URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Submission: On August 19 via api from US

Summary

This website contacted 62 IPs in 8 countries across 46 domains to perform 304 HTTP transactions. The main IP is 104.20.60.209, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 16th 2020. Valid for: 2 years.
This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.20.60.209 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
33 104.26.12.6 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2.21.36.164 20940 (AKAMAI-ASN1)
1 10 151.101.194.137 54113 (FASTLY)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 178.79.175.86 63949 (LINODE-AP...)
1 185.3.93.184 63949 (LINODE-AP...)
5 35.190.64.11 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 5 172.217.21.198 15169 (GOOGLE)
5 35.188.71.214 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 92.122.255.233 16625 (AKAMAI-AS)
1 34.249.124.75 16509 (AMAZON-02)
12 216.58.208.34 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
9 3.128.233.190 16509 (AMAZON-02)
1 35.190.76.239 15169 (GOOGLE)
4 13.226.146.86 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 199.232.53.140 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2620:116:800d... 16509 (AMAZON-02)
2 92.122.253.103 16625 (AKAMAI-AS)
1 3 23.37.53.17 16625 (AKAMAI-AS)
1 92.122.253.191 16625 (AKAMAI-AS)
43 2a00:1450:400... 15169 (GOOGLE)
1 130.211.23.194 15169 (GOOGLE)
1 2600:9000:218... 16509 (AMAZON-02)
1 54.80.117.178 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 35.226.36.58 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 69.173.144.140 26667 (RUBICONPR...)
4 34.226.243.182 14618 (AMAZON-AES)
2 2a02:fa8:8806... 41041 (VCLK-EU-)
4 185.33.221.11 29990 (ASN-APPNEX)
4 104.16.68.69 13335 (CLOUDFLAR...)
4 92.122.254.129 16625 (AKAMAI-AS)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 6 35.244.159.8 15169 (GOOGLE)
9 3.127.95.92 16509 (AMAZON-02)
1 18.194.179.143 16509 (AMAZON-02)
35 2a00:1450:400... 15169 (GOOGLE)
7 143.204.212.226 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 213.19.147.150 26120 (RHYTHMONE)
1 213.19.147.210 26120 (RHYTHMONE)
1 2 52.58.173.218 16509 (AMAZON-02)
2 92.122.252.114 16625 (AKAMAI-AS)
2 151.101.113.108 54113 (FASTLY)
1 104.111.230.142 16625 (AKAMAI-AS)
304 62
Apex Domain
Subdomains
Transfer
51 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
a16b13982d0c5ec816fc7bd8a4caeae5.safeframe.googlesyndication.com
598 KB
35 ampproject.org
cdn.ampproject.org
748 KB
33 bleepstatic.com
www.bleepstatic.com
583 KB
22 doubleclick.net
googleads.g.doubleclick.net
ad.doubleclick.net
securepubads.g.doubleclick.net
143 KB
19 connatix.com
cd.connatix.com
cds.connatix.com
capi.connatix.com
vid.connatix.com
img.connatix.com
355 KB
13 pub.network
a.pub.network
d.pub.network
c.pub.network
256 KB
12 gstatic.com
fonts.gstatic.com
138 KB
11 unrulymedia.com
video.unrulymedia.com
rx-stats3.unrulymedia.com
rx.targeting.unrulymedia.com
76 KB
11 google.com
www.google.com
cse.google.com
adservice.google.com
3 KB
10 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
ajax.googleapis.com
132 KB
9 sharethrough.com
btlr.sharethrough.com
1 KB
7 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
10 KB
6 openx.net
freestar-d.openx.net
eu-u.openx.net
1 KB
6 adnxs.com
ib.adnxs.com
acdn.adnxs.com
3 KB
5 dapperdiscussion.com
dapperdiscussion.com
77 KB
4 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
4 KB
4 districtm.io
dmx.districtm.io
cdn.districtm.io
494 B
4 mantisadnetwork.com
mantodea.mantisadnetwork.com
692 B
4 amazon-adsystem.com
c.amazon-adsystem.com
31 KB
4 addthis.com
s9.addthis.com
s7.addthis.com Failed
191 KB
3 3lift.com
tlx.3lift.com
eb2.3lift.com
861 B
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 upapi.net
mrb.upapi.net
backend.upapi.net
233 KB
2 indexww.com
js-sec.indexww.com
2 casalemedia.com
as-sec.casalemedia.com
2 KB
2 dotomi.com
web.hb.ad.cpe.dotomi.com
1 KB
2 media.net
hbx.media.net
9 KB
2 reddit.com
www.reddit.com
820 B
2 facebook.com
graph.facebook.com
987 B
2 googletagservices.com
www.googletagservices.com
45 KB
2 google-analytics.com
www.google-analytics.com
18 KB
2 firstimpression.io
ecdn.firstimpression.io
cdn.firstimpression.io
188 KB
2 bleepingcomputer.com
www.bleepingcomputer.com
16 KB
1 2mdn.net
s0.2mdn.net
11 KB
1 postrelease.com
jadserve.postrelease.com
600 B
1 quantcount.com
rules.quantcount.com
1 KB
1 ntv.io
s.ntv.io
96 KB
1 quantserve.com
secure.quantserve.com
8 KB
1 ad-delivery.net
ad-delivery.net
628 B
1 consensu.org
admiral.mgr.consensu.org
1 addthisedge.com
v1.addthisedge.com
855 B
1 moatads.com
z.moatads.com
1 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com
27 KB
1 google.de
adservice.google.de
246 B
1 analysis.fi
ecdn.analysis.fi
2 KB
1 googletagmanager.com
www.googletagmanager.com
35 KB
304 46
Domain Requested by
43 tpc.googlesyndication.com dapperdiscussion.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.bleepingcomputer.com
cdn.ampproject.org
35 cdn.ampproject.org securepubads.g.doubleclick.net
33 www.bleepstatic.com www.bleepingcomputer.com
www.bleepstatic.com
12 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.bleepingcomputer.com
12 fonts.gstatic.com fonts.googleapis.com
9 btlr.sharethrough.com a.pub.network
9 capi.connatix.com cd.connatix.com
8 www.google.com 3 redirects www.bleepingcomputer.com
7 video.unrulymedia.com securepubads.g.doubleclick.net
video.unrulymedia.com
ajax.googleapis.com
7 pagead2.googlesyndication.com www.bleepingcomputer.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
7 fonts.googleapis.com www.bleepingcomputer.com
securepubads.g.doubleclick.net
6 fastlane.rubiconproject.com a.pub.network
6 img.connatix.com www.bleepingcomputer.com
5 c.pub.network a.pub.network
5 d.pub.network a.pub.network
5 ad.doubleclick.net 1 redirects www.bleepingcomputer.com
dapperdiscussion.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.bleepingcomputer.com
5 dapperdiscussion.com www.bleepingcomputer.com
dapperdiscussion.com
4 eu-u.openx.net 2 redirects a.pub.network
4 ib.adnxs.com a.pub.network
4 mantodea.mantisadnetwork.com a.pub.network
4 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
3 rx-stats3.unrulymedia.com www.bleepingcomputer.com
3 sb.scorecardresearch.com 1 redirects a.pub.network
www.bleepingcomputer.com
3 s7.addthis.com s9.addthis.com
3 a.pub.network www.bleepingcomputer.com
a.pub.network
2 cdn.districtm.io a.pub.network
2 acdn.adnxs.com a.pub.network
2 js-sec.indexww.com a.pub.network
2 ads.pubmatic.com a.pub.network
2 eb2.3lift.com 1 redirects a.pub.network
2 freestar-d.openx.net a.pub.network
2 hbopenbid.pubmatic.com a.pub.network
2 as-sec.casalemedia.com a.pub.network
2 dmx.districtm.io a.pub.network
2 web.hb.ad.cpe.dotomi.com a.pub.network
2 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
2 hbx.media.net a.pub.network
hbx.media.net
2 www.reddit.com s9.addthis.com
2 graph.facebook.com s9.addthis.com
2 mrb.upapi.net freestar-io.videoplayerhub.com
mrb.upapi.net
2 www.googletagservices.com a.pub.network
pagead2.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
imasdk.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.bleepingcomputer.com
2 cds.connatix.com www.bleepingcomputer.com
cd.connatix.com
2 www.bleepingcomputer.com dapperdiscussion.com
1 eus.rubiconproject.com a.pub.network
1 rx.targeting.unrulymedia.com video.unrulymedia.com
1 ajax.googleapis.com video.unrulymedia.com
1 tlx.3lift.com a.pub.network
1 a16b13982d0c5ec816fc7bd8a4caeae5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 s0.2mdn.net imasdk.googleapis.com
1 vid.connatix.com cd.connatix.com
1 jadserve.postrelease.com s.ntv.io
1 rules.quantcount.com secure.quantserve.com
1 backend.upapi.net mrb.upapi.net
1 s.ntv.io a.pub.network
1 secure.quantserve.com a.pub.network
1 ad-delivery.net www.bleepingcomputer.com
1 admiral.mgr.consensu.org dapperdiscussion.com
1 cdn.firstimpression.io ecdn.firstimpression.io
1 v1.addthisedge.com s9.addthis.com
1 z.moatads.com s9.addthis.com
1 freestar-io.videoplayerhub.com a.pub.network
1 adservice.google.de pagead2.googlesyndication.com
1 ecdn.firstimpression.io www.bleepingcomputer.com
1 ecdn.analysis.fi www.bleepingcomputer.com
1 cd.connatix.com 1 redirects
1 s9.addthis.com www.bleepingcomputer.com
1 cse.google.com www.bleepingcomputer.com
1 www.googletagmanager.com www.bleepingcomputer.com
304 71
Subject Issuer Validity Valid
bleepingcomputer.com
Sectigo RSA Domain Validation Secure Server CA
2020-05-16 -
2022-05-15
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2020-07-15 -
2020-10-07
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-17 -
2021-07-17
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-07-15 -
2020-10-07
3 months crt.sh
*.google.com
GTS CA 1O1
2020-07-15 -
2020-10-07
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-07-15 -
2020-10-07
3 months crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1
2020-07-22 -
2021-10-13
a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2
2019-09-05 -
2020-10-19
a year crt.sh
*.analysis.fi
Sectigo RSA Domain Validation Secure Server CA
2020-05-17 -
2021-06-16
a year crt.sh
*.firstimpression.io
Sectigo RSA Organization Validation Secure Server CA
2019-11-06 -
2020-12-04
a year crt.sh
dapperdiscussion.com
Let's Encrypt Authority X3
2020-07-06 -
2020-10-04
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-07-15 -
2020-10-07
3 months crt.sh
*.doubleclick.net
GTS CA 1O1
2020-07-15 -
2020-10-07
3 months crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2
2020-03-17 -
2021-05-16
a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2020-01-17 -
2021-03-17
a year crt.sh
admiral.mgr.consensu.org
GTS CA 1D2
2020-08-01 -
2020-10-30
3 months crt.sh
c.amazon-adsystem.com
Amazon
2019-10-07 -
2020-09-29
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-07-21 -
2020-10-12
3 months crt.sh
*.reddit.com
DigiCert SHA2 Secure Server CA
2020-04-06 -
2020-10-03
6 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2019-10-04 -
2020-10-07
a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2020-02-25 -
2021-05-26
a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1
2020-07-17 -
2021-06-02
a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA
2019-11-18 -
2021-02-16
a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-07-15 -
2020-10-07
3 months crt.sh
*.upapi.net
Let's Encrypt Authority X3
2020-07-17 -
2020-10-15
3 months crt.sh
*.postrelease.com
Amazon
2020-02-28 -
2021-03-28
a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA
2019-01-10 -
2021-01-14
2 years crt.sh
*.mantisadnetwork.com
Amazon
2020-03-23 -
2021-04-23
a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2020-03-30 -
2022-06-25
2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
districtm.io
Cloudflare Inc ECC CA-3
2020-07-01 -
2021-07-01
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2020-03-02 -
2021-04-01
a year crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA
2019-02-22 -
2021-02-21
2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh
*.sharethrough.com
Amazon
2019-10-07 -
2020-11-07
a year crt.sh
*.3lift.com
Amazon
2020-07-04 -
2021-08-05
a year crt.sh
misc-sni.google.com
GTS CA 1O1
2020-07-15 -
2020-10-07
3 months crt.sh
*.unrulymedia.com
DigiCert SHA2 Secure Server CA
2017-08-30 -
2020-11-27
3 years crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA
2020-05-04 -
2022-05-09
2 years crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3
2020-04-13 -
2021-04-14
a year crt.sh

This page contains 36 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Frame ID: C123DCCFBE041CDBB4A086246A4CBA76
Requests: 152 HTTP requests in this frame

Frame: https://cds.connatix.com/p/46383/connatix.playspace.dc.js
Frame ID: 85D7B86F78F0B9810CD88834A94B678C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200817/r20190131/zrt_lookup.html
Frame ID: BCD325A31B9464AB6027C47E21948525
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 916D22A1BE5488878509A5B94F3F5CFE
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: D74776F59B6D1C390BBC09C5949F4406
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1597765141&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1597836882662&bpp=37&bdt=385&idt=405&shv=r20200817&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4118328455377&frm=20&pv=2&ga_vid=1170761381.1597836883&ga_sid=1597836883&ga_hid=666876030&ga_fc=0&iag=0&icsg=43980475604992&dssz=47&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=3684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066153%2C44723321%2C21066923&oid=3&pvsid=99097593476193&pem=16&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=TIojHOCn4B&p=https%3A//www.bleepingcomputer.com&dtd=423
Frame ID: 278B7ECB503C97B2F1557B139EFE9DF2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1597765141&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1597836882887&bpp=3&bdt=611&idt=249&shv=r20200817&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=4118328455377&frm=20&pv=1&ga_vid=1170761381.1597836883&ga_sid=1597836883&ga_hid=666876030&ga_fc=0&iag=0&icsg=175921902919680&dssz=50&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066153%2C44723321%2C21066923&oid=3&pvsid=99097593476193&pem=16&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=255
Frame ID: D6BB9CAEC2C47556BC312D74E4B70690
Requests: 1 HTTP requests in this frame

Frame: https://admiral.mgr.consensu.org/portal.html
Frame ID: F0E01D8137CBB27BEE96936AC9C8C25C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: FEE9AD61AA390E40F31E1825C2C7839E
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C186%2C201%2C226%2C10000&usp_status=0&usp_consent=1&https=1&gdpr=1&gdprconsent=2
Frame ID: 59CE3E563DA92A7A684BA7E1D45739B7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.402.1_en.html
Frame ID: CD77B73CA15FBDBB6C7F5257516E8945
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 243FFEB743109EA978A0776E02D1516C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Frame ID: D39438CC8CF1542716300C45B5278BDC
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Frame ID: AEBEF6F5508668E06F8C1E6C26D4B6BD
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Frame ID: 7D0142EF3A5C1BC34FD9FE82F0560B12
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Frame ID: B005BF39076F33465195F1DFA28EF372
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Frame ID: 8B3E456BC47E170D0E748DEB3EAC72F4
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Frame ID: F411A568F861003F4672D7EFCF53DCAA
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Frame ID: 4A31B3D17D8972367F19C9414DC53802
Requests: 20 HTTP requests in this frame

Frame: https://video.unrulymedia.com/native/native-loader.js
Frame ID: 3BEEEBEBAAFC903ABAD5E195EDE093AE
Requests: 4 HTTP requests in this frame

Frame: https://video.unrulymedia.com/native/et_v1.0.1679-0-g81025a8.js
Frame ID: F091B5D913870537B2224D0D33E0D178
Requests: 9 HTTP requests in this frame

Frame: https://video.unrulymedia.com/iframes/third-party-iframes.html?clientver=v1.0.1679-0-g81025a8&siteId=1101818
Frame ID: 1A4741DB36FCB42153A9E8A6BC4508C1
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Frame ID: E7482C5947C6C0E7473C6D97BF8B0F42
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1597836885501&secure=true&version=9&mobile=false&uuid=beccba29-b993-4231-9c77-345844f245a5&title=Cryptojacking%20worm%20steals%20AWS%20credentials%20from%20Docker%20systems&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F
Frame ID: 35FF769F728038A9CD2611B2BBB3C267
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
Frame ID: 016FC2FD24DD21BB4F4C362B3EE77847
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1597836885016&secure=true&version=9&mobile=false&uuid=beccba29-b993-4231-9c77-345844f245a5&title=Cryptojacking%20worm%20steals%20AWS%20credentials%20from%20Docker%20systems&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F
Frame ID: 3BF4AB33D63B294AF35BA339DCA3FD52
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C74107006AA1812BBA145D079DAA543A
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2534C8D684B272968E06C37C9F2645D8
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
Frame ID: C4E02613B2F3B4DCF5BE8543ED9040C1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2650BD989F0C44E5768466C5DEAAC530
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: D22DA1A5B656C0A680B00E0F2F06941B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?ccpa=1---
Frame ID: CD149913845A4232C169440AF7983FE6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 70937AE97C3BCF77536E82D1A51E2178
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 47D51BA6606D93AA307BDB0C20B89EA6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?ccpa=1---
Frame ID: C3902B60136B9E297C0F382C99323C6A
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 47C1A25B51197B75C07594AA0B7B79B0
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

304
Requests

100 %
HTTPS

38 %
IPv6

46
Domains

71
Subdomains

62
IPs

8
Countries

4048 kB
Transfer

11259 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 302
  • https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
Request Chain 22
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/46383/connatix.playspace.dc.js
Request Chain 99
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1597836883493&ns_c=UTF-8&cv=3.5&c8=Cryptojacking%20worm%20steals%20AWS%20credentials%20from%20Docker%20systems&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1597836883493&ns_c=UTF-8&cv=3.5&c8=Cryptojacking%20worm%20steals%20AWS%20credentials%20from%20Docker%20systems&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&c9=&cs_ak_ss=1
Request Chain 176
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 190
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 250
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046035;dc_trk_aid=461813827;dc_trk_cid=106332843;ord=3472132697;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046035;dc_pre=CNrviqCWp-sCFQrFuwgd9zUAQg;dc_trk_aid=461813827;dc_trk_cid=106332843;ord=3472132697;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 301
  • https://eb2.3lift.com/sync?us_privacy=1---& HTTP 302
  • https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Request Chain 303
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1--- HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
Request Chain 307
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1--- HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---

304 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
69 KB
16 KB
Document
General
Full URL
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.60.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55ed4df8b046f6e8f22e5b52f39fe1bb1b8c6775eea5af867a0569fd9ffdeb46
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.bleepingcomputer.com
:scheme
https
:path
/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 19 Aug 2020 11:34:42 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d5383340f30355433b88e6aed707d6f8b1597836881; expires=Fri, 18-Sep-20 11:34:41 GMT; path=/; domain=.bleepingcomputer.com; HttpOnly; SameSite=Lax; Secure session_id=2cef9594b45322cdf5f9f4d376184d47; path=/; domain=.bleepingcomputer.com; httponly;Secure lav=8994; expires=Fri, 18-Sep-2020 11:34:42 GMT; Max-Age=2592000; path=/;Secure
content-security-policy
upgrade-insecure-requests;
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
last-modified
Tue, 18 Aug 2020 15:39:01 GMT
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
cf-request-id
04a819072c0000c79da7195200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5c53911eaa41c79d-AMS
content-encoding
br
css
fonts.googleapis.com/
15 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dda7ea92135dcf21660d4d79391d303fc38f6a6524ae74bbe2986f1d2e990d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Aug 2020 11:34:42 GMT
server
ESF
date
Wed, 19 Aug 2020 11:34:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Aug 2020 11:34:42 GMT
bootstrap.css
www.bleepstatic.com/css/redesign/
111 KB
17 KB
Stylesheet
General
Full URL
https://www.bleepstatic.com/css/redesign/bootstrap.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
br
cf-cache-status
HIT
age
114610
cf-polished
origSize=137522
status
200
cf-request-id
04a81909900000fa60a317b200000001
last-modified
Fri, 23 Sep 2016 14:33:06 GMT
server
cloudflare
etag
W/"2184297232"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Tue, 22 Sep 2020 03:44:32 GMT
cache-control
max-age=3024000
cf-ray
5c5391228aacfa60-AMS
cf-bgj
minify
main.css
www.bleepstatic.com/css/redesign/
52 KB
10 KB
Stylesheet
General
Full URL
https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ceba3cc609ad8cc0e38c894672d63a3471cb5bba40bacd1d6e5fd9dbf7f0472

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
br
cf-cache-status
HIT
age
2728722
cf-polished
origSize=62303
status
200
cf-request-id
04a81909900000fa60a317c200000001
last-modified
Tue, 19 May 2020 21:26:04 GMT
server
cloudflare
etag
W/"2769485951"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Fri, 26 Jun 2020 19:46:44 GMT
cache-control
max-age=3024000
cf-ray
5c5391228aadfa60-AMS
cf-bgj
minify
home.css
www.bleepstatic.com/css/redesign/
12 KB
3 KB
Stylesheet
General
Full URL
https://www.bleepstatic.com/css/redesign/home.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
br
cf-cache-status
HIT
age
6239
cf-polished
origSize=14998
status
200
cf-request-id
04a81909900000fa60a317d200000001
last-modified
Sat, 24 Mar 2018 16:18:00 GMT
server
cloudflare
etag
W/"2402535603"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Wed, 27 Mar 2019 21:45:08 GMT
cache-control
max-age=3024000
cf-ray
5c5391228aaffa60-AMS
cf-bgj
minify
news.css
www.bleepstatic.com/css/redesign/
27 KB
5 KB
Stylesheet
General
Full URL
https://www.bleepstatic.com/css/redesign/news.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d88c6a9ea4370abd8360a86f75308b72819b8e91f78e8d7a1455b3b4a74f8c1

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
br
cf-cache-status
HIT
age
5774
cf-polished
origSize=32994
status
200
cf-request-id
04a81909900000fa60a317e200000001
last-modified
Thu, 28 May 2020 21:11:10 GMT
server
cloudflare
etag
W/"3498984215"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Thu, 02 Jul 2020 21:12:09 GMT
cache-control
max-age=3024000
cf-ray
5c5391228ab0fa60-AMS
cf-bgj
minify
jquery-1.11.1.min.js
www.bleepstatic.com/js/redesign/
94 KB
32 KB
Script
General
Full URL
https://www.bleepstatic.com/js/redesign/jquery-1.11.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
br
cf-cache-status
HIT
age
6329
status
200
cf-request-id
04a81909900000fa60a317f200000001
last-modified
Thu, 23 Apr 2015 12:36:44 GMT
server
cloudflare
etag
W/"3647451394"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
5c5391228ab1fa60-AMS
expires
Tue, 10 Dec 2019 08:09:38 GMT
news.js
www.bleepstatic.com/js/redesign/
183 B
263 B
Script
General
Full URL
https://www.bleepstatic.com/js/redesign/news.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
br
cf-cache-status
HIT
age
5673
cf-polished
origSize=247
status
200
cf-request-id
04a81909ba0000fa60a3189200000001
last-modified
Wed, 16 Dec 2015 15:41:46 GMT
server
cloudflare
etag
W/"4218930423"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
expires
Thu, 23 Apr 2020 05:25:20 GMT
cache-control
max-age=3024000
cf-ray
5c539122cb42fa60-AMS
cf-bgj
minify
js
www.googletagmanager.com/gtag/
89 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e1f341f14db09393bb0df14c2e1163be6ff46d182aba73b96a125f29108efecb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35740
x-xss-protection
0
last-modified
Wed, 19 Aug 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Aug 2020 11:34:42 GMT
logo.png
www.bleepstatic.com/images/site/
1 KB
1 KB
Image
General
Full URL
https://www.bleepstatic.com/images/site/logo.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
cf-cache-status
HIT
age
731780
cf-polished
origFmt=png, origSize=1882
status
200
content-disposition
inline; filename="logo.webp"
content-length
1152
cf-request-id
04a81909ed0000fa60a318f200000001
last-modified
Sat, 04 Mar 2017 04:12:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 10 Sep 2020 00:18:22 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c5391231bf8fa60-AMS
cf-bgj
imgq:85,h2pri
brand
cse.google.com/coop/cse/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
3 KB
2 KB
Script
General
Full URL
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
pfe /
Resource Hash
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:11:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
pfe
age
1418
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1181
x-xss-protection
0
expires
Wed, 19 Aug 2020 11:41:04 GMT

Redirect headers

date
Wed, 19 Aug 2020 11:34:42 GMT
x-content-type-options
nosniff
server
sffe
status
302
content-type
text/html; charset=UTF-8
location
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
266
x-xss-protection
0
Botnet-AWS.jpg
www.bleepstatic.com/content/posts/2020/08/18/
324 KB
324 KB
Image
General
Full URL
https://www.bleepstatic.com/content/posts/2020/08/18/Botnet-AWS.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d147bef307cb390e6afe377ee7325a54375832338df4b793b5e183c69d2cba5

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
cf-cache-status
HIT
age
71716
cf-polished
degrade=85, origSize=405587, status=webp_bigger
status
200
content-length
331378
cf-request-id
04a81909ed0000fa60a3190200000001
last-modified
Tue, 18 Aug 2020 15:29:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 17 Sep 2020 15:39:25 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c5391231bfafa60-AMS
cf-bgj
imgq:85,h2pri
Code%20used%20for%20spreading%20to%20other%20Docker%20systems.png
www.bleepstatic.com/images/news/u/1109292/2020/
34 KB
35 KB
Image
General
Full URL
https://www.bleepstatic.com/images/news/u/1109292/2020/Code%20used%20for%20spreading%20to%20other%20Docker%20systems.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1863167a05bbf84826e0d1109204d383fb59f03f119b40b507c81a32268d5da

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
cf-cache-status
HIT
age
71732
cf-polished
origFmt=png, origSize=98481
status
200
content-disposition
inline; filename="Code%20used%20for%20spreading%20to%20other%20Docker%20systems.webp"
content-length
35256
cf-request-id
04a81909ed0000fa60a3191200000001
last-modified
Tue, 18 Aug 2020 15:21:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 17 Sep 2020 15:39:10 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c5391231bfbfa60-AMS
cf-bgj
imgq:85,h2pri
Code%20used%20to%20steal%20AWS%20credentials.jpg
www.bleepstatic.com/images/news/u/1109292/2020/
26 KB
27 KB
Image
General
Full URL
https://www.bleepstatic.com/images/news/u/1109292/2020/Code%20used%20to%20steal%20AWS%20credentials.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a572f885750bb5525583831cc7964585a70881c7096ff8fb93398bdd9a99ca97

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
cf-cache-status
HIT
age
71731
cf-polished
origFmt=png, origSize=99585
status
200
content-disposition
inline; filename="Code%20used%20to%20steal%20AWS%20credentials.webp"
content-length
27056
cf-request-id
04a81909ed0000fa60a3192200000001
last-modified
Tue, 18 Aug 2020 14:58:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 17 Sep 2020 15:39:11 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c5391231bfdfa60-AMS
cf-bgj
imgq:85,h2pri
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
124 KB
44 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da74d150d8f46e382a0ee99f126272518aa260e799a45e453258d6b1916c36db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
44511
x-xss-protection
0
server
cafe
etag
2565732062522954817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 19 Aug 2020 11:34:42 GMT
qualys-logo.png
www.bleepstatic.com/images/logos/companies/qualys/
10 KB
10 KB
Image
General
Full URL
https://www.bleepstatic.com/images/logos/companies/qualys/qualys-logo.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e9322d90411989f7e09ef5ad4a3465d6cb97c77741d1030b254cd50d7c7ffe5

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
cf-cache-status
HIT
age
557824
cf-polished
origFmt=png, origSize=28795
status
200
content-disposition
inline; filename="qualys-logo.webp"
content-length
10050
cf-request-id
04a81909ed0000fa60a3193200000001
last-modified
Tue, 19 May 2020 21:36:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 12 Sep 2020 00:37:37 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c5391231bfefa60-AMS
cf-bgj
imgq:85,h2pri
twitter.png
www.bleepstatic.com/images/site/login/
282 B
705 B
Image
General
Full URL
https://www.bleepstatic.com/images/site/login/twitter.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
cf-cache-status
HIT
age
712583
cf-polished
origFmt=png, origSize=475
status
200
content-disposition
inline; filename="twitter.webp"
content-length
282
cf-request-id
04a81909ed0000fa60a3194200000001
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 10 Sep 2020 05:38:18 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c5391231c01fa60-AMS
cf-bgj
imgq:85,h2pri
bootstrap.js
www.bleepstatic.com/js/redesign/
44 KB
10 KB
Script
General
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
br
cf-cache-status
HIT
age
114609
cf-polished
origSize=65813
status
200
cf-request-id
04a81909ed0000fa60a3195200000001
last-modified
Thu, 23 Apr 2015 12:36:43 GMT
server
cloudflare
etag
W/"3930092018"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
expires
Tue, 22 Sep 2020 03:44:33 GMT
cache-control
max-age=3024000
cf-ray
5c5391231c02fa60-AMS
cf-bgj
minify
blazy.min.js
www.bleepstatic.com/js/blazy/
5 KB
2 KB
Script
General
Full URL
https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
br
cf-cache-status
HIT
age
6329
status
200
cf-request-id
04a81909d20000fa60a318b200000001
last-modified
Thu, 16 Aug 2018 21:06:19 GMT
server
cloudflare
etag
W/"753357888"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
5c539122eb75fa60-AMS
expires
Wed, 29 Apr 2020 07:26:28 GMT
bleep.js
www.bleepstatic.com/js/redesign/
3 KB
820 B
Script
General
Full URL
https://www.bleepstatic.com/js/redesign/bleep.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
br
cf-cache-status
HIT
age
6329
cf-polished
origSize=3600
status
200
cf-request-id
04a81909ed0000fa60a3196200000001
last-modified
Mon, 01 Oct 2018 12:47:57 GMT
server
cloudflare
etag
W/"2696894447"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
expires
Wed, 22 Apr 2020 23:15:56 GMT
cache-control
max-age=3024000
cf-ray
5c5391231c04fa60-AMS
cf-bgj
minify
jquery.fancybox.js
www.bleepstatic.com/js/redesign/fancybox/
31 KB
10 KB
Script
General
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
br
cf-cache-status
HIT
age
5673
cf-polished
origSize=48706
status
200
cf-request-id
04a81909ed0000fa60a3197200000001
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"327140449"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
expires
Wed, 29 Apr 2020 08:11:43 GMT
cache-control
max-age=3024000
cf-ray
5c5391231c05fa60-AMS
cf-bgj
minify
fixto.min.js
www.bleepstatic.com/js/fixto/
8 KB
3 KB
Script
General
Full URL
https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
br
cf-cache-status
HIT
age
5981
status
200
cf-request-id
04a81909ed0000fa60a318e200000001
last-modified
Sat, 13 Jun 2015 21:34:42 GMT
server
cloudflare
etag
W/"1740214911"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
5c5391231bf4fa60-AMS
expires
Wed, 11 Dec 2019 05:46:52 GMT
addthis_widget.js
s9.addthis.com/js/300/
353 KB
114 KB
Script
General
Full URL
https://s9.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 15:49:19 GMT
server
nginx/1.15.8
etag
"5ed917ff-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
status
200
cache-control
public, max-age=600
date
Wed, 19 Aug 2020 11:34:42 GMT
x-host
s9.addthis.com
content-length
116324
connatix.playspace.dc.js
cds.connatix.com/p/46383/ Frame 85D7
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/46383/connatix.playspace.dc.js
959 KB
231 KB
Script
General
Full URL
https://cds.connatix.com/p/46383/connatix.playspace.dc.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
363f22c76410442e2a630649ba500312ff284f6e2744edc863fd9d6aeb56defe

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
gzip
age
75945
x-cache
HIT, HIT
status
200
content-length
236699
x-served-by
cache-dca17777-DCA, cache-ams21062-AMS
access-control-allow-origin
*
last-modified
Tue, 18 Aug 2020 13:56:27 GMT
x-timer
S1597836883.580539,VS0,VE0
etag
"474ebfdcb96d1f369fdacfc2bacd4ee4"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 806

Redirect headers

date
Wed, 19 Aug 2020 11:34:42 GMT
via
1.1 varnish
server
Varnish
age
0
x-served-by
cache-ams21062-AMS
status
302
x-cache
HIT
location
https://cds.connatix.com/p/46383/connatix.playspace.dc.js
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
x-timer
S1597836882.471785,VS0,VE0
content-length
0
retry-after
0
x-cache-hits
0
pubfig.min.js
a.pub.network/bleepingcomputer-com/
317 KB
78 KB
Script
General
Full URL
https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef66bc33d4c15b20ec273c7738568ed5d5004eb9a329182d0c09ad1cfcdfc691

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
br
cf-cache-status
HIT
x-guploader-uploadid
AAANsUno2ID9t8f7zZBdxWmpg5yGmuos_vyQBM-xOP8ZHXhITCNLCs_A1k8IeBx7Dnv3IQj7j7cCY0oaq32DlcZElFkFO-8PwQ
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
cf-request-id
04a81909fe0000fa24db25d200000001
last-modified
Fri, 14 Aug 2020 00:37:22 GMT
server
cloudflare
etag
W/"9db7f9b4db273b658aaafbac5b6fd38c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=yxBIpg==, md5=nbf5tNsnO2WKqvusW2/TjA==
x-goog-generation
1597365442721454
cache-control
public, max-age=1800
x-goog-stored-content-length
324403
cf-ray
5c5391233ee4fa24-AMS
expires
Tue, 18 Aug 2020 03:45:33 GMT
fab.js
ecdn.analysis.fi/static/js/
4 KB
2 KB
Script
General
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.79.175.86 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-178-79-175-86.london.nodebalancer.linode.com
Software
nginx/1.12.2 /
Resource Hash
affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 11:33:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Jul 2015 00:00:00 GMT
Server
nginx/1.12.2
ETag
"55a5a280-560"
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
close
Content-Length
1376
Expires
Wed, 19 Aug 2020 12:33:18 GMT
fi_client.js
ecdn.firstimpression.io/
619 KB
185 KB
Script
General
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.93.184 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-185-3-93-184.london.nodebalancer.linode.com
Software
nginx/1.12.2 / PHP/7.3.11
Resource Hash
a03ef67e3e5d381fba17ef505ad2acd15efdefa17fff571750617c817b52b268
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 11:33:09 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 01 Jan 2015 00:00:00 GMT
Server
nginx/1.12.2
X-Powered-By
PHP/7.3.11
ETag
d0215a40209b1b2eddff4f529e88c2be
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
X-XSS-Protection
0
Expires
Wed, 19 Aug 2020 12:33:09 GMT
v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-
dapperdiscussion.com/
299 KB
71 KB
Script
General
Full URL
https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
11.64.190.35.bc.googleusercontent.com
Software
/
Resource Hash
b4059f5282a71b1ac7db679bf951fba85322fb2a5fbdeecd9cf8fa273318de2f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"880a0a7ccfec7c161c18866f889fa7f5f1972687d0e8284bb6d8dd6280091e7a"
vary
Accept-Encoding, Accept-Language
x-hostname
regan
content-type
text/javascript; charset=utf-8
status
200
cache-control
private, must-revalidate, max-age=21600
date
Wed, 19 Aug 2020 11:34:42 GMT
timing-allow-origin
*
v2vkrpzjNyY_WxSqEzbeRN2M4LHJh_MULKWmhTVq243XzNKhLyQ9cKaL1JJlAW9qKVz_EbheXcUz91lDtbg
dapperdiscussion.com/
14 KB
5 KB
Script
General
Full URL
https://dapperdiscussion.com/v2vkrpzjNyY_WxSqEzbeRN2M4LHJh_MULKWmhTVq243XzNKhLyQ9cKaL1JJlAW9qKVz_EbheXcUz91lDtbg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
11.64.190.35.bc.googleusercontent.com
Software
/
Resource Hash
d891249bb070f521f34a78e2ed2ac22e71dc58a745d67563ce63a5d6371f2489
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
etag
"f37648e4f368e3691f5e5411528d0968261f9b76751a984d31006f302ac29ca8"
vary
Accept-Encoding, Accept-Language
x-hostname
regan
content-type
text/javascript; charset=utf-8
status
200
cache-control
private, must-revalidate, max-age=21600
date
Wed, 19 Aug 2020 11:34:42 GMT
timing-allow-origin
*
login_bg.png
www.bleepstatic.com/images/site/
126 B
407 B
Image
General
Full URL
https://www.bleepstatic.com/images/site/login_bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
cf-cache-status
HIT
age
114609
cf-polished
origFmt=png, origSize=187
status
200
content-disposition
inline; filename="login_bg.webp"
content-length
126
cf-request-id
04a81909ed0000fa60a3198200000001
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 17 Sep 2020 03:44:33 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c5391231c06fa60-AMS
cf-bgj
imgq:85,h2pri
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 09:53:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
697300
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 11 Aug 2021 09:53:02 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 01:57:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
725847
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Wed, 11 Aug 2021 01:57:15 GMT
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
nav_bg.png
www.bleepstatic.com/images/site/
72 B
373 B
Image
General
Full URL
https://www.bleepstatic.com/images/site/nav_bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
cf-cache-status
HIT
age
563519
cf-polished
origFmt=png, origSize=83
status
200
content-disposition
inline; filename="nav_bg.webp"
content-length
72
cf-request-id
04a8190a190000fa60a319b200000001
last-modified
Sat, 04 Mar 2017 07:57:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 11 Sep 2020 23:02:43 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c5391235c89fa60-AMS
cf-bgj
imgq:85,h2pri
20x20-printer.png
www.bleepstatic.com/images/site/
422 B
646 B
Image
General
Full URL
https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
cf-cache-status
HIT
age
753586
cf-polished
origFmt=png, origSize=824
status
200
content-disposition
inline; filename="20x20-printer.webp"
content-length
422
cf-request-id
04a8190a210000fa60a319c200000001
last-modified
Sat, 03 Oct 2015 03:18:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 09 Sep 2020 18:14:56 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c5391236c94fa60-AMS
cf-bgj
imgq:85,h2pri
calendar.png
www.bleepstatic.com/images/site/
86 B
422 B
Image
General
Full URL
https://www.bleepstatic.com/images/site/calendar.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
cf-cache-status
HIT
age
555482
cf-polished
origFmt=png, origSize=129
status
200
content-disposition
inline; filename="calendar.webp"
content-length
86
cf-request-id
04a8190a210000fa60a319d200000001
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 12 Sep 2020 01:16:40 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c5391236c97fa60-AMS
cf-bgj
imgq:85,h2pri
clock.png
www.bleepstatic.com/images/site/
252 B
535 B
Image
General
Full URL
https://www.bleepstatic.com/images/site/clock.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
cf-cache-status
HIT
age
757982
cf-polished
origFmt=png, origSize=1316
status
200
content-disposition
inline; filename="clock.webp"
content-length
252
cf-request-id
04a8190a220000fa60a319e200000001
last-modified
Fri, 29 May 2015 07:08:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 09 Sep 2020 17:01:39 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c5391236c9cfa60-AMS
cf-bgj
imgq:85,h2pri
comment-light.png
www.bleepstatic.com/images/site/
96 B
288 B
Image
General
Full URL
https://www.bleepstatic.com/images/site/comment-light.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
cf-cache-status
HIT
age
755966
cf-polished
origFmt=png, origSize=1034
status
200
content-disposition
inline; filename="comment-light.webp"
content-length
96
cf-request-id
04a8190a220000fa60a319f200000001
last-modified
Fri, 29 May 2015 07:08:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 09 Sep 2020 17:35:16 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c5391236c9efa60-AMS
cf-bgj
imgq:85,h2pri
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 10 Aug 2020 15:00:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
765235
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Tue, 10 Aug 2021 15:00:47 GMT
32x32-printer.png
www.bleepstatic.com/images/site/
256 B
449 B
Image
General
Full URL
https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
cf-cache-status
HIT
age
759660
cf-polished
origFmt=png, origSize=618
status
200
content-disposition
inline; filename="32x32-printer.webp"
content-length
256
cf-request-id
04a8190a9a0000fa60a31a6200000001
last-modified
Fri, 02 Oct 2015 21:57:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 09 Sep 2020 16:33:42 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c5391242e29fa60-AMS
cf-bgj
imgq:85,h2pri
71f54ec34151fbdfe89e478d7b6e5ddf.jpg
www.bleepstatic.com/author/photos/
5 KB
5 KB
Image
General
Full URL
https://www.bleepstatic.com/author/photos/71f54ec34151fbdfe89e478d7b6e5ddf.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a6bfabe65ca353e4359be32e10d40b8b514590b536dd93499bc1067e4bf6329

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
cf-cache-status
HIT
age
3613
cf-polished
origSize=6170, status=webp_bigger
status
200
content-length
4965
cf-request-id
04a8190a9a0000fa60a31a7200000001
last-modified
Wed, 02 Jan 2019 02:04:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 18 Apr 2020 08:24:56 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c5391242e2bfa60-AMS
cf-bgj
imgq:85
h4-bg.png
www.bleepstatic.com/images/site/
38 B
372 B
Image
General
Full URL
https://www.bleepstatic.com/images/site/h4-bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
cf-cache-status
HIT
age
1164723
cf-polished
origFmt=png, origSize=72
status
200
content-disposition
inline; filename="h4-bg.webp"
content-length
38
cf-request-id
04a8190a9a0000fa60a31a8200000001
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 05 Sep 2020 00:02:38 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c5391242e2efa60-AMS
cf-bgj
imgq:85,h2pri
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 10 Aug 2020 15:05:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
764927
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Tue, 10 Aug 2021 15:05:55 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
3661
date
Wed, 19 Aug 2020 10:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Wed, 19 Aug 2020 12:33:41 GMT
integrator.js
adservice.google.de/adsid/
109 B
246 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
168 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200817/r20190131/
225 KB
85 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200817/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7201c68941659b42bc4a7fb8c660618005582eeaadfa91c4f9057d913c9ddf68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
86376
x-xss-protection
0
server
cafe
etag
10615677850977864939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Aug 2020 11:34:42 GMT
news_email_icon.png
www.bleepstatic.com/images/site/
126 B
530 B
Image
General
Full URL
https://www.bleepstatic.com/images/site/news_email_icon.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/home.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a

Request headers

Referer
https://www.bleepstatic.com/css/redesign/home.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
cf-cache-status
HIT
age
1166332
cf-polished
origFmt=png, origSize=1105
status
200
content-disposition
inline; filename="news_email_icon.webp"
content-length
126
cf-request-id
04a8190af20000fa60a31af200000001
last-modified
Fri, 29 May 2015 07:10:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 04 Sep 2020 23:35:50 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c539124bf0cfa60-AMS
cf-bgj
imgq:85,h2pri
news_footer_icon.png
www.bleepstatic.com/images/site/
110 B
313 B
Image
General
Full URL
https://www.bleepstatic.com/images/site/news_footer_icon.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=5.19.20.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
cf-cache-status
HIT
age
562636
cf-polished
origFmt=png, origSize=186
status
200
content-disposition
inline; filename="news_footer_icon.webp"
content-length
110
cf-request-id
04a8190af20000fa60a31b0200000001
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 11 Sep 2020 23:17:25 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c539124bf0ffa60-AMS
cf-bgj
imgq:85,h2pri
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200817/r20190131/ Frame BCD3
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200817/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200817/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 17 Aug 2020 20:30:46 GMT
expires
Mon, 31 Aug 2020 20:30:46 GMT
content-type
text/html; charset=UTF-8
etag
1003971328536524430
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4617
x-xss-protection
0
cache-control
public, max-age=1209600
age
140636
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
favicon.ico
ad.doubleclick.net/
1 KB
470 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f198.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 18 Aug 2020 16:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69463
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 19 Aug 2020 16:16:59 GMT
cookie
d.pub.network/
36 B
472 B
XHR
General
Full URL
https://d.pub.network/cookie
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
a76acd5ea27cce3460f6043bb84ef68bea1403610cd0273413c81ceba804d993

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 19 Aug 2020 11:34:43 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
gpt.js
www.googletagservices.com/tag/js/
54 KB
18 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed8d39a3541368243e5fc78ad604bc830a4df8908fba9cb0964d9729b8405ba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"606 / 470 of 1000 / last-modified: 1597833747"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
18707
x-xss-protection
0
expires
Wed, 19 Aug 2020 11:34:42 GMT
gallery.js
freestar-io.videoplayerhub.com/
113 KB
27 KB
Script
General
Full URL
https://freestar-io.videoplayerhub.com/gallery.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6339f780bdef9300fcb91084aa935e9b624fe94baf78a4633059eeda23205479

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
via
1.1 fc1009b8e45427207e2a571827e9dd24.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
6597
x-cache
Hit from cloudfront
status
200
content-encoding
br
content-type
application/javascript
cf-request-id
04a8190b890000d91d758cf200000001
last-modified
Fri, 14 Aug 2020 19:02:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
hCy7LJN8htRFSSqlc7DQSDMH7cUbWgJJ
cache-control
max-age=86400
x-amz-cf-pop
ATL51-C1
cf-ray
5c539125a9f1d91d-AMS
x-amz-cf-id
dPJvRPiDEVDmWAB89pRg9Pt9VBi3sku-Tcw4F6SYN7GFTjxF7DqF-g==
prebid-analytics-3.26.1.js
a.pub.network/core/
413 KB
122 KB
Script
General
Full URL
https://a.pub.network/core/prebid-analytics-3.26.1.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55b703024b0ae4678707ef08256e1a982bfc94bc43309ec06b3885519a451f54

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
br
cf-cache-status
HIT
x-guploader-uploadid
AAANsUkEkckFusMrJXi1kLJB1qILjHk2fks2PisWhyHVHqtENCmFz710bncVKU8I6DRgcVDC7BgAqPCKnV0cuh5sGPyf55dcng
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
content-type
text/html
cf-request-id
04a8190b940000fa24db28b200000001
last-modified
Thu, 13 Aug 2020 22:45:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=SqL7Qg==, md5=iRK2H6YKCvoIv8EPNoNcOA==
x-goog-generation
1597358705229465
cache-control
private, max-age=86400
x-goog-stored-content-length
423288
cf-ray
5c539125bbf8fa24-AMS
expires
Wed, 18 Aug 2021 18:25:41 GMT
location
d.pub.network/
67 B
514 B
XHR
General
Full URL
https://d.pub.network/location
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
ec4d92217271b00e8918a64ee0c3b302859c196b563f3264637e9f55c7bc04ef

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 19 Aug 2020 11:34:43 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
connatix.playspace.css
cds.connatix.com/p/46383/
100 KB
14 KB
Stylesheet
General
Full URL
https://cds.connatix.com/p/46383/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b3ce2dd4a0e6cd70d762012bfe9df7c7d377d80149ee97318f4030cbf2bde38

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:42 GMT
content-encoding
gzip
age
77449
x-cache
HIT, HIT
status
200
content-length
14640
x-served-by
cache-dca17777-DCA, cache-ams21062-AMS
access-control-allow-origin
*
last-modified
Tue, 18 Aug 2020 13:56:27 GMT
x-timer
S1597836883.945792,VS0,VE0
etag
"e8e2694c1ea99bf70739446996d39820"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 1738
moatframe.js
z.moatads.com/addthismoatframe568911941483/
2 KB
1 KB
Script
General
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.255.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-255-233.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
2C4302C3AC34E1EE
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=53326
accept-ranges
bytes
content-length
948
x-amz-id-2
N0wPWigKzH3et0jDIorCniP2v9DAfl9bh/DOTJglICel5rgQ6cYnBUm437Q9yTFR0izxmkL79q0=
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/
2 KB
855 B
Script
General
Full URL
https://v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/_ate.track.config_resp
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
content-encoding
gzip
etag
-1659864586--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
public, max-age=5, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
678
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 916D
0
0

sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame D747
0
0
Document
General
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s7.addthis.com
:scheme
https
:path
/static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

status
200
server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 09 Sep 2019 15:34:57 GMT
etag
W/"5d767121-1115f"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
25412
date
Wed, 19 Aug 2020 11:34:43 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
292x176_canival-cruises.jpg
www.bleepstatic.com/content/hl-images/2020/08/17/thumb/
10 KB
11 KB
Image
General
Full URL
https://www.bleepstatic.com/content/hl-images/2020/08/17/thumb/292x176_canival-cruises.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
505a26d47d5767bae19ce9b81c3fb11a509361c7a97ef36e371bc0c7130b9b6e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
cf-cache-status
HIT
age
92646
cf-polished
origSize=10777, status=webp_bigger
status
200
content-length
10432
cf-request-id
04a8190c3f0000fa60a31c4200000001
last-modified
Mon, 17 Aug 2020 20:53:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 17 Sep 2020 09:50:36 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c539126cb0dfa60-AMS
cf-bgj
imgq:85,h2pri
292x176_china-notepad-censor-blk.jpg
www.bleepstatic.com/content/posts/2020/08/17/thumb/
3 KB
3 KB
Image
General
Full URL
https://www.bleepstatic.com/content/posts/2020/08/17/thumb/292x176_china-notepad-censor-blk.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e93656546954ba710bc3006375132f7f550eb43738227e2c46afa147e5476752

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
cf-cache-status
HIT
age
27065
cf-polished
qual=85, origFmt=jpeg, origSize=4100
status
200
content-disposition
inline; filename="292x176_china-notepad-censor-blk.webp"
content-length
3128
cf-request-id
04a8190c3f0000fa60a31c5200000001
last-modified
Mon, 17 Aug 2020 20:08:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 18 Sep 2020 04:03:37 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5c539126cb10fa60-AMS
cf-bgj
imgq:85,h2pri
jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
content-encoding
br
cf-cache-status
HIT
age
5787
cf-polished
origSize=4895
status
200
cf-request-id
04a8190c3f0000fa60a31c6200000001
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"9108074"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Fri, 01 Nov 2019 06:12:37 GMT
cache-control
max-age=3024000
cf-ray
5c539126cb12fa60-AMS
cf-bgj
minify
font-awesome.css
www.bleepstatic.com/css/redesign/
22 KB
5 KB
Stylesheet
General
Full URL
https://www.bleepstatic.com/css/redesign/font-awesome.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
content-encoding
br
cf-cache-status
HIT
age
6036
cf-polished
origSize=26776
status
200
cf-request-id
04a8190c3f0000fa60a31c7200000001
last-modified
Tue, 03 May 2016 04:39:29 GMT
server
cloudflare
etag
W/"1700274315"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Fri, 12 Jun 2020 04:55:42 GMT
cache-control
max-age=3024000
cf-ray
5c539126cb14fa60-AMS
cf-bgj
minify
collect
www.google-analytics.com/r/
35 B
79 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=666876030&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&ul=en-us&de=UTF-8&dt=Cryptojacking%20worm%20steals%20AWS%20credentials%20from%20Docker%20systems&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=524545744&gjid=1564706251&cid=1170761381.1597836883&tid=UA-91740-1&_gid=1552038753.1597836883&_r=1&gtm=2ou871&z=2065573578
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Aug 2020 11:34:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
spc_fi.php
cdn.firstimpression.io/delivery/
9 KB
3 KB
Script
General
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=5971&url=%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&charset=UTF-8&wrapto=firstSpcFetch&ch=13&ref=www.bleepingcomputer.com&referer=&_firid=90100006&fiodpe=
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.124.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-124-75.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 / PHP/7.3.11
Resource Hash
8aa57c94573d8a0e132536ed043b8a978d2b9412f382a2180c2c7abbdfffe4b1

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Aug 2020 11:34:43 GMT
content-encoding
gzip
server
nginx/1.16.1
x-powered-by
PHP/7.3.11
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript; charset=UTF-8
expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame 278B
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1597765141&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1597836882662&bpp=37&bdt=385&idt=405&shv=r20200817&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4118328455377&frm=20&pv=2&ga_vid=1170761381.1597836883&ga_sid=1597836883&ga_hid=666876030&ga_fc=0&iag=0&icsg=43980475604992&dssz=47&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=3684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066153%2C44723321%2C21066923&oid=3&pvsid=99097593476193&pem=16&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=TIojHOCn4B&p=https%3A//www.bleepingcomputer.com&dtd=423
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200817/r20190131/show_ads_impl_fy2019.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1597765141&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1597836882662&bpp=37&bdt=385&idt=405&shv=r20200817&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4118328455377&frm=20&pv=2&ga_vid=1170761381.1597836883&ga_sid=1597836883&ga_hid=666876030&ga_fc=0&iag=0&icsg=43980475604992&dssz=47&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=3684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066153%2C44723321%2C21066923&oid=3&pvsid=99097593476193&pem=16&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=TIojHOCn4B&p=https%3A//www.bleepingcomputer.com&dtd=423
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 19 Aug 2020 11:34:44 GMT
server
cafe
content-length
16542
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 19-Aug-2020 11:49:43 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 19 Aug 2020 11:34:44 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
71 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200817/r20190131/show_ads_impl_fy2019.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
469aa63ecc2a3fbb6f1a3dd7a7f22980cf5ac166f41964c2901dc23ffbb141e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1597687942166462"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27037
x-xss-protection
0
expires
Wed, 19 Aug 2020 11:34:43 GMT
pubads_impl_2020081301.js
securepubads.g.doubleclick.net/gpt/
262 KB
92 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4da6aabb7a3dc17bb4065edf301173279e2353f15bf6fdfd04bb22faf876bc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Aug 2020 08:41:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93810
x-xss-protection
0
expires
Wed, 19 Aug 2020 11:34:43 GMT
org
mrb.upapi.net/
20 KB
10 KB
Script
General
Full URL
https://mrb.upapi.net/org?o=5714937848528896&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd40e755189c34a3eb9b15124f5505cd23d9e16e1b4be1b38e49b5cd6ea5e7be

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
via
1.1 google
cf-cache-status
HIT
age
3225
status
200
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04a8190cc300009c57bd0cc200000001
server
cloudflare
etag
W/"5e952d733af71f334b5abc8f862c3011"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
cf-ray
5c5391279aa49c57-AMS
fontawesome-webfont.woff
www.bleepstatic.com/fonts/
64 KB
64 KB
Font
General
Full URL
https://www.bleepstatic.com/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/font-awesome.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://www.bleepstatic.com/css/redesign/font-awesome.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2015 09:36:00 GMT
server
cloudflare
age
6327
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
accept-ranges
bytes
cf-ray
5c539127ba4f7233-AMS
access-control-allow-origin
*
content-length
65452
cf-request-id
04a8190cd6000072331a80d200000001
ads
googleads.g.doubleclick.net/pagead/ Frame D6BB
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1597765141&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1597836882887&bpp=3&bdt=611&idt=249&shv=r20200817&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=4118328455377&frm=20&pv=1&ga_vid=1170761381.1597836883&ga_sid=1597836883&ga_hid=666876030&ga_fc=0&iag=0&icsg=175921902919680&dssz=50&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066153%2C44723321%2C21066923&oid=3&pvsid=99097593476193&pem=16&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=255
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200817/r20190131/show_ads_impl_fy2019.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1597765141&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1597836882887&bpp=3&bdt=611&idt=249&shv=r20200817&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=4118328455377&frm=20&pv=1&ga_vid=1170761381.1597836883&ga_sid=1597836883&ga_hid=666876030&ga_fc=0&iag=0&icsg=175921902919680&dssz=50&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066153%2C44723321%2C21066923&oid=3&pvsid=99097593476193&pem=16&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=255
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 19 Aug 2020 11:34:43 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 19-Aug-2020 11:49:43 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 19 Aug 2020 11:34:43 GMT
cache-control
private
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
story
capi.connatix.com/core/ Frame 85D7
1 KB
1 KB
XHR
General
Full URL
https://capi.connatix.com/core/story?v=46383
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.128.233.190 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-233-190.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
491cc7c0fc3c395a2614ab8d0bc133c31f213b1381b52a7329a109fe86c5c01b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 19 Aug 2020 11:34:43 GMT
Content-Encoding
gzip
Server
openresty/1.15.8.2
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1051
portal.html
admiral.mgr.consensu.org/ Frame F0E0
0
0
Document
General
Full URL
https://admiral.mgr.consensu.org/portal.html
Requested by
Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.76.239 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.76.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
admiral.mgr.consensu.org
:scheme
https
:path
/portal.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

status
200
server
nginx
date
Wed, 19 Aug 2020 11:34:43 GMT
content-type
text/html
last-modified
Thu, 16 Apr 2020 16:37:09 GMT
vary
Accept-Encoding
x-hostname
quest
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-encoding
gzip
via
1.1 google
alt-svc
clear
layers.33f5b85045a5f2308467.js
s7.addthis.com/static/
263 KB
76 KB
Script
General
Full URL
https://s7.addthis.com/static/layers.33f5b85045a5f2308467.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 15:49:19 GMT
server
nginx/1.15.8
etag
W/"5ed917ff-41b9f"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Wed, 19 Aug 2020 11:34:43 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77540
code
mrb.upapi.net/
704 KB
223 KB
Script
General
Full URL
https://mrb.upapi.net/code?w=5733492711227392&upapi=true
Requested by
Host: mrb.upapi.net
URL: https://mrb.upapi.net/org?o=5714937848528896&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bccac31167fd264918a8bdf35425a945c84c172d163daa72526e7f6616b8e2bc

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
via
1.1 google
cf-cache-status
HIT
age
2293
status
200
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04a8190d4100009c57bd0d7200000001
server
cloudflare
etag
W/"53aa6269a5c9ff7a16a0ad3247044dad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
cf-ray
5c5391286b389c57-AMS
Ahlu
ad.doubleclick.net/ddm/adj/Baaegs/
11 B
732 B
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/Baaegs/Ahlu
Requested by
Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
172.217.21.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f198.1e100.net
Software
cafe /
Resource Hash
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Aug 2020 11:34:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/
104 KB
27 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-146-86.dus51.r.cloudfront.net
Software
Server /
Resource Hash
66cfd93f20fe1bb1545202b2138ec00c34d51f2cf915409404f4615560dcf7cb

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:22:11 GMT
content-encoding
gzip
server
Server
age
752
etag
455f576a29240d2cfe83996aefcdb576
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
y5sfIIMqcQh7SJO85xUFTBG-P_jPZF2sDVKUVz85Nfz5LazMbEWMbw==
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
v2
d.pub.network/floors/
3 B
449 B
XHR
General
Full URL
https://d.pub.network/floors/v2?key=535desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 19 Aug 2020 11:34:43 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
pubvendors.json
www.bleepingcomputer.com/.well-known/
0
152 B
Fetch
General
Full URL
https://www.bleepingcomputer.com/.well-known/pubvendors.json
Requested by
Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.60.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 15 May 2020 16:27:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"0-5a5b24a1cd4b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
content-type
application/json
status
200
content-security-policy
upgrade-insecure-requests;
accept-ranges
none
cf-ray
5c5391291e95c79d-AMS
content-length
0
cf-request-id
04a8190dac0000c79da7207200000001
48.008759e9efe1c1b693dd.js
s7.addthis.com/static/
281 B
486 B
Script
General
Full URL
https://s7.addthis.com/static/48.008759e9efe1c1b693dd.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 18 Sep 2019 14:16:17 GMT
server
nginx/1.15.8
etag
W/"5d823c31-119"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Wed, 19 Aug 2020 11:34:43 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
246
/
graph.facebook.com/
309 B
653 B
Script
General
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_e1d40
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
93b5e369f56659659682af095f0d35e6585318c7c1791e678c556db3e341e950
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
etag
"01f64c95f96e6a922ed554e14de60b36bb94415a"
status
200
x-fb-rev
1002537583
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
215
pragma
no-cache
x-fb-debug
kIZGcDG0UbVN0FFPj04UkUbR3jBt8KFtgC1sYMsYcv6MMEjgPwFx95Ef5HJQXAQ0gOhpBpb89qnaokGWt8ar/A==
x-fb-trace-id
A4P2l3qg8+x
date
Wed, 19 Aug 2020 11:34:43 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AVd7z8GhUcxdH6eZ5tllHhj
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v3.1
expires
Sat, 01 Jan 2000 00:00:00 GMT
info.json
www.reddit.com/api/
126 B
231 B
Script
General
Full URL
https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&jsonp=_ate.cbs.rcb_d37y0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.53.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
fcfb91186dcd1c29a1cc5391c4c2f99648f39ebae090ba03bf8713cf6002399b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
via
1.1 varnish
x-content-type-options
nosniff
status
200
content-length
126
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-moose
majestic
server
snooserv
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
-1
/
graph.facebook.com/
149 B
334 B
Script
General
Full URL
https://graph.facebook.com/?id=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_dll80
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a774e1a7a5475cdedfa879e0076309c1d2bfdeb7bce389506631274a0fd59653
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
etag
"8b3cb5900853cdfac3f3f17f20f1081da75579aa"
status
200
x-fb-rev
1002537583
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
149
pragma
no-cache
x-fb-debug
9A0CgGB77FSOCHvkbSPAnwt/IveKkFjJqDz1wY+dC22O5BHIr9+XvR57cY0hDKcD6owsvt6ytkxENRZl6Ae9OA==
x-fb-trace-id
DS7H1nCzsJB
date
Wed, 19 Aug 2020 11:34:43 GMT
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AxLOqthqXz8sVpj1DgujaXh
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v3.1
expires
Sat, 01 Jan 2000 00:00:00 GMT
info.json
www.reddit.com/api/
126 B
589 B
Script
General
Full URL
https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&jsonp=_ate.cbs.rcb_a8hl0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.53.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6f7918d5107757163ace80a286f58050542bce4ef9e4c50dfd3b4c2ba18382ec
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
via
1.1 varnish
x-content-type-options
nosniff
status
200
content-length
126
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-moose
majestic
server
snooserv
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
-1
favicon.ico
ad.doubleclick.net/
1 KB
260 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
172.217.21.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f198.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 18 Aug 2020 16:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69464
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 19 Aug 2020 16:16:59 GMT
px.gif
ad-delivery.net/
43 B
628 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.16778455384310065
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
via
1.1 9bd09ac7aca1ea8ca6c788136a9ce480.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
6600
x-cache
Hit from cloudfront
status
200
content-type
image/gif
content-length
43
cf-request-id
04a8190df800000b4f09af3200000001
last-modified
Thu, 27 Jul 2017 18:59:05 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=86400
x-amz-cf-pop
AMS50-C1
accept-ranges
bytes
cf-ray
5c5391298d130b4f-AMS
x-amz-cf-id
yo0wrlqSztIq71ynlizbHVR4IU3ICJWQAwb-Zvcsag4lrIYC0agbeg==
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
720 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
187f239be41d541c6f3d1281845ea641c9a813b679aeb9853da05870c2c8730d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
quant.js
secure.quantserve.com/
22 KB
8 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
content-encoding
gzip
last-modified
Wed, 19-Aug-2020 11:34:43 GMT
etag
M0-2a172724
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
private, no-transform, max-age=604800
strict-transport-security
max-age=86400
content-length
8060
expires
Wed, 26 Aug 2020 11:34:43 GMT
bxl.js
hbx.media.net/
23 KB
9 KB
Script
General
Full URL
https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=www.bleepingcomputer.com&version=&https=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.253.103 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-253-103.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
460eb8d4b80c0435124f0ce7a19b3daee0abe6a4b1a4a253ef95e963b5f8c1ee
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Wed, 19 Aug 2020 11:34:43 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=86400
content-length
8894
x-mnet-hl2
E
expires
Thu, 20 Aug 2020 11:34:43 GMT
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-53-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 11:34:43 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Thu, 20 Aug 2020 11:34:43 GMT
load.js
s.ntv.io/serve/
330 KB
96 KB
Script
General
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.253.191 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-253-191.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
483b2c6e8a3771b651a3c43957e16e7e56f7a11551e8f1b922c59e6c4434b055

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 11:34:43 GMT
Content-Encoding
gzip
x-amz-request-id
0E5993AB209C26CC
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
5POLