p_TMxAK_5hc24fwLfs_HFs8c0Tv5f4qKrBLq1K_0qpdCwUNiZkvc8ZkOkDpVW-064Mt8EhMRUfKCWrPRWuHBRekofaq_h5nfNiidSM0owIXuM2ZO8i48Nebpd1BrFYQNpdd&notServed=false&xplr=false&c_s=false&c_pl=TJHc88egZXgE2QBhN-IheMTyOQvsy79ufGsxio9cEzipyE5MtuOsLMa5ePSXdCdj9mV6C9EPCkBbCgB-qxbfBUZTe3tlVIzgvj8lUo4dGIk4qmVND7d0rhPzwJuZ_BXfaTFipEUFWVkN1RsqKR2Sa9rhQ_9cutTsOLvh0ZbHUaRsT1As5SDxEQc0xzKhMVfu4gNAXtZARpvlT12oqTmx-U2EAoMSwCMbT_7bkNIUazY&gdpr=1&med_id=639404&req_no=0&v=1&c_pt=1&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botn&c_v=1750_1_0_1_0&spp=1&callback=cnxJSONP_8fe755b54ee521b881e01571248062486
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1750/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.119.98 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-119-98.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
305cfbaaf123f0a2939bea78bae046dff5d50a70a0ac62dea428f5b332715259

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 16 Oct 2019 17:47:42 GMT
Content-Encoding
gzip
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
132
293.jpg
i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/293.jpg?mode=stretch&connatiximg=true&scale=both&height=469&width=834
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
b05f6cbb8d3363162f518f0bd210ce05ee8c391cc63432daa8868c65ffa0c59e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
via
1.1 varnish, 1.1 varnish
age
69807
x-served-by
cache-sjc3142-SJC, cache-fra19126-FRA
status
200
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1571248063.506021,VS0,VE1
content-length
23760
x-cache-hits
1, 1
1.jpg
i.connatix.com/s3/connatix-uploads/ed10dc81-fa74-4262-9253-4f91efa7e342/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/ed10dc81-fa74-4262-9253-4f91efa7e342/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
8439372d1e63bb041355ba1effa4c2182a002bedb958350e6dfdfee6bce75a2a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
via
1.1 varnish, 1.1 varnish
age
69807
x-served-by
cache-sjc3136-SJC, cache-fra19126-FRA
status
200
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1571248063.505836,VS0,VE1
content-length
28647
x-cache-hits
2, 1
1.jpg
i.connatix.com/s3/connatix-uploads/10ad73ff-f3b2-43b0-a2bf-5a714e12a561/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/10ad73ff-f3b2-43b0-a2bf-5a714e12a561/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
095d396ed8b668a9b4ac5b9168235819c90813cd90f61e467f4ddc8d815bca64

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
via
1.1 varnish, 1.1 varnish
age
69807
x-served-by
cache-sjc3128-SJC, cache-fra19126-FRA
status
200
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1571248063.505826,VS0,VE0
content-length
17148
x-cache-hits
3, 1
1.jpg
i.connatix.com/s3/connatix-uploads/a4ec61db-e70b-49cc-874d-6d3633018fcc/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/a4ec61db-e70b-49cc-874d-6d3633018fcc/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
1f3dd519fa0bab3747811d85ac2228e87a795979197972bace638dbac6147b9a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
via
1.1 varnish, 1.1 varnish
age
69807
x-served-by
cache-sjc3125-SJC, cache-fra19126-FRA
status
200
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1571248063.505993,VS0,VE1
content-length
62413
x-cache-hits
3, 1
1.jpg
i.connatix.com/s3/connatix-uploads/1088ca89-36c8-46b2-b795-56b9e502b80a/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/1088ca89-36c8-46b2-b795-56b9e502b80a/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
471bc90ad701d988862370f6323275e800c87a396bad5996846f3bfe9721d8fa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
via
1.1 varnish, 1.1 varnish
age
69807
x-served-by
cache-sjc3148-SJC, cache-fra19126-FRA
status
200
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1571248063.506006,VS0,VE1
content-length
98194
x-cache-hits
1, 1
1.jpg
i.connatix.com/s3/connatix-uploads/01a1a7af-6dad-4db2-8b0e-5fa261b87418/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/01a1a7af-6dad-4db2-8b0e-5fa261b87418/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
27a96c0b4304b92e0762c2d39fcc5070aee1080cdbf3b25410274a205c732d9c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
via
1.1 varnish, 1.1 varnish
age
69806
x-served-by
cache-sjc3147-SJC, cache-fra19126-FRA
status
200
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1571248063.506048,VS0,VE2
content-length
144319
x-cache-hits
1, 1
bleeping-computerlogo-lg.png
www.bleepstatic.com/logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/logos/bleeping-computerlogo-lg.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
cf-cache-status
HIT
age
1534818
cf-polished
origFmt=png, origSize=15281
status
200
content-disposition
inline; filename="bleeping-computerlogo-lg.webp"
content-length
7156
last-modified
Wed, 07 Jan 2015 22:52:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 28 Oct 2019 23:27:24 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
526bdc069e46cb9c-VIE
cf-bgj
imgq:85
0_th_1.jpg
i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/ Frame 8892 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/0_th_1.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
via
1.1 varnish, 1.1 varnish
age
10397098
x-served-by
cache-sjc3144-SJC, cache-fra19126-FRA
status
200
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1571248063.515740,VS0,VE0
content-length
23507
x-cache-hits
1, 1
bid
c.amazon-adsystem.com/e/dtb/ 		47 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&pid=6395127271941571248062386&cb=2863800780221571248062499&ws=1600x1200&v=7.37.01&t=1000&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_728x90_320x50_InContent_1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldCFRoute%22%3Atrue%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.185.67 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-185-67.fra2.r.cloudfront.net
Software
Server /
Resource Hash
cafcfaf45d75e424c789a0d65dfb9553c29d565b251d58ab5cfdc1802603128f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:42 GMT
via
1.1 bd785324d865b594e6f1838b58cb0dae.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2
status
200
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
47
x-amz-cf-id
M3QAU5csoGUNhPlvT67Y56v79mUXnZk5BvREKHZlOZ2emlIb-0ivKQ==
pixel
cm.g.doubleclick.net/ Frame 8892
Redirect Chain
  • https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&cb=ce931a04477...
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&cb=ce931a...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
0
r
trk.connatix.com/ Frame 8892 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/r?connatix_sess=I0fUGpRy22M-VA3dI5wRgH2tRyrfTEmh-t9JLUQltETvdqAAchZADKp9xEb29p_TMxAK_5hc24fwLfs_HFs8c0Tv5f4qKrBLq1K_0qpdCwUNiZkvc8ZkOkDpVW-064Mt8EhMRUfKCWrPRWuHBRekofaq_h5nfNiidSM0owIXuM2ZO8i48Nebpd1BrFYQNpdd&videoID=639404&c_pl=TJHc88egZXgE2QBhN-IheMTyOQvsy79ufGsxio9cEzipyE5MtuOsLMa5ePSXdCdj9mV6C9EPCkBbCgB-qxbfBUZTe3tlVIzgvj8lUo4dGIk4qmVND7d0rhPzwJuZ_BXfaTFipEUFWVkN1RsqKR2Sa9rhQ_9cutTsOLvh0ZbHUaRsT1As5SDxEQc0xzKhMVfu4gNAXtZARpvlT12oqTmx-U2EAoMSwCMbT_7bkNIUazY&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botn&c_v=1750_1_0_1_0&spp=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.65.212 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-222-65-212.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 16 Oct 2019 17:47:42 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
av
connatix-d.openx.net/v/1.0/ Frame 8892 		48 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&cb=c672ca5c77a5103c935a1571248062567&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1750/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:42 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 8892 		48 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&cb=a49f4eb66c87bd35737a1571248062606&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1750/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:42 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
av
connatix-d.openx.net/v/1.0/ Frame 8892 		48 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&cb=2327f8a3c59a6f208b671571248062652&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1750/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:42 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
jquery.color-2.1.2.min.js
cluster-na.cdnjquery.com/color/ 		93 B
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cluster-na.cdnjquery.com/color/jquery.color-2.1.2.min.js?integrity=btjsonpcallback1571248062857&checksum=%7B%22cbc%22%3A0%2C%22st%22%3A2%2C%22au%22%3A%5B%5D%2C%22hau%22%3A%5B%5D%2C%22ref%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F%22%2C%22aa%22%3A3%2C%22pgid%22%3A%220d94da36-f03d-11e9-b9ce-6bc0ebe31007%22%2C%22v%22%3A1%2C%22format%22%3A%22jsonp%22%7D&o=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&csVersion=1.18.7
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.108.72 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-206-108-72.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
eb4e8e11846e40e6e6401db2d87a599e8d30c8a4d4c112b7931389504079537b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 17:47:43 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
ETag
W/"5d-UM6QywC4tOpoVBHzhymPJfgUfOo"
X-Frame-Options
DENY
Content-Type
text/javascript; charset=utf-8
Charset
utf8
Connection
keep-alive
Content-Length
85
px.gif
ad-delivery.net/ 		43 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6906162154169133
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.7 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2017 18:59:05 GMT
server
AmazonS3
age
76508
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
date
Tue, 15 Oct 2019 20:33:20 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
43
x-amz-cf-id
Cp2zqKRtqqx1dAjg0MSO7twjJRxnYFoL8mHT6pgEko5zoXwgEk7ClQ==
/
audit.quantcast.mgr.consensu.org/ 		80 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit.quantcast.mgr.consensu.org/?log=;1571248062902;BleepingComputer.com;https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F;;;;;p,off,false,,1,en;Shown,;Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36
Requested by
Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v25/cmpui-popup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.23 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-23.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 09:19:11 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
vary
Origin
age
30512
x-cache
Hit from cloudfront
status
200
content-length
80
last-modified
Mon, 11 Jun 2018 22:07:34 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
PxDveU9WaGJrIiYh7jAzKwaLk4MOGQTLemc2sOU0y9P1zMrLOppIbA==
48.008759e9efe1c1b693dd.js
s7.addthis.com/static/ 		281 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/48.008759e9efe1c1b693dd.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 18 Sep 2019 14:16:17 GMT
server
nginx/1.15.8
etag
W/"5d823c31-119"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Wed, 16 Oct 2019 17:47:43 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
246
/
graph.facebook.com/ 		311 B
404 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_dvmj0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
74c632bf54425af154b1a49a298885843c84bd0627e08a0a3154ef89351390b0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
etag
"a7ee5949f7454b3ca3ee247bba59350499f86eec"
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
status
200
x-fb-rev
1001301146
content-length
201
pragma
no-cache
x-fb-debug
gFXbS8o8+xKM7gs4z1DCIuvmaV1KkLrrglOtGYJUZxAHDP58MmULvc9+m+K7YBp9LM4sAyUOyg9Ja54euBDr4Q==
x-fb-trace-id
EHyp+FO4lHu
date
Wed, 16 Oct 2019 17:47:43 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
A80y0tew8-TWGKDywOKqSE_
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.10
expires
Sat, 01 Jan 2000 00:00:00 GMT
info.json
www.reddit.com/api/ 		126 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&jsonp=_ate.cbs.rcb_fb2p0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
snooserv /
Resource Hash
1ec2330ecc18ab63e1852a33b87be0fc6a29de66c265728d24477f8ae8fa5f49
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:43 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
status
200
content-length
126
x-xss-protection
1; mode=block
x-served-by
cache-hhn4030-HHN
x-moose
majestic
expires
-1
server
snooserv
x-timer
S1571248063.225416,VS0,VE130
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, max-age=0, must-revalidate
x-ua-compatible
IE=edge
accept-ranges
bytes
x-cache-hits
0
/
graph.facebook.com/ 		151 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_kptn0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2e8043a4bf71c4240cf610c84b1d61f2c554cf58f1768b0a23655266d1c3468b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
etag
"a3baa83094b2aec6e69bd66c369a43c2762e08a3"
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
status
200
x-fb-rev
1001301146
content-length
151
pragma
no-cache
x-fb-debug
cSnwEZ2fLNhLIHcTexXCbQrbpGHdddEMz2ni6NbFNpgpd9/9kBI9eOcd6/OdJfNbFtz1+ya1Y8Qoh+4pHnpQWQ==
x-fb-trace-id
D2aVKJ6YbrT
date
Wed, 16 Oct 2019 17:47:43 GMT
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
ABqkjOTpVqj1Nlu_mCUIywm
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.10
expires
Sat, 01 Jan 2000 00:00:00 GMT
info.json
www.reddit.com/api/ 		126 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&jsonp=_ate.cbs.rcb_efif0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
snooserv /
Resource Hash
fb0448c15e9eb9dae87f9e057f63e515455d2562b155c16222e009868302e983
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:43 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
status
200
content-length
126
x-xss-protection
1; mode=block
x-served-by
cache-hhn4030-HHN
x-moose
majestic
expires
-1
server
snooserv
x-timer
S1571248063.226026,VS0,VE202
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, max-age=0, must-revalidate
x-ua-compatible
IE=edge
accept-ranges
bytes
x-cache-hits
0
c
c.pub.network/ 		36 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
9f74a7bc0dedce611393f740e208986d37741446e2f75a9f5e50a9bf72d94f87

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 16 Oct 2019 17:47:43 GMT
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
cygnus
as-sec.casalemedia.com/ 		24 B
913 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%2236730542044392%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224fbfdb693eb976%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%2256067b7f954362%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22id%22%3A%22618af45066a137%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%2279ddc13ca29baa%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%228b006d66aeb847%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22id%22%3A%22979610ea977bb9%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%22102ff0d9cd2ecb4%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2211077096a3c2d5%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22id%22%3A%2212a5518d1ba3ac6%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2213594be7f6d55ae%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22id%22%3A%22149c536ec092f46%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%2215378a4228291e1%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%22160b41d7cbab8%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ddd23814679d500030600029486d23eac13dc7769de0050b408c666439a56fc6

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Oct 2019 17:47:43 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
44
Expires
Wed, 16 Oct 2019 17:47:43 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&tk_flint=pbjs_lite_v2.32.0&x_source.tid=bf55be8a-d91d-4adc-bc98-8007e9e398cb&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3316283822588644
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
86c45f4716eeca1a8b7fdaa61b31b157d8a2089675ab364b232048e3527ceed3

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Oct 2019 17:47:43 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=69
Content-Length
1529
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		259 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&tk_flint=pbjs_lite_v2.32.0&x_source.tid=e297341e-989b-4247-a62a-8ab5dc93bfbc&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6214327970272586
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
f7aec11b1cf5cb156016251b60fd2e01260354ab9ddaa24d32194681cfa93621

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Oct 2019 17:47:43 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=266
Content-Length
259
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&tk_flint=pbjs_lite_v2.32.0&x_source.tid=05bdde4d-a3d0-4b87-9085-31eb330ec47d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4766556853244308
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
78de25f11e8471803915ed6c006848e14426513f3e33ab72b57361373ba8e263

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Oct 2019 17:47:43 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=247
Content-Length
1528
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&tk_flint=pbjs_lite_v2.32.0&x_source.tid=874c9633-dcef-4145-a868-f03e07acd453&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9970785501952513
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
db004583a094b5f3b7c8f95a744cf7657d52826d17e918c2087f9707c4fa9d92

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Oct 2019 17:47:43 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=483
Content-Length
1526
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&tk_flint=pbjs_lite_v2.32.0&x_source.tid=e3aa975e-042c-4d8b-a362-82a8c3cb6562&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5137703450175746
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
21d91fc8b2ecbc442f505fdead7d48f0ec0f84f7d496622c336775075c465b9f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Oct 2019 17:47:43 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=215
Content-Length
1540
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&tk_flint=pbjs_lite_v2.32.0&x_source.tid=dcb93f1f-f45e-4084-8307-0a21eb084095&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.46630740705799956
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
fc47b5b2d3335f967a92f2564081ff3de767aa2512b9970e3a026914f4f2aef9

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Oct 2019 17:47:43 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=169
Content-Length
1527
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		717 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
cd62b8141c77274669e850cc82ffa6ae101b98eebd8bcc22424124a104dfd0ec
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Oct 2019 17:47:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.176:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2d8db81f-c506-484c-a2d3-b75d6ce0fb12
Server
nginx/1.13.4
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
freestar-d.openx.net/w/1.0/ 		174 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=bf55be8a-d91d-4adc-bc98-8007e9e398cb%2Ce297341e-989b-4247-a62a-8ab5dc93bfbc%2C05bdde4d-a3d0-4b87-9085-31eb330ec47d%2C874c9633-dcef-4145-a868-f03e07acd453%2Ce3aa975e-042c-4d8b-a362-82a8c3cb6562%2Cdcb93f1f-f45e-4084-8307-0a21eb084095&nocache=1571248063653&x_gdpr_f=1&pubcid=61bd0e40-d411-483b-b140-5e262e220ece&aus=728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C300x250%2C300x600%7C300x250%2C300x600%7C728x90%7C300x250%2C300x600&divIds=bleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&auid=539181725%2C539181725%2C539181725%2C539181725%2C539181725%2C539181725&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
4c4747251a932c72ae7550586f950f52ca208a5f8305b38c8759228e112269c0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
174
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
hb.emxdgt.com/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1200&ts=1571248063653&src=pbjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Oct 2019 17:47:43 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
prebid_display
display.bfmio.com/ 		136 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.180.180 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-221-180-180.compute-1.amazonaws.com
Software
/
Resource Hash
091b664d1589dd71c8400a89f66f6eba06382ff1f39fea1d37365afd71729d34
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
145
v1
dmx.districtm.io/b/ 		0
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 16 Oct 2019 17:47:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
526bdc0ef83596e6-FRA
access-control-allow-headers
origin, content-type
auction
tlx.3lift.com/header/ 		19 B
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=2.32.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&tmax=1200
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.151.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-194-151-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
x-auction-status
12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12
status
200
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v2
i.connectad.io/api/ 		211 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8528 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9a7ae34a5e607d14e281cd97ff1065817c8c7c587ff28865bec08ad0865c60

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Oct 2019 17:47:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
alt-svc
clear
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
526bdc0e184dcbbc-VIE
content-type
application/json
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		723 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
7dd3817e6590cf5aaaf1a28f680a0c477a2c28ed7c6d32eb2fd93173f8c37ee0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Oct 2019 17:47:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.41:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ba390bbb-8a2a-4eae-9541-2f33aa94427b
Server
nginx/1.13.4
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=-120&buster=1571248063657&secure=true&version=9&mobile=false&title=Exposed%20Docker%20APIs%20Abused%20by%20DDoS%2C%20Cryptojacking%20Botnet%20Malware&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&measurable=true&bids[0][bidId]=931f801cb67731&bids[0][config][property]=5c3404d83e048a00261ad27f&bids[0][config][zone]=bleepingcomputer_728x90_970x90_970x250_320x50_ATF&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&bids[0][sizes][2][width]=970&bids[0][sizes][2][height]=250&bids[1][bidId]=943202c4a279045&bids[1][config][property]=5c3404d83e048a00261ad27f&bids[1][config][zone]=bleepingcomputer_728x90_970x90_970x250_320x50_BTF&bids[1][sizes][0][width]=728&bids[1][sizes][0][height]=90&bids[1][sizes][1][width]=970&bids[1][sizes][1][height]=90&bids[1][sizes][2][width]=970&bids[1][sizes][2][height]=250&bids[2][bidId]=9561b23a9861e88&bids[2][config][property]=5c3404d83e048a00261ad27f&bids[2][config][zone]=bleepingcomputer_300x250_300x600_160x600_Right_1&bids[2][sizes][0][width]=300&bids[2][sizes][0][height]=250&bids[2][sizes][1][width]=300&bids[2][sizes][1][height]=600&bids[3][bidId]=9672809842609f7&bids[3][config][property]=5c3404d83e048a00261ad27f&bids[3][config][zone]=bleepingcomputer_300x250_300x600_160x600_Right_2&bids[3][sizes][0][width]=300&bids[3][sizes][0][height]=250&bids[3][sizes][1][width]=300&bids[3][sizes][1][height]=600&bids[4][bidId]=973a8a9453707e1&bids[4][config][property]=5c3404d83e048a00261ad27f&bids[4][config][zone]=bleepingcomputer_728x90_320x50_InContent_1&bids[4][sizes][0][width]=728&bids[4][sizes][0][height]=90&bids[5][bidId]=980edacc8da1c92&bids[5][config][property]=5c3404d83e048a00261ad27f&bids[5][config][zone]=bleepingcomputer_300x250_300x600_160x600_Right_3&bids[5][sizes][0][width]=300&bids[5][sizes][0][height]=250&bids[5][sizes][1][width]=300&bids[5][sizes][1][height]=600&property=5c3404d83e048a00261ad27f&foo
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.165.42 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-165-42.compute-1.amazonaws.com
Software
/ Express
Resource Hash
7f81f251032e2b16782c2d68217cc5946e5e22bef471f19f9ab40b32b1828219

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
status
200
x-powered-by
Express
etag
"-158011272"
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
imp
g2.gumgum.com/hbid/ 		123 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ns=9728&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.10.250 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-10-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cc329ad6a42a8521b03c91c8d81f7424c541be1f8694e00ad0e8904cdf9be668

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ns=9728&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.10.250 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-10-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
60972d83078cab02d3a376568d7b3d7709d226d0f8424b096b6a790d4fa54ba1

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ns=9728&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.10.250 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-10-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8ca3bc202be94209a22d4d8256cb47fd079a166cc1753d2ceefd161ae8284b66

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ns=9728&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.10.250 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-10-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
39dac250dada1f9ebb3e870ddff074d3a45bb53a4ee6640e624625f59af70aa2

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		0
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=zztu1szx&pi=2&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ns=9728&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.10.250 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-10-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
server
nginx
status
204
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ns=9728&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.10.250 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-10-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3817e4249b39d2cc7659e556030d4630aebad329fa30e018bb42d5175781495a

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		0
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=zztu1szx&pi=2&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ns=9728&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.10.250 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-10-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
server
nginx
status
204
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ns=9728&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.10.250 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-10-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0197c73d865dbce5c2562a96daf8df9503972d4ae4eeebe8caf6b03e6320990a

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ns=9728&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.10.250 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-10-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
092f4f118dc92fdf231d8e49dec48615417c4c24545599079f72a783a25b76d7

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		0
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=zztu1szx&pi=2&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ns=9728&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.10.250 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-10-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
server
nginx
status
204
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ns=9728&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.10.250 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-10-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e1cc97dadfeaaf7e7b91b24074ea2dbff9c69cabfd23d60d5f3a84aa75b1810d

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=11228b767a869066&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.32.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=wDH8n844o8J5LF7qDwHQ7sj5&bidId=1137911f022522d9&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.32.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=114eb13c5756af46&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.32.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=1151678f308f51ec&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.32.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=wDH8n844o8J5LF7qDwHQ7sj5&bidId=116b4be5093aa30b&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.32.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=117fd5edabf3050d&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.32.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=118fa913d66e327&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.32.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=11936e478625738c&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.32.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=12053d8ef3f5b981&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.32.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=121bf199db44a70c&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.32.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=122e880720882ed9&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.32.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=12344da962686a4d&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.32.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=124da5600ec1965f&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.32.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Ggh1aXSgpQAvBpkxoyAsBJPd&bidId=12548d2d7acbc1c2&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.32.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=1268facbc3a50445&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.32.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=1275f9ef131c1f27&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.32.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=12865ab616b3288d&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.32.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
translator
hbopenbid.pubmatic.com/ 		54 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
0808b9dd36d56ee583beabc1ecc5af5d47a50349dd15bd3f686024810005e591

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
x-openrtb-version
2.3
access-control-allow-credentials
true
date
Wed, 16 Oct 2019 17:47:43 GMT
content-type
application/json
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		532 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
6d667e51e0e514a6895927036c0835409994f16bc0158af86c63e4de5792d6eb

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
532
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		178 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2366062482257964&correlator=1869868540774502&output=ldjh&impl=fifs&adsid=NT&eid=21064579%2C21062414%2C21062889%2C21064581%2C21064687&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191016&iu_parts=15184186%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_1x1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%2C1x1%2C300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1560527290&dt=1571248063673&dlt=1571248061804&idt=533&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C436%2C1082%2C1082%2C268%2C800%2C1082&adys=146%2C5423%2C327%2C1134%2C3992%2C5929%2C1659&adks=960084856%2C976516616%2C771041174%2C2389526111%2C4047242158%2C2635258439%2C523518761&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&dssz=56&icsg=140737664524288&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x120%7C1200x90%7C306x250%7C306x250%7C834x90%7C1600x5929%7C306x250&msz=1170x90%7C1170x90%7C306x250%7C306x250%7C834x90%7C1600x1%7C306x250&ga_vid=1515779948.1571248062&ga_sid=1571248062&ga_hid=1487263312&fws=4%2C4%2C4%2C4%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
e28d1e3975b7ccac42b76015bd8c61175ca98c7863364532e92ca18b5c518a8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20508
x-xss-protection
0
google-lineitem-id
-2,-2,-1,-1,-1,4893662829,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-1,-1,-1,138254592126,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_modern_rendering_2019100301.js
securepubads.g.doubleclick.net/gpt/ 		59 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
62f9b1db55badf04718d6f76be9c0d7d5e8c86a08ab6ea2bb8dc3b73a3b21204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 13:06:21 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
23801
x-xss-protection
0
expires
Wed, 16 Oct 2019 17:47:43 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
bid
c.amazon-adsystem.com/e/dtb/ 		47 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&pid=6395127271941571248062386&cb=9324538679621571248063726&ws=1600x1200&v=7.37.01&t=1000&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldCFRoute%22%3Atrue%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.185.67 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-185-67.fra2.r.cloudfront.net
Software
Server /
Resource Hash
680eca2177bdc05835b84a7f03e44a226acd5c2b6fce2a96b544870bac6075b6

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:43 GMT
via
1.1 bd785324d865b594e6f1838b58cb0dae.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2
status
200
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
47
x-amz-cf-id
idf7S46xnhyhAcHzCrVf6dUd63wK6_mK5yMiWveUFhStvJOsvSzKPw==
quant.js
secure.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.217 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 17:47:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16-Oct-2019 17:47:43 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Wed, 23 Oct 2019 17:47:43 GMT
bxl.js
hbx.media.net/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=www.bleepingcomputer.com&version=&https=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
205b48ec3bf7d55d87c520558a418b12efa95a9a6b5bd66b37d9a9971b111873

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:43 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=86400
content-length
6639
x-mnet-hl2
E
expires
Thu, 17 Oct 2019 17:47:43 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-43-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 17:47:43 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
901
Expires
Thu, 17 Oct 2019 17:47:43 GMT
load.js
s.ntv.io/serve/ 		300 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.163 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
99bda7bc16de635430765e923c00b808e455b58e2bc3630468d16a96eb367c92

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 17:47:43 GMT
Content-Encoding
gzip
x-amz-request-id
6171EC7F4360894E
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
oBRpMluwqhdtdJRaIUD2Iho3c/a0lJx+UvEBis/mVyrZYuZK5ZLb2qXDwvmvx6kGmZyJgjBD7Qk=
Last-Modified
Wed, 16 Oct 2019 01:03:08 GMT
Server
AmazonS3
ETag
"d6617995c4570fcf5c9488c8cfbca1c1"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
20d15198-4611-4dfe-ba27-62c62c5940e2
d.pub.network/rfm/cookie/ 		3 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/rfm/cookie/20d15198-4611-4dfe-ba27-62c62c5940e2
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 16 Oct 2019 17:47:44 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
classification
d.pub.network/ 		3 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/classification?siteId=535&pageUrl=https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 16 Oct 2019 17:47:44 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
arj
freestar-d.openx.net/w/1.0/ 		174 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=f52068cd-6ba6-42e4-94e7-36dae4984471&nocache=1571248063796&x_gdpr_f=1&pubcid=61bd0e40-d411-483b-b140-5e262e220ece&aus=728x90%2C970x90&divIds=bleepingcomputer_970x90_728x90_320x50_sticky&auid=539181725&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
130942025c635d2fe34f058f6b84d8f8dbdbd54d30a58e231f7651204c7d86a8

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
174
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&tk_flint=pbjs_lite_v2.32.0&x_source.tid=f52068cd-6ba6-42e4-94e7-36dae4984471&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.06784177315597084
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
3b762bc5e3f64d0be113edfbf2d924ff2ae82dc5229d06d214c2f34270f08a09

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Oct 2019 17:47:43 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=424
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
2544182fb9a0a2f65dac966c91bcbcb8239798c4c5d8278f0fd6d9f4056d301e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Oct 2019 17:47:45 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.39:80
AN-X-Request-Uuid
76416526-51c3-4d7c-a65f-fc27a2ec83f7
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		194 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
654560ab40b67422339a3292dfcee9e151952726274f4cce22cdf7c8443fb6a5

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
194
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=58d1fccb-96ad-4c2c-9761-c50f80ea3674&si=14287&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ns=9728&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.10.250 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-10-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3817e4249b39d2cc7659e556030d4630aebad329fa30e018bb42d5175781495a

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=58d1fccb-96ad-4c2c-9761-c50f80ea3674&si=14288&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ns=9728&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.10.250 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-10-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3817e4249b39d2cc7659e556030d4630aebad329fa30e018bb42d5175781495a

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:43 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
v1
dmx.districtm.io/b/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 16 Oct 2019 17:47:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
526bdc0f88d496e6-FRA
access-control-allow-headers
origin, content-type
prebid_display
display.bfmio.com/ 		136 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.180.180 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-221-180-180.compute-1.amazonaws.com
Software
/
Resource Hash
c2e59e2c9482fec05d5dd831d41da92de93a36e8450620d41f50154e1a4437f0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
143
translator
hbopenbid.pubmatic.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 16 Oct 2019 17:47:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
31e88dd5874cff806915adcaae0895eae83b8651d5dbbf4dfcbad95d827d4029
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Oct 2019 17:47:45 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.91:80
AN-X-Request-Uuid
799d64dc-a152-404a-813e-77ff0996d9e8
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
as-sec.casalemedia.com/ 		26 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%2217292120340155ed%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221732fce4ab86c9a%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%221741fdd7b4402d8b%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
639fecd8a9262b34f42bd9413d1a57d3a739026a1c21e54fce376de998e4de40

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Oct 2019 17:47:43 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
46
Expires
Wed, 16 Oct 2019 17:47:43 GMT
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=-120&buster=1571248063800&secure=true&version=9&mobile=false&title=Exposed%20Docker%20APIs%20Abused%20by%20DDoS%2C%20Cryptojacking%20Botnet%20Malware&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&measurable=true&bids[0][bidId]=176542b74d789665&bids[0][config][property]=5c3404d83e048a00261ad27f&bids[0][config][zone]=bleepingcomputer_970x90_728x90_320x50_sticky&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&property=5c3404d83e048a00261ad27f&foo
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.165.42 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-165-42.compute-1.amazonaws.com
Software
/ Express
Resource Hash
7f81f251032e2b16782c2d68217cc5946e5e22bef471f19f9ab40b32b1828219

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:44 GMT
status
200
x-powered-by
Express
etag
"-158011272"
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
v2
i.connectad.io/api/ 		97 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8528 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f7558b2354e2a41dbf25fbdcbbab27a7281cd0f1d1bffc2a0619d6963312ce7

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Oct 2019 17:47:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
alt-svc
clear
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
526bdc0edb9fcbbc-VIE
content-type
application/json
via
1.1 google
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:ea00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:11:46 GMT
content-encoding
gzip
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
age
2157
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA50
x-amz-cf-id
9Jwrszc0kq1gR9ZXPByxlrm6F74_P4d0mxKLI9gJGErbLtLtfhHflQ==
via
1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
checksync.php
hbx.media.net/ Frame 1694 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C10000&https=1&gdpr=1&gdprconsent=2
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=www.bleepingcomputer.com&version=&https=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

:method
GET
:authority
hbx.media.net
:scheme
https
:path
/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C10000&https=1&gdpr=1&gdprconsent=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
accept-encoding
gzip, deflate, br
cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

status
200
server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Sat, 18 Apr 2020 17:47:43 GMT; domain=.media.net; Path=/; visitor-id=2142496632777455000V10; Expires=Thu, 15 Oct 2020 17:47:43 GMT; domain=.media.net; Path=/;
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=28412
expires
Thu, 17 Oct 2019 01:41:15 GMT
date
Wed, 16 Oct 2019 17:47:43 GMT
content-length
6756
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1571248063808&ns_c=UTF-8&cv=3.1&c8=Exposed%20Docker%20APIs%20Abused%20by%20DDoS%2C%20Cryptojacking%20Botnet%20Malware&c7=https%3A...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1571248063808&ns_c=UTF-8&cv=3.1&c8=Exposed%20Docker%20APIs%20Abused%20by%20DDoS%2C%20Cryptojacking%20Botnet%20Malware&c7=https%3...
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1571248063808&ns_c=UTF-8&cv=3.1&c8=Exposed%20Docker%20APIs%20Abused%20by%20DDoS%2C%20Cryptojacking%20Botnet%20Malware&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&c9=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-43-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Oct 2019 17:47:43 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1571248063808&ns_c=UTF-8&cv=3.1&c8=Exposed%20Docker%20APIs%20Abused%20by%20DDoS%2C%20Cryptojacking%20Botnet%20Malware&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&c9=
Pragma
no-cache
Date
Wed, 16 Oct 2019 17:47:43 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
t
jadserve.postrelease.com/ 		97 B
526 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.117.178 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-80-117-178.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
5de79bd33c164a62fe3389aeef0af2f54b82e7f8ba5fd7d0721f8080823babcb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:44 GMT
content-encoding
gzip
server
nginx/1.12.1
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
108
expires
Mon, 1 Jan 1990 12:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		105 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
0629946fe142c676784daa479fe86526051bfa44bdeb5e3f4608fa22b8e153ae
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
23413
x-xss-protection
0
pragma
public
x-fb-debug
4lQE7PtmnzhjSQxIlmSGtXrOggjafMkG4qz1kZjIUw+KUpT9rZz7fVlPbm/KFZR9bgIGr5hBkAv16b+0GUOvMw==
x-fb-trip-id
136226023
x-frame-options
DENY
date
Wed, 16 Oct 2019 17:47:44 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
134240187179576
connect.facebook.net/signals/config/ 		281 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/134240187179576?v=2.9.6&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
24f442571628f7152da251b9d99c32b352d3c325ebda42088deae51bc62a193e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
66631
x-xss-protection
0
pragma
public
x-fb-debug
ji58uVb5OB6BTLNOuIiwdaT468lZMj28fDsTowuPjploDC/DG63oPUW/Ei/L3B4+LwVfpUc8XTQ/yRBxWzBxUA==
x-fb-trip-id
136226023
x-frame-options
DENY
date
Wed, 16 Oct 2019 17:47:44 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011909241711100/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
37a8b06eab08134f2037c797f4596c7688dd564a8395cb7e072577f371d8f993
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"beb093e69c81d951"
age
431734
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7119
x-xss-protection
0
server
sffe
date
Fri, 11 Oct 2019 17:52:10 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sat, 10 Oct 2020 17:52:10 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011909241711100/ Frame 7E0B 		252 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6d157866400e2e50e077448f9cf06a9f29f70e031612ad6679d3626909a4c4e5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"96c1a383c63a0e85"
age
530681
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
70044
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 14:23:03 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 14:23:03 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame 7E0B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9174ab8670879484f0dc42afea0ccaa3803217a9700ef9e1fb8262aa68c651
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"047aa8cc2c1326e6"
age
11778
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5411
x-xss-protection
0
server
sffe
date
Wed, 16 Oct 2019 14:31:26 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Thu, 15 Oct 2020 14:31:26 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame 7E0B 		150 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
197c294e1520b32d787d2678660c02fd195c1c93fee3441de596ef22c34ed425
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"31e12d286572e15e"
age
680023
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
40838
x-xss-protection
0
server
sffe
date
Tue, 08 Oct 2019 20:54:01 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Wed, 07 Oct 2020 20:54:01 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame 7E0B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f6460a62bcb64a288196db0162ebd1ea5e2bbc95b3725ed6ca7c08eed129d767
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"4547d0ff209c44ea"
age
551108
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1388
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 08:42:36 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 08:42:36 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame 7E0B 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b801741390d0087dafca6ddd145ead69628e42ed4e3a4e0a662c96bac969e6fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"098505ab236e9001"
age
599132
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13920
x-xss-protection
0
server
sffe
date
Wed, 09 Oct 2019 19:22:12 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Thu, 08 Oct 2020 19:22:12 GMT
truncated
/ Frame 7E0B 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b614272adbf6ce703661fbd3c1c58293e786c499103b123d1081cc1e6ab543de

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
15062632271734362417
tpc.googlesyndication.com/simgad/ Frame 7E0B 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15062632271734362417?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnxQiF0nh49mmUpc0t3GTXgfcMQxg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
88706120bcc17d5f3be0bb5ddb68ac9ec3431c0784b6792982595cb6d03ebf23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 21:37:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 25 Sep 2018 18:18:44 GMT
server
sffe
age
591009
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
26291
x-xss-protection
0
expires
Thu, 08 Oct 2020 21:37:35 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7E0B 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Oct 2019 10:21:46 GMT
x-content-type-options
nosniff
server
cafe
age
26758
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 17 Oct 2019 10:21:46 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7E0B 		295 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Oct 2019 16:46:43 GMT
x-content-type-options
nosniff
server
cafe
age
3661
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 17 Oct 2019 16:46:43 GMT
B21627202.229964885;dc_pre=CJiv5ZWroeUCFQ72dwod0vwBlA;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=3435460993;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/ Frame 7E0B
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=3435460993;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=...
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_pre=CJiv5ZWroeUCFQ72dwod0vwBlA;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=3435460993;dc_lat=;dc_rdid=...
42 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_pre=CJiv5ZWroeUCFQ72dwod0vwBlA;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=3435460993;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f230.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:44 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_pre=CJiv5ZWroeUCFQ72dwod0vwBlA;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=3435460993;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7E0B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C6ZgJv1enXfnFL8mBgQfg1ISAArPcodFYx4P3gvgJn93H1JMOEAEgx4P8AWCVAqAB7_WO2wPIAQLgAgCoAwHIAwiqBL4CT9D30kr6ecIKweThjcjsO3MMjGiwEcAR8FnPFJpcubjAueJVeN-BDv1St8zQuOHcgEefSaQq_HvWYZ012FKwirTO_-otyCL5lX7MQacunPC1vBSkliPZCeTyNftgBAFghaNCgT0gHUSGxfAMjNGqFr1TggEkybN0fmllHVDp_MjK8uEUF-0LAkG_fwYSGBbE5LPi1X1ycBLyuXICUnK7QQHHROe78_UPJIweeP58qOMAV_-iooSPNMMnNBvKnerWJj1qiBDMiAiGtr57TggulFZqO_49XAX8S7wFWlEWFRgzl3ItZMeSHn5xM5fWv81c9N7oa4Zcu3I-4R2ft1RYeC-j7mqnr9_Oq5Wj_Z7b23-iwJkliiBG5_oq3BhZU5t6869jnsIC8oBUoLcS7mwr4Ea9-miH86SN1x8QcBRvwASYv6-YogLgBAGSBQQIBBgBkgUECAUYBKAGAoAHnrabKagHjs4bqAfVyRuoB8HTG6gHhdQbqAeB1BuoB4LUG6gHhtQbqAeE1BuoB5PYG6gH4NMbqAe6BqgH2csbqAfPzBuoB6a-G9gHAfIHBBCG9BXSCAkIgOGAEBABGB2ACgHYEww&sigh=g0Ust2WrVB0&tpd=AGWhJmsJ7yn9D0MR97wgh2hXE4ehnQg-uIodlVhH3XV9zpBURA
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
amp4ads-v0.js
cdn.ampproject.org/rtv/011909241711100/ Frame 4E70 		252 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6d157866400e2e50e077448f9cf06a9f29f70e031612ad6679d3626909a4c4e5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"96c1a383c63a0e85"
age
530681
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
70044
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 14:23:03 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 14:23:03 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame 4E70 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9174ab8670879484f0dc42afea0ccaa3803217a9700ef9e1fb8262aa68c651
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"047aa8cc2c1326e6"
age
11778
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5411
x-xss-protection
0
server
sffe
date
Wed, 16 Oct 2019 14:31:26 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Thu, 15 Oct 2020 14:31:26 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame 4E70 		150 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
197c294e1520b32d787d2678660c02fd195c1c93fee3441de596ef22c34ed425
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"31e12d286572e15e"
age
680023
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
40838
x-xss-protection
0
server
sffe
date
Tue, 08 Oct 2019 20:54:01 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Wed, 07 Oct 2020 20:54:01 GMT
amp-animation-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame 4E70 		104 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-animation-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6362e76b99c4b8eb48852b2e2d53bd7cc746db63fcb6579c06d4aa1d72d19de8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"236ff67eeddf6654"
age
39089
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29099
x-xss-protection
0
server
sffe
date
Wed, 16 Oct 2019 06:56:15 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Thu, 15 Oct 2020 06:56:15 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame 4E70 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f6460a62bcb64a288196db0162ebd1ea5e2bbc95b3725ed6ca7c08eed129d767
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"4547d0ff209c44ea"
age
551108
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1388
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 08:42:36 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 08:42:36 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame 4E70 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b801741390d0087dafca6ddd145ead69628e42ed4e3a4e0a662c96bac969e6fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"098505ab236e9001"
age
599132
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13920
x-xss-protection
0
server
sffe
date
Wed, 09 Oct 2019 19:22:12 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Thu, 08 Oct 2020 19:22:12 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4E70 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Oct 2019 10:21:46 GMT
x-content-type-options
nosniff
server
cafe
age
26758
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 17 Oct 2019 10:21:46 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4E70 		295 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Oct 2019 16:46:43 GMT
x-content-type-options
nosniff
server
cafe
age
3661
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 17 Oct 2019 16:46:43 GMT
truncated
/ Frame 4E70 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
477719d1406b03a47a54bf60c83f372cd88240bfad01475bd4c34ce9de8f7342

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.js
cdn.ampproject.org/rtv/011909241711100/ Frame AB53 		252 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6d157866400e2e50e077448f9cf06a9f29f70e031612ad6679d3626909a4c4e5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"96c1a383c63a0e85"
age
530681
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
70044
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 14:23:03 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 14:23:03 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame AB53 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9174ab8670879484f0dc42afea0ccaa3803217a9700ef9e1fb8262aa68c651
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"047aa8cc2c1326e6"
age
11778
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5411
x-xss-protection
0
server
sffe
date
Wed, 16 Oct 2019 14:31:26 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Thu, 15 Oct 2020 14:31:26 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame AB53 		150 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
197c294e1520b32d787d2678660c02fd195c1c93fee3441de596ef22c34ed425
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"31e12d286572e15e"
age
680023
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
40838
x-xss-protection
0
server
sffe
date
Tue, 08 Oct 2019 20:54:01 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Wed, 07 Oct 2020 20:54:01 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame AB53 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f6460a62bcb64a288196db0162ebd1ea5e2bbc95b3725ed6ca7c08eed129d767
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"4547d0ff209c44ea"
age
551108
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1388
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 08:42:36 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 08:42:36 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame AB53 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b801741390d0087dafca6ddd145ead69628e42ed4e3a4e0a662c96bac969e6fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"098505ab236e9001"
age
599132
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13920
x-xss-protection
0
server
sffe
date
Wed, 09 Oct 2019 19:22:12 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Thu, 08 Oct 2020 19:22:12 GMT
css
fonts.googleapis.com/ Frame AB53 		7 KB
736 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e2ef1a71c93cfaf7e0af7d9641ee9496c9346acb480a13ab102f7c8adc901207
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 16 Oct 2019 17:47:44 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 16 Oct 2019 17:47:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 16 Oct 2019 17:47:44 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AB53 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Oct 2019 10:21:46 GMT
x-content-type-options
nosniff
server
cafe
age
26758
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 17 Oct 2019 10:21:46 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AB53 		295 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Oct 2019 16:46:43 GMT
x-content-type-options
nosniff
server
cafe
age
3661
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 17 Oct 2019 16:46:43 GMT
truncated
/ Frame AB53 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39efa0868d0c93eadd20895fa08411cb1c144f5b68bcc48045566cbc665d19a7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 82E3 		0
75 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8eMtuqh3ZwdYJCjFfS4PJh1hymPOu2vvsPgP1zj1qxjjEFyXIpo3mLf7RKzVkf1Oy0aSqC7XlRWDnOQQNtwH9QbOaR4d8jndZS1GLn0Fzgf2uja5I65JWhwLNpU7Yv2Qd8rdrRIQrkagJlMSaiwR7OknDAwApiuvnc0lV044vbTGSGAe87lU0HdLqRxdRjgE226iho72xjnP8SonBP4Fl7_HIA3PSymeoqRA5n_-wlXVdFZjF2AF3gyoV6xBQ-T7MVGURr6feewQpMKmZqNnj9SCWufJYgrPq&sai=AMfl-YSLYCAUPseAS8DSYd1GDVR2Wxrx3kIvYHEJDk0UmgWgveXt846F7Xr7rl-qbmit-UTUI6fyAuFihuyrvXlxjNrhPclQpTOXPd2ypzVH0A&sig=Cg0ArKJSzCm0hSVu4FUdEAE&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Oct 2019 17:47:44 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 82E3 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f820f689e79fe927155372514936423b30eb400c1d2b87b6503d1398f6d352c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1571051767941600"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29551
x-xss-protection
0
expires
Wed, 16 Oct 2019 17:47:44 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011909241711100/ Frame 1CB1 		252 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6d157866400e2e50e077448f9cf06a9f29f70e031612ad6679d3626909a4c4e5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"96c1a383c63a0e85"
age
530681
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
70044
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 14:23:03 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 14:23:03 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame 1CB1 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9174ab8670879484f0dc42afea0ccaa3803217a9700ef9e1fb8262aa68c651
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"047aa8cc2c1326e6"
age
11778
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5411
x-xss-protection
0
server
sffe
date
Wed, 16 Oct 2019 14:31:26 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Thu, 15 Oct 2020 14:31:26 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame 1CB1 		150 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
197c294e1520b32d787d2678660c02fd195c1c93fee3441de596ef22c34ed425
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"31e12d286572e15e"
age
680023
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
40838
x-xss-protection
0
server
sffe
date
Tue, 08 Oct 2019 20:54:01 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Wed, 07 Oct 2020 20:54:01 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame 1CB1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f6460a62bcb64a288196db0162ebd1ea5e2bbc95b3725ed6ca7c08eed129d767
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"4547d0ff209c44ea"
age
551108
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1388
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 08:42:36 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 08:42:36 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame 1CB1 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b801741390d0087dafca6ddd145ead69628e42ed4e3a4e0a662c96bac969e6fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"098505ab236e9001"
age
599132
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13920
x-xss-protection
0
server
sffe
date
Wed, 09 Oct 2019 19:22:12 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Thu, 08 Oct 2020 19:22:12 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1CB1 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Oct 2019 10:21:46 GMT
x-content-type-options
nosniff
server
cafe
age
26758
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 17 Oct 2019 10:21:46 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1CB1 		295 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Oct 2019 16:46:43 GMT
x-content-type-options
nosniff
server
cafe
age
3661
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 17 Oct 2019 16:46:43 GMT
truncated
/ Frame 1CB1 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1a99e47ec4ed461b7c4f4e13d94c0dbf186b844e862af51a32b42b78632ec65

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 4E70 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ckw5Tv1enXc_HL8mBgQfg1ISAAsC1ks9Zyb3a2bcI_4rG_ZASEAEg2tfFOWCVAqAB8-WHzwPIAQngAgCoAwHIAwiqBMQCT9AzkV-KAcchpvva6fTkC5FkJR5SgA6_PlC0HXMe_sVouUo71T0vULj1TyeOoYM2SgbvYrb-yGU7QfZO8Z0NHLsi92DiF5osz02ahNNUpHY4DdikNMpg7tSdVAsPLz6WWEItxkxC1ryN9-tOsUJHuDGfgUD3KMVvCUEhSEOVzanYVTHvYd1WUJCYJ0qeHUcOnUQN1nGgbTa6eVBGwYj6Gg1oq5wen73So6tEXT5zaWmYV04NEZkMCsngoyanxXGf6MF-BJ1c4AMqc9EwtGEYiBgGmwVkobEU4FPaL_gJMWhg1NHoFuQatOsNzg1G2gx-jE3kA-9KITp_PJg-AjfuVIXwTO5zeHZgy7MG0wm-ZtzKAD4tMse0JMvnkIE6vqTtPNWNDHZn11E182hN0e0oRV62zIkav7n4kE9DYiPCGsryQScuwASrtvGm7AHgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH9Zn4MKgHjs4bqAfVyRuoB8HTG6gHhdQbqAeB1BuoB4LUG6gHhtQbqAeE1BuoB5PYG6gH4NMbqAe6BqgH2csbqAfPzBuoB6a-G9gHAPIHBBCRmgLSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgPYEwI&sigh=wnutm8DTw5Y&template_id=419&tpd=AGWhJmsk2sCS2t0foCRbcQPtUIvKXmtlkrc68tVEWUp4eCiJZA
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
ug-02.jpg
tpc.googlesyndication.com/sadbundle/18100922732456002253/ Frame 4E70 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/18100922732456002253/ug-02.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
86ef7dfebb5c931d4507535dd4ef6e4c3d9b0b8849a9fb5c49b13029329e6e8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 08 Oct 2019 17:48:18 GMT
x-content-type-options
nosniff
age
691166
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
26362
x-xss-protection
0
last-modified
Wed, 07 Aug 2019 02:01:01 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Oct 2020 17:48:18 GMT
ug-01.jpg
tpc.googlesyndication.com/sadbundle/18100922732456002253/ Frame 4E70 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/18100922732456002253/ug-01.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
10dbd3f42b57be2c140edb71987c92b26cc3fbdaa6959a8c1161718aa2cd778b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 18:41:20 GMT
x-content-type-options
nosniff
age
428784
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30733
x-xss-protection
0
last-modified
Wed, 07 Aug 2019 02:01:01 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Oct 2020 18:41:20 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame AB53 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHwCFv1enXZPJL8mBgQfg1ISAAsCN1NRZ48Taq80KwI23ARABINrXxTlglQKgAZn_-tQDyAEB4AIAqAMByAMKqgTDAk_QOd9bW6XGYQ-OzfY6CMc6MTHmdmMOGIZn9zPatUv5kYShDYnOqCnAhXkpWqmS-xSn0Ka9pvGC9UAjkJCe7vkMHS-bSX256UV-8OTwZxgRX2rxUP_n3SgvsVfucnw6gLLlppyKtZA-HM9EwYgkbFCUq7-5WW1nb3Muu2DBdkOnLatCX_ZaCNfKSFLpIaOQsmdpXt9RXbIly2Jt_Br8-uULpB7RJ7OcadIdzx9cTQ5uJWWCntLzSxnrlVDAigZrsOJKf5KmYwlJEhjGQ4QZ2o8XC57z6JlxVoykpZHVejxBLhVED9UqIsA1aIY6nQDCgwnBspboYmeKLrC4HsTu4P_Ra5v_i0Bqs_tt0CPOL3wuQqKSqjI9q_GCtoxVDo8nodP72uE0dPtyCt_CIsNAut7sgcwrUIAevte70EiI97c2BT5UwATq_r6QrwLgBAGSBQQIBBgBkgUECAUYBIAHz4CFK6gHjs4bqAfVyRuoB8HTG6gHhdQbqAeB1BuoB4LUG6gHhtQbqAeE1BuoB5PYG6gH4NMbqAe6BqgH2csbqAfPzBuoB6a-G9gHAfIHBBCIkwPSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgPYEwyIFAE&sigh=czfbSIto3pE&tpd=AGWhJmswq4YQIE6TAZ1pGXayuytgF2XEx_19rdI3ar6aAcalQw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
3280871688421890375
tpc.googlesyndication.com/simgad/ Frame 1CB1 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3280871688421890375?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkD0XARolEX_DSMSs_HDFGlx7tZtg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c505b30e6a98a09df7fc6b020570d4735cbe96224de50e116fe8981489cb9844
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 18:42:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 25 Sep 2018 18:18:43 GMT
server
sffe
age
428742
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16643
x-xss-protection
0
expires
Sat, 10 Oct 2020 18:42:02 GMT
B21627202.229964885;dc_pre=CMKP6JWroeUCFYrydwodHFwJog;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=1896008293;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/ Frame 1CB1
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=1896008293;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=...
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_pre=CMKP6JWroeUCFYrydwodHFwJog;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=1896008293;dc_lat=;dc_rdid=...
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_pre=CMKP6JWroeUCFYrydwodHFwJog;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=1896008293;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f230.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:44 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_pre=CMKP6JWroeUCFYrydwodHFwJog;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=1896008293;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1CB1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CiFMNv1enXd7KL8mBgQfg1ISAArPcodFY24npvqIJn93H1JMOEAEg2tfFOWCVAqAB7_WO2wPIAQLgAgCoAwHIAwiqBMMCT9D1-NAvOHTakBe36EQFHNtOu4XcT8-CgqXGM5J5wtjKrTNIsO7yV2jbqu7GF5jYXZFbgoqn1RpCGGFIxrVBWZpmZxr1ZFNucQH793pfRVpWjLrK4ssWKCr2LBT6zerEbCFF6RSYRHgJNaK5wDj79mIr6ZGElwcgyyn7jISdbpRqRWrVckbwzksnqAZzOKHIeX5oe_TX-RS57VlGJms8aabpciavRFnjbwbOPdD4USSeu_qW96Oy9DzTtBMjJGNyHV8UGKH7WDcuObdIJnfCgpN-LOHg-U6tQzZ63_Q1fdpkc5vtc-8pLD3OFjLdBqK8W1zeS1iNc1DWgEzP5wWpYvY3IxbNfAKPMQqi_dmB7Q3nIVv0iBfzDqW6jPXlBd0_1Gv5yMhbGzLq9G25FAuH1dZqPUcy35z8Sx0-3vLIwi56z3_ABJi_r5iiAuAEAZIFBAgEGAGSBQQIBRgEoAYCgAeetpspqAeOzhuoB9XJG6gHwdMbqAeF1BuoB4HUG6gHgtQbqAeG1BuoB4TUG6gHk9gbqAfg0xuoB7oGqAfZyxuoB8_MG6gHpr4b2AcB8gcEEPnuC9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA9gTDA&sigh=8nsy6Z_jSi0&tpd=AGWhJmvAYPc6feXfAXFIAsH3iehWAKT_31Qhx3aMK_mUeqEc4Q
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
/
www.facebook.com/tr/ 		44 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=134240187179576&ev=PageView&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&rl=&if=false&ts=1571248064316&sw=1600&sh=1200&v=2.9.6&r=stable&ec=0&o=30&fbp=fb.1.1571248064315.932617089&it=1571248064230&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 16 Oct 2019 17:47:44 GMT
/
www.facebook.com/tr/ 		44 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=134240187179576&ev=ViewContent&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&rl=&if=false&ts=1571248064317&cd[freestar]=20d15198-4611-4dfe-ba27-62c62c5940e2&cd[client]=392&cd[site]=535&cd[page]=2addf01a6d1671ca45bc68f9c38fc5e7&sw=1600&sh=1200&v=2.9.6&r=stable&ec=1&o=30&fbp=fb.1.1571248064315.932617089&it=1571248064230&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 16 Oct 2019 17:47:44 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame AB53 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 14:57:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
442231
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11056
x-xss-protection
0
expires
Sat, 10 Oct 2020 14:57:13 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame AB53 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 15:58:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
438564
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11016
x-xss-protection
0
expires
Sat, 10 Oct 2020 15:58:20 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7E0B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Wed, 16 Oct 2019 17:47:44 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
246
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame AB53
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Wed, 16 Oct 2019 17:47:44 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
246
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1CB1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Wed, 16 Oct 2019 17:47:44 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
246
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		39 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2366062482257964&correlator=1869868540774502&output=ldjh&impl=fifs&adsid=NT&eid=21064579%2C21062414%2C21062889%2C21064581%2C21064687&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191016&iu_parts=15184186%2Cbleepingcomputer_970x90_728x90_320x50_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=user-agent%3DChrome&cookie=ID%3De7c7d52da0ff5da5%3AT%3D1571248063%3AS%3DALNI_MaEDRa0swM3zZLfwiYCGgeid6g_hA&cookie_enabled=1&bc=31&abxe=1&lmt=1560527290&dt=1571248064560&dlt=1571248061804&idt=533&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1110&adks=3056404191&ucis=f&ifi=10&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&dssz=61&icsg=562950658072576&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&psts=CigI7by9nRLoAf7Q9oSDBIICDfrd4Qby3uEGob7d9lDRAv-bIH_4XAAL&ga_vid=1515779948.1571248062&ga_sid=1571248062&ga_hid=1487263312&fws=516&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
4c5fc0147aa409daf0a2f5fc2af9de9d8bef524225fa966cda53b46c6035c0b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 17:47:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9981
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/ 		36 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
9f74a7bc0dedce611393f740e208986d37741446e2f75a9f5e50a9bf72d94f87

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 16 Oct 2019 17:47:45 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
/
www.facebook.com/tr/ 		0
53 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryJvOMLb14RO6mVjmg

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Wed, 16 Oct 2019 17:47:44 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
0
amp4ads-v0.js
cdn.ampproject.org/rtv/031910071804120/ Frame AF1A 		251 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031910071804120/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0bb863f59549233b7c3b23886d1168914248570ebfbf5eb30cf9461f0883dd03
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"52892db21ddd2422"
age
436087
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
69627
x-xss-protection
0
server
sffe
date
Fri, 11 Oct 2019 16:39:37 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sat, 10 Oct 2020 16:39:37 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/031910071804120/v0/ Frame AF1A 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031910071804120/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c60edb9309111bee384d6ffc1489c561dcfc5914258d7391c31cc791a5ff3bae
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"69ef865e4a44af94"
age
143482
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5404
x-xss-protection
0
server
sffe
date
Tue, 15 Oct 2019 01:56:22 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Wed, 14 Oct 2020 01:56:22 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/031910071804120/v0/ Frame AF1A 		150 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031910071804120/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
aa95eb8757140f09d3424399b939ed3f10a20c45c6c52476c614c9bc375eb667
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"8beba9134cdf5c44"
age
506434
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
40847
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 21:07:10 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 21:07:10 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/031910071804120/v0/ Frame AF1A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031910071804120/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e13a6f33e8d69a0db071dcbb72beef2aac18e6dc5e8a5326c1c591125cfdcfd4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"3226643f98951748"
age
552124
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1391
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 08:25:40 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 08:25:40 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/031910071804120/v0/ Frame AF1A 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031910071804120/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
00bbf9e44fba158ed3dab35e591f50ce0045974527564b2ff1e0eaf850472842
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"1bf4e02a805809e1"
age
530390
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13885
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 14:27:54 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 14:27:54 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AF1A 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Oct 2019 10:21:46 GMT
x-content-type-options
nosniff
server
cafe
age
26758
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 17 Oct 2019 10:21:46 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AF1A 		295 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Oct 2019 16:46:43 GMT
x-content-type-options
nosniff
server
cafe
age
3661
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 17 Oct 2019 16:46:43 GMT
truncated
/ Frame AF1A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5da0628d1f457057582d571753ed02564a389d635cd961fb8698db1479cc7ba8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
12951516932552604908
tpc.googlesyndication.com/simgad/ Frame AF1A 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12951516932552604908?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkIv6eTPU0PE4k9eOK_pNhUXdlxZw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8832b71f0858b9a6d03e860543851fde9b20d42b2d2ec144c60fc1ddf437425f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 20:53:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 25 Sep 2018 18:18:47 GMT
server
sffe
age
420866
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16095
x-xss-protection
0
expires
Sat, 10 Oct 2020 20:53:18 GMT
l
www.google.com/ads/measurement/ Frame AF1A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1wVlYQE5xRo5khCALdRHinoLR7_c0plyxj6Nk3Rx1UX34gxv0QU2rz76tJ2eK-54Ba3_Siqj6J8Q3eEPa9AdakNs2KQ
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
B21627202.229964885;dc_pre=CJy6jparoeUCFUOYdwod_ZUNtg;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=4107445298;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/ Frame AF1A
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=4107445298;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=...
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_pre=CJy6jparoeUCFUOYdwod_ZUNtg;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=4107445298;dc_lat=;dc_rdid=...
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_pre=CJy6jparoeUCFUOYdwod_ZUNtg;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=4107445298;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f230.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:44 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N790339.3288108GOOGLE-ADWORDS/B21627202.229964885;dc_pre=CJy6jparoeUCFUOYdwod_ZUNtg;dc_trk_aid=427971881;dc_trk_cid=103966985;ord=4107445298;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame AF1A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CFcs2wFenXe3lJcvigQeq14dAs9yh0ViDium-ogmf3cfUkw4QASDa18U5YJUCoAHv9Y7bA8gBAuACAKgDAcgDCKoEvAJP0LLdhYRXX9IsdBI1BLqxIxS52cIWiox6IyrMy0z669crHFCbAriKpEGMkBKfjgHpRBrcWzctSD_CSbIVq_R74DKj4XDzsCG9FdwBbZuV3TXOP6P4d11vxGemC_R2Fc8xhVsOPRhXvn5VAA-bWO27m-w2kyLDJ9BdlkWhsIfFmckPXW_1CwsHEeo_aFRM8L9-HcB4IkkwgbssWTRKHYaBHdyQgR-VJ91EiB--CBYoUHrpXy2Vm6WU6ikQSaqzvOFthOO9dsfNr125mPgzyxHMyhSaJBiMyHqKSzyMsTqhHozuAL04m8IOZ7kmrFHAVoj8nmHoQD12et9CLflC6V3ghFXiRFXMuwPi93rjcXpDlXUwx3FQ2AKlJKUy9CAzv2lhoUikXh2hQ5xYR6QyZAMK19Ym7hEhu0VksjM4wASYv6-YogLgBAGSBQQIBBgBkgUECAUYBKAGAoAHnrabKagHjs4bqAfVyRuoB8HTG6gHhdQbqAeB1BuoB4LUG6gHhtQbqAeE1BuoB5PYG6gH4NMbqAe6BqgH2csbqAfPzBuoB6a-G9gHAfIHBBCB6AfSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgPYEww&sigh=Ex8WMdfDTwg&tpd=AGWhJmsK3ZZHaQkXU9-6s2rOs9KxA2sLl34KAECfSx-0z4vkCw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
si
googleads.g.doubleclick.net/pagead/drt/ Frame AF1A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Wed, 16 Oct 2019 17:47:44 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
246
x-xss-protection
0
c
c.pub.network/ 		36 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
9f74a7bc0dedce611393f740e208986d37741446e2f75a9f5e50a9bf72d94f87

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 16 Oct 2019 17:47:45 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 7E0B 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssg_CDmA5is5U-rjO4D1rgNZDu2XZlqLmq5X6xJKA1HNwkD7A5XipgiFebd6QySRjq_SdHNgMK-Jq1tg_fCgS4p9ArlMq_a7L6RTbU83jNaqSQnGdX0ag&sai=AMfl-YTUluToUpemToF9YEI_fywmlxGgD0Kg9zrS7CmEZ-aPl5MA118pHg0mWjIvPVHB1rmUs2cx53n7gGWNHLBTOb9DerXUDRuW2k-Y6AD7fQ&sig=Cg0ArKJSzJUssCbMa3RAEAE&id=ampim&o=1082,327&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=211&tls=1212&g=100&h=100&pt=367&tt=1213&rpt=367&rst=1571248064239&r=v&adk=771041174&avms=ampa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AF1A 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2IymawkShC4pSzJInQOIY6CBQj2lDVcwD-qGFdbuXdgLIrbpFBKqPc3zPacWqh6tQK7yQ9EWIQzDb86k5YSun64sgIlqWKq3-NnarmG_8Sc1v2uWZig&sai=AMfl-YSJDlY2OejHRSp5o2YJMx8Tum9--Ydx3MfQv5wrFiyIgpTPXYTTbOSRtvDjJHRg6iwo1DGe7v226z2MTByKvW9i-1DYyFuxsK1A6NGmyF7TDpZAqDiBnm8Xbd9D&sig=Cg0ArKJSzPDs6zN0jX_hEAE&cid=CAASF-Rox8sFJ4iojQXM7ge4CYBDNsXy4gsP&id=ampim&o=315,1110&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=60&tls=1060&g=100&h=100&pt=136&tt=1060&rpt=136&rst=1571248064913&r=v&adk=3056404191&avms=ampa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 17:47:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe
mantodea.mantisadnetwork.com/prebid/ Frame 44CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1571248063952&secure=true&version=9&mobile=false&uuid=ecb8676d-005d-4254-b407-8a8b847e305f&title=Exposed%20Docker%20APIs%20Abused%20by%20DDoS%2C%20Cryptojacking%20Botnet%20Malware&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.165.42 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-165-42.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

:method
GET
:authority
mantodea.mantisadnetwork.com
:scheme
https
:path
/prebid/iframe?tz=-120&buster=1571248063952&secure=true&version=9&mobile=false&uuid=ecb8676d-005d-4254-b407-8a8b847e305f&title=Exposed%20Docker%20APIs%20Abused%20by%20DDoS%2C%20Cryptojacking%20Botnet%20Malware&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

status
200
date
Wed, 16 Oct 2019 17:47:50 GMT
content-type
text/html; charset=utf-8
content-length
332
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
"-816291178"
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 61DB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Thu, 15 Oct 2020 17:47:50 GMT
Date
Wed, 16 Oct 2019 17:47:50 GMT
Connection
keep-alive
iframe
mantodea.mantisadnetwork.com/prebid/ Frame EA03 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1571248064566&secure=true&version=9&mobile=false&uuid=ecb8676d-005d-4254-b407-8a8b847e305f&title=Exposed%20Docker%20APIs%20Abused%20by%20DDoS%2C%20Cryptojacking%20Botnet%20Malware&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.165.42 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-165-42.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

:method
GET
:authority
mantodea.mantisadnetwork.com
:scheme
https
:path
/prebid/iframe?tz=-120&buster=1571248064566&secure=true&version=9&mobile=false&uuid=ecb8676d-005d-4254-b407-8a8b847e305f&title=Exposed%20Docker%20APIs%20Abused%20by%20DDoS%2C%20Cryptojacking%20Botnet%20Malware&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

status
200
date
Wed, 16 Oct 2019 17:47:50 GMT
content-type
text/html; charset=utf-8
content-length
332
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
"-816291178"
sync
eb2.3lift.com/ Frame 1805
Redirect Chain
  • https://ib.3lift.com/sync?
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.118.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-57-118-141.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
accept-encoding
gzip, deflate, br
cookie
tluid=10124271696469609254
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

status
200
date
Wed, 16 Oct 2019 17:47:50 GMT
content-type
text/html; charset=utf-8
content-length
516
set-cookie
sync=CgoI4gEQ0Lu7rd0tCgoI5gEQ0Lu7rd0tCgkICRDQu7ut3S0KCgipARDQu7ut3S0KCQg5ENC7u63dLQoJCDoQ0Lu7rd0tCgkICxDQu7ut3S0KCgjOARDQu7ut3S0KCgiOARDQu7ut3S0KCQgfENC7u63dLQ==; Max-Age=7776000; Expires=Tue, 14 Jan 2020 17:47:50 GMT; Path=/sync; Domain=.3lift.com tluid=10124271696469609254; Max-Age=7776000; Expires=Tue, 14 Jan 2020 17:47:50 GMT; Path=/; Domain=.3lift.com
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

status
302
date
Wed, 16 Oct 2019 17:47:50 GMT
content-length
0
set-cookie
tluid=10124271696469609254; Max-Age=7776000; Expires=Tue, 14 Jan 2020 17:47:50 GMT; Path=/; Domain=.3lift.com
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
connectmyusers.php
cdn.connectad.io/ Frame 2AC2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8528 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

status
200
date
Wed, 16 Oct 2019 17:47:50 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db43dc385c4e920d0def3227b3a55e6b51571248070; expires=Thu, 15-Oct-20 17:47:50 GMT; path=/; domain=.connectad.io; HttpOnly
cf-cache-status
HIT
age
5382
expires
Thu, 17 Oct 2019 01:47:50 GMT
cache-control
public, max-age=28800
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
526bdc35fddecbbc-VIE
content-encoding
gzip
pd
eu-u.openx.net/w/1.0/ Frame 3BE1
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
accept-encoding
gzip, deflate, br
cookie
i=08cbf259-91f9-0c90-32c4-e9aa67551b61|1571248070
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

status
200
vary
Accept
set-cookie
i=08cbf259-91f9-0c90-32c4-e9aa67551b61|1571248070; Version=1; Expires=Thu, 15-Oct-2020 17:47:50 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1571248070|mOsLgqgikin0fcmWiygu; Version=1; Expires=Thu, 31-Oct-2019 17:47:50 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 16 Oct 2019 17:47:50 GMT
content-type
text/html
content-length
862
via
1.1 google
alt-svc
clear

Redirect headers

status
302
set-cookie
i=1519ded8-f185-0de0-35bb-8a1861be3c19|1571248070; Version=1; Expires=Thu, 15-Oct-2020 17:47:50 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
date
Wed, 16 Oct 2019 17:47:50 GMT
content-length
0
via
1.1 google
alt-svc
clear
pd
eu-u.openx.net/w/1.0/ Frame DC5B
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
accept-encoding
gzip, deflate, br
cookie
i=08cbf259-91f9-0c90-32c4-e9aa67551b61|1571248070
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

status
200
vary
Accept
set-cookie
i=08cbf259-91f9-0c90-32c4-e9aa67551b61|1571248070; Version=1; Expires=Thu, 15-Oct-2020 17:47:50 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1571248070|mOsLgqgikin0fcmWiygu; Version=1; Expires=Thu, 31-Oct-2019 17:47:50 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 16 Oct 2019 17:47:50 GMT
content-type
text/html
content-length
862
via
1.1 google
alt-svc
clear

Redirect headers

status
302
set-cookie
i=08cbf259-91f9-0c90-32c4-e9aa67551b61|1571248070; Version=1; Expires=Thu, 15-Oct-2020 17:47:50 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
date
Wed, 16 Oct 2019 17:47:50 GMT
content-length
0
via
1.1 google
alt-svc
clear
usync.html
eus.rubiconproject.com/ Frame 41E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Mon, 14 Oct 2019 17:50:03 GMT
Content-Encoding
gzip
Content-Length
7682
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=68181
Expires
Thu, 17 Oct 2019 12:44:11 GMT
Date
Wed, 16 Oct 2019 17:47:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 1AEE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Thu, 15 Oct 2020 17:47:50 GMT
Date
Wed, 16 Oct 2019 17:47:50 GMT
Connection
keep-alive
Cookie set sync_iframe
sync.bfmio.com/ Frame 7516 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Freestar+-+Header+Bidding+-+Display&gdpr=0&gc=&gce=1&cb=1571248063986
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.101.210 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-20-101-210.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Wed, 16 Oct 2019 17:47:49 GMT
Set-Cookie
__io_cid=04e5e611a8b9fadca32ec99521d12ae31661701f; Domain=.bfmio.com; Expires=Thu, 15-Oct-2020 17:47:50 GMT; Path=/
Content-Length
217
Connection
keep-alive
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame D072 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

Last-Modified
Fri, 26 Jul 2019 09:39:45 GMT
ETag
"13006b6-9bf6-58e925294ef26"
Server
Apache/2.2.15 (CentOS)
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14898
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=77059
Expires
Thu, 17 Oct 2019 15:12:09 GMT
Date
Wed, 16 Oct 2019 17:47:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 4467 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Thu, 15 Oct 2020 17:47:50 GMT
Date
Wed, 16 Oct 2019 17:47:50 GMT
Connection
keep-alive
Cookie set sync_iframe
sync.bfmio.com/ Frame F5B8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Freestar+-+Header+Bidding+-+Display&gdpr=0&gc=&gce=1&cb=1571248064077
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.101.210 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-20-101-210.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Wed, 16 Oct 2019 17:48:07 GMT
Set-Cookie
__io_cid=ab8030302154031122dc5f089cf5b49e72accf6d; Domain=.bfmio.com; Expires=Thu, 15-Oct-2020 17:48:07 GMT; Path=/
Content-Length
217
Connection
keep-alive
Cookie set check.html
biddr.brealtime.com/ Frame 1BDE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

Date
Wed, 16 Oct 2019 17:47:50 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d8af9f420edaa282ee9d1bf284716eec61571248070; expires=Thu, 15-Oct-20 17:47:50 GMT; path=/; domain=.brealtime.com; HttpOnly
x-amz-id-2
3IwkJK8GogvoEF3WefQEyyURp0aEzmw/nukDb0ZbS78YHtXI3ABUJ7MlLn0FfSZKe4GdghcSekU=
x-amz-request-id
3101841DB81139F6
x-amz-meta-origin-date-iso8601
2019-05-30T19:14:20.000Z
Last-Modified
Thu, 30 May 2019 19:21:30 GMT
CF-Cache-Status
HIT
Age
6206
Expires
Wed, 16 Oct 2019 17:48:50 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
526bdc36187b2736-FRA
Content-Encoding
gzip
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 643B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

Last-Modified
Fri, 26 Jul 2019 09:39:45 GMT
ETag
"13006b6-9bf6-58e925294ef26"
Server
Apache/2.2.15 (CentOS)
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14898
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=77059
Expires
Thu, 17 Oct 2019 15:12:09 GMT
Date
Wed, 16 Oct 2019 17:47:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame D000 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Thu, 15 Oct 2020 17:47:50 GMT
Date
Wed, 16 Oct 2019 17:47:50 GMT
Connection
keep-alive
connectmyusers.php
cdn.connectad.io/ Frame 26DA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8528 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

status
200
date
Wed, 16 Oct 2019 17:47:50 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db43dc385c4e920d0def3227b3a55e6b51571248070; expires=Thu, 15-Oct-20 17:47:50 GMT; path=/; domain=.connectad.io; HttpOnly
cf-cache-status
HIT
age
5382
expires
Thu, 17 Oct 2019 01:47:50 GMT
cache-control
public, max-age=28800
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
526bdc35fe0acbbc-VIE
content-encoding
gzip
index.html
cdn.districtm.io/ids/ Frame 001E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

status
200
date
Wed, 16 Oct 2019 17:47:50 GMT
content-type
text/html
set-cookie
__cfduid=d2dd8bd0d4427c2e33da8f08692c5e31c1571248070; expires=Thu, 15-Oct-20 17:47:50 GMT; path=/; domain=.districtm.io; HttpOnly
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
cache-control
s-maxage=1209600, max-age=14400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
526bdc35fa9396e6-FRA
content-encoding
br
index.html
cdn.districtm.io/ids/ Frame 71C2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.32.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Response headers

status
200
date
Wed, 16 Oct 2019 17:47:50 GMT
content-type
text/html
set-cookie
__cfduid=d2dd8bd0d4427c2e33da8f08692c5e31c1571248070; expires=Thu, 15-Oct-20 17:47:50 GMT; path=/; domain=.districtm.io; HttpOnly
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
cache-control
s-maxage=1209600, max-age=14400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
526bdc35fa9796e6-FRA
content-encoding
br
g
rtb.connatix.com/ 		81 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb.connatix.com/g?c_pw=834&c_ph=470&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware%2F&c_ivt=0&connatix_sess=I0fUGpRy22M-VA3dI5wRgH2tRyrfTEmh-t9JLUQltETvdqAAchZADKp9xEb29p_TMxAK_5hc24fwLfs_HFs8c0Tv5f4qKrBLq1K_0qpdCwUNiZkvc8ZkOkDpVW-064Mt8EhMRUfKCWrPRWuHBRekofaq_h5nfNiidSM0owIXuM2ZO8i48Nebpd1BrFYQNpdd&notServed=false&xplr=false&c_s=false&c_pl=TJHc88egZXgE2QBhN-IheMTyOQvsy79ufGsxio9cEzipyE5MtuOsLMa5ePSXdCdj9mV6C9EPCkBbCgB-qxbfBUZTe3tlVIzgvj8lUo4dGIk4qmVND7d0rhPzwJuZ_BXfaTFipEUFWVkN1RsqKR2Sa9rhQ_9cutTsOLvh0ZbHUaRsT1As5SDxEQc0xzKhMVfu4gNAXtZARpvlT12oqTmx-U2EAoMSwCMbT_7bkNIUazY&gdpr=1&med_id=639404&req_no=1&v=1&c_pt=1&c_f=[{id:14449,r:1,i:0,f:4.35}]&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-docker-apis-abused-by-ddos-cryptojacking-botn&c_v=1750_1_0_1_0&spp=1&callback=cnxJSONP_ed7e97b3b74a3130e07b1571248072555
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1750/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.119.98 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-236-119-98.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
3891daece66c7ab748eec2e6dc25045b7d05bc64c3029b44f1353c6a397cdcc0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 16 Oct 2019 17:47:52 GMT
Content-Encoding
gzip
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
100

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Verdicts & Comments Add Verdict or Comment

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| freestar object| apd_options function| gtag object| dataLayer object| google_tag_manager object| elem object| scpt function| __cmp string| GoogleAnalyticsObject function| ga object| adsbygoogle boolean| cnx_poly object| cnxBindings function| cnxUnbind object| cnxtimeouts object| cnxintervals function| cnxSetTimeout function| cnxSetInterval function| cnxClearAll object| cnxUmm object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars function| Blazy object| jQuery111104903712259018953 function| _ object| fsdata function| load_script object| googletag object| pbjs string| cnxPageGuid number| spp object| cnxJSONP_410574e645d3d0e0d4981571248061957 object| fixto function| validate_comment_box_not_empty function| cz_strip_tags function| cz_br2nl function| editForm string| loginhash boolean| main_nav_hide_flag number| scrollTop string| main_nav_hide_timer function| call_main_nav_hide number| cz_header_pos number| prevScrollTop function| loadDeferredStyles function| raf function| __cmpui function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _typeof object| _0x468f function| _0x59c4 object| BT object| BT_PAGEVIEW_MAP object| blockthrough function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_share object| addthis_config function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired object| closure_memoize_cache_ function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| apstag boolean| google_noFetch object| confiant object| oattr object| _atw boolean| apstagLOADED function| pbjsChunk object| __core-js_shared__ function| JSEncrypt string| btID function| btjsonpcallback1571248062857 object| cnxJSONP_8fe755b54ee521b881e01571248062486 string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks object| _qevents object| advBidxc object| _comscore function| quantserve function| __qc object| ezt object| _qoptions function| _mR function| _mD function| udm_ object| ns_p object| COMSCORE object| $jscomp object| ntv number| ntvLoadStart undefined| nQuery object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker object| safeTrackingTags function| ntvGetElementViewability function| ntvViewableImpressionTracker object| ntvToutAds object| PostRelease boolean| onFocus function| parcelRequire string| mantis_uuid function| fbq function| _fbq object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| cnxJSONP_ed7e97b3b74a3130e07b1571248072555 function| cnxAddEventListener

1 Cookies

Domain/Path Name / Value
www.bleepingcomputer.com/ Name: _fsloc
Value: ?i=DE&c=

8 Console Messages

Source Level URL
Text
console-api warning URL: https://quantcast.mgr.consensu.org/cmp.js(Line 1)
Message:
Dependency check failed for Publisher Purpose Legitimate Interest IDs: Publisher Purpose Legitimate Interest IDs must be an array containing only purpose IDs contained in the Publisher Purpose IDs array, the following purpose IDs will be ignored: 1, 4, 5
console-api warning URL: https://static.quantcast.mgr.consensu.org/v25/cmpui-popup.js(Line 1)
Message:
Unable to get NonIab Vendor list.
console-api log URL: https://freestar-io.videoplayerhub.com/gallery.js(Line 13)
Message:
Video gallery initializing
console-api info URL: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js(Line 527)
Message:
Powered by AMP ⚡ HTML – Version 1909241711100 https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
console-api info URL: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js(Line 527)
Message:
Powered by AMP ⚡ HTML – Version 1909241711100 https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
console-api info URL: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js(Line 527)
Message:
Powered by AMP ⚡ HTML – Version 1909241711100 https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
console-api info URL: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js(Line 527)
Message:
Powered by AMP ⚡ HTML – Version 1909241711100 https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
console-api info URL: https://cdn.ampproject.org/rtv/031910071804120/amp4ads-v0.js(Line 529)
Message:
Powered by AMP ⚡ HTML – Version 1910071804120 https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
adservice.google.com
adservice.google.de
api.quantcast.mgr.consensu.org
as-sec.casalemedia.com
audit.quantcast.mgr.consensu.org
biddr.brealtime.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
cdn.ampproject.org
cdn.connatix.com
cdn.connectad.io
cdn.districtm.io
cdns.connatix.com
ck.connatix.com
cluster-na.cdnjquery.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connatix-d.openx.net
connect.facebook.net
core.connatix.com
cse.google.com
d.pub.network
display.bfmio.com
dmx.districtm.io
eb2.3lift.com
ecdn.analysis.fi
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
g2.gumgum.com
googleads.g.doubleclick.net
graph.facebook.com
hb.emxdgt.com
hbopenbid.pubmatic.com
hbx.media.net
i.connatix.com
i.connectad.io
ib.3lift.com
ib.adnxs.com
jadserve.postrelease.com
mantodea.mantisadnetwork.com
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
rtb.connatix.com
rules.quantcount.com
s.ntv.io
s7.addthis.com
s9.addthis.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.quantcast.mgr.consensu.org
sync.bfmio.com
tlx.3lift.com
tpc.googlesyndication.com
trk.connatix.com
v1.addthisedge.com
vendorlist.consensu.org
web.hb.ad.cpe.dotomi.com
www.bleepingcomputer.com
www.bleepstatic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.reddit.com
cm.g.doubleclick.net
104.109.78.125
104.16.190.66
104.17.119.107
104.20.59.209
104.24.1.61
13.225.78.7
143.204.101.105
143.204.101.13
143.204.101.23
143.204.101.37
151.101.113.140
151.101.13.194
172.217.23.98
18.194.151.167
18.196.104.43
185.64.189.112
2.18.232.130
2.18.233.180
2.18.234.163
2.18.234.21
2.18.235.93
2.19.43.224
212.71.236.117
216.58.205.230
23.210.248.44
2600:9000:200d:ea00:6:44e3:f8c0:93a1
2600:9000:2156:ac00:9:46dc:4700:93a1
2600:9000:21f3:5000:1:af78:4c0:93a1
2600:9000:21f3:e000:9:46dc:4700:93a1
2606:4700:10::6814:8528
2606:4700:20::6819:bf72
2a00:1450:4001:800::2004
2a00:1450:4001:806::200e
2a00:1450:4001:817::2002
2a00:1450:4001:818::2002
2a00:1450:4001:81a::2008
2a00:1450:4001:81d::2003
2a00:1450:4001:81f::2001
2a00:1450:4001:821::2002
2a00:1450:4001:821::200a
2a00:1450:4001:824::2001
2a00:1450:4001:825::2002
2a00:1450:4001:825::200e
2a02:fa8:8806:13::1460
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::645
3.221.180.180
3.222.65.212
34.195.95.173
34.206.108.72
34.236.119.98
34.95.120.147
35.156.77.44
35.188.71.214
35.226.36.58
37.252.173.62
52.20.101.210
52.57.118.141
52.72.165.42
52.85.185.67
54.194.10.250
54.80.117.178
69.173.144.141
91.228.74.217
00bbf9e44fba158ed3dab35e591f50ce0045974527564b2ff1e0eaf850472842
0197c73d865dbce5c2562a96daf8df9503972d4ae4eeebe8caf6b03e6320990a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0629946fe142c676784daa479fe86526051bfa44bdeb5e3f4608fa22b8e153ae
0742fa81292e959a7a1e80cdf4bd2f6f8864e032d8178cbb13d2038636a5383e
0808b9dd36d56ee583beabc1ecc5af5d47a50349dd15bd3f686024810005e591
091b664d1589dd71c8400a89f66f6eba06382ff1f39fea1d37365afd71729d34
092f4f118dc92fdf231d8e49dec48615417c4c24545599079f72a783a25b76d7
095d396ed8b668a9b4ac5b9168235819c90813cd90f61e467f4ddc8d815bca64
0bb863f59549233b7c3b23886d1168914248570ebfbf5eb30cf9461f0883dd03
0cc5fd17331507451e51960383125343555269d927132ccb72d954c064aa4648
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e80f31eb6c2da1b044007b6f3975400984053db02b9687126cd9babe3284ad0
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
0f7558b2354e2a41dbf25fbdcbbab27a7281cd0f1d1bffc2a0619d6963312ce7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10dbd3f42b57be2c140edb71987c92b26cc3fbdaa6959a8c1161718aa2cd778b
130942025c635d2fe34f058f6b84d8f8dbdbd54d30a58e231f7651204c7d86a8
197c294e1520b32d787d2678660c02fd195c1c93fee3441de596ef22c34ed425
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
1ec2330ecc18ab63e1852a33b87be0fc6a29de66c265728d24477f8ae8fa5f49
1f3dd519fa0bab3747811d85ac2228e87a795979197972bace638dbac6147b9a
205b48ec3bf7d55d87c520558a418b12efa95a9a6b5bd66b37d9a9971b111873
21d91fc8b2ecbc442f505fdead7d48f0ec0f84f7d496622c336775075c465b9f
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
24f442571628f7152da251b9d99c32b352d3c325ebda42088deae51bc62a193e
2544182fb9a0a2f65dac966c91bcbcb8239798c4c5d8278f0fd6d9f4056d301e
27a96c0b4304b92e0762c2d39fcc5070aee1080cdbf3b25410274a205c732d9c
29c16587b0ccdf084143e97a222591f7ae53dcc643a998800f2d5fda68e28c25
2a6bfabe65ca353e4359be32e10d40b8b514590b536dd93499bc1067e4bf6329
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2e8043a4bf71c4240cf610c84b1d61f2c554cf58f1768b0a23655266d1c3468b
3009133fca80d9f314853b1ae500485985e1bc422d2ce6eb20e36305fd5c544c
305cfbaaf123f0a2939bea78bae046dff5d50a70a0ac62dea428f5b332715259
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
31e88dd5874cff806915adcaae0895eae83b8651d5dbbf4dfcbad95d827d4029
327e85db077019cf3763323074077f8e9085d024f865379115224094834e6071
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37a8b06eab08134f2037c797f4596c7688dd564a8395cb7e072577f371d8f993
3817e4249b39d2cc7659e556030d4630aebad329fa30e018bb42d5175781495a
3891daece66c7ab748eec2e6dc25045b7d05bc64c3029b44f1353c6a397cdcc0
39dac250dada1f9ebb3e870ddff074d3a45bb53a4ee6640e624625f59af70aa2
39efa0868d0c93eadd20895fa08411cb1c144f5b68bcc48045566cbc665d19a7
3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382
3b762bc5e3f64d0be113edfbf2d924ff2ae82dc5229d06d214c2f34270f08a09
3d9a7ae34a5e607d14e281cd97ff1065817c8c7c587ff28865bec08ad0865c60
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
42a18ed45095cfff307cc5f41a9a68fbee62debfaffdf69382b33923d4f45bae
44ac654a5d74e0f55d383818e9fb4782ea064fdc7cac8e5a4bcb71a011cad952
471bc90ad701d988862370f6323275e800c87a396bad5996846f3bfe9721d8fa
477719d1406b03a47a54bf60c83f372cd88240bfad01475bd4c34ce9de8f7342
4a9174ab8670879484f0dc42afea0ccaa3803217a9700ef9e1fb8262aa68c651
4c4747251a932c72ae7550586f950f52ca208a5f8305b38c8759228e112269c0
4c5fc0147aa409daf0a2f5fc2af9de9d8bef524225fa966cda53b46c6035c0b7
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5da0628d1f457057582d571753ed02564a389d635cd961fb8698db1479cc7ba8
5de79bd33c164a62fe3389aeef0af2f54b82e7f8ba5fd7d0721f8080823babcb
5fe405e64b42b49a5813c2c7b8e48ccf290310c5eb351d2b15966856d1a2f06e
60972d83078cab02d3a376568d7b3d7709d226d0f8424b096b6a790d4fa54ba1
62f9b1db55badf04718d6f76be9c0d7d5e8c86a08ab6ea2bb8dc3b73a3b21204
6362e76b99c4b8eb48852b2e2d53bd7cc746db63fcb6579c06d4aa1d72d19de8
639fecd8a9262b34f42bd9413d1a57d3a739026a1c21e54fce376de998e4de40
654560ab40b67422339a3292dfcee9e151952726274f4cce22cdf7c8443fb6a5
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
680eca2177bdc05835b84a7f03e44a226acd5c2b6fce2a96b544870bac6075b6
6c8d16fd525d689560442806ff2b2e6909949950453cb8215aa30ab3da66845f
6d157866400e2e50e077448f9cf06a9f29f70e031612ad6679d3626909a4c4e5
6d667e51e0e514a6895927036c0835409994f16bc0158af86c63e4de5792d6eb
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
74c632bf54425af154b1a49a298885843c84bd0627e08a0a3154ef89351390b0
784d075043c085210848d7f65cd6004c09bb3af79d9f78d678354bd51931956d
78c372f8aece809225131a8fe9f7b117cf1675c07bcaade16598740bac0ed36c
78de25f11e8471803915ed6c006848e14426513f3e33ab72b57361373ba8e263
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7dd3817e6590cf5aaaf1a28f680a0c477a2c28ed7c6d32eb2fd93173f8c37ee0
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e
7f81f251032e2b16782c2d68217cc5946e5e22bef471f19f9ab40b32b1828219
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bad666770b2b946abaa63c9ab1f4bc800b9aa7675f7ae8b4f8a8ad782e56ff
8439372d1e63bb041355ba1effa4c2182a002bedb958350e6dfdfee6bce75a2a
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
86c45f4716eeca1a8b7fdaa61b31b157d8a2089675ab364b232048e3527ceed3
86ef7dfebb5c931d4507535dd4ef6e4c3d9b0b8849a9fb5c49b13029329e6e8a
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e
8832b71f0858b9a6d03e860543851fde9b20d42b2d2ec144c60fc1ddf437425f
88706120bcc17d5f3be0bb5ddb68ac9ec3431c0784b6792982595cb6d03ebf23
8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3
8ca3bc202be94209a22d4d8256cb47fd079a166cc1753d2ceefd161ae8284b66
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92cdce569cd5f92954f01d533ef8b698827b22e90bc75923011f4cb1813e2a82
92d1994cace793adb74ca4a9e69eb746448b20aac8fd7124b03fb95694761187
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
98f88d642acd9024773bf77b93f9546e3cd6fd8fa3d539d16f7b018e0cb513f2
99bda7bc16de635430765e923c00b808e455b58e2bc3630468d16a96eb367c92
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9f74a7bc0dedce611393f740e208986d37741446e2f75a9f5e50a9bf72d94f87
a1a99e47ec4ed461b7c4f4e13d94c0dbf186b844e862af51a32b42b78632ec65
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a95ebbca9b2c9a1cbd25f9b5070862c532bf98170e12f9d53b0212e2569622c2
aa95eb8757140f09d3424399b939ed3f10a20c45c6c52476c614c9bc375eb667
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
b05f6cbb8d3363162f518f0bd210ce05ee8c391cc63432daa8868c65ffa0c59e
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad
b49f9652600af1ab2cc3c152c6f0b8fa6ad0dde122650e210ae205a9ad054ff9
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b614272adbf6ce703661fbd3c1c58293e786c499103b123d1081cc1e6ab543de
b801741390d0087dafca6ddd145ead69628e42ed4e3a4e0a662c96bac969e6fe
ba34dc66a2967a9dad839e413ede700c2fdd4d0ecb8295f7e9453cafa2705991
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be60598ed5b27ee3de4ce47d709b66b5f3f18c12461c57a770784d0da809f879
bfa3507c6a168b5b4317084c353f83cda256ab1d6674be4765e207ffc21efcba
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e
c237e0ee4bb4f57215b8ea2c46b4c70b62bfdc6753cc019971ded30e06c96246
c26fd569cbff7c7b33fe25517c92338cf7fee0beacb4fb93a55885eb506f01d5
c2e59e2c9482fec05d5dd831d41da92de93a36e8450620d41f50154e1a4437f0
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae
c505b30e6a98a09df7fc6b020570d4735cbe96224de50e116fe8981489cb9844
c60edb9309111bee384d6ffc1489c561dcfc5914258d7391c31cc791a5ff3bae
c752c5c17da084b3de4bb748c2bb5856d487e818dd646dbf839925f7a74944d2
c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb
cafcfaf45d75e424c789a0d65dfb9553c29d565b251d58ab5cfdc1802603128f
cc329ad6a42a8521b03c91c8d81f7424c541be1f8694e00ad0e8904cdf9be668
cd62b8141c77274669e850cc82ffa6ae101b98eebd8bcc22424124a104dfd0ec
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d229886fc63edf6b95865ad6a9e90b589ca7585d2203bc61b69f73f61f746830
db004583a094b5f3b7c8f95a744cf7657d52826d17e918c2087f9707c4fa9d92
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dcc28ca60da9d588529a611b80efabff7d85ef8f69fa74e2cb8009e5ae846806
ddd23814679d500030600029486d23eac13dc7769de0050b408c666439a56fc6
df9504754d592b8d76e897236d749bbf896e26edae92c2f669fa46946624e3c6
e13a6f33e8d69a0db071dcbb72beef2aac18e6dc5e8a5326c1c591125cfdcfd4
e1cc97dadfeaaf7e7b91b24074ea2dbff9c69cabfd23d60d5f3a84aa75b1810d
e28d1e3975b7ccac42b76015bd8c61175ca98c7863364532e92ca18b5c518a8d
e2ef1a71c93cfaf7e0af7d9641ee9496c9346acb480a13ab102f7c8adc901207
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85
ea10733ffb72cf46260738527ae359e08653da22f630df320ce477a003acb7c8
eb4e8e11846e40e6e6401db2d87a599e8d30c8a4d4c112b7931389504079537b
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f425f66d90f1150499b36ab47b56fa6fb1a68136e4f42befca20a920ff85306b
f6460a62bcb64a288196db0162ebd1ea5e2bbc95b3725ed6ca7c08eed129d767
f7aec11b1cf5cb156016251b60fd2e01260354ab9ddaa24d32194681cfa93621
f7b71df270660f7958f60859209972586494aff37327672ef85951f29c151716
f820f689e79fe927155372514936423b30eb400c1d2b87b6503d1398f6d352c7
f85d644fd74ec5ff9286424ae2faf33670843ca6aa620fdb7f273253930b10e2
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
fb0448c15e9eb9dae87f9e057f63e515455d2562b155c16222e009868302e983
fc47b5b2d3335f967a92f2564081ff3de767aa2512b9970e3a026914f4f2aef9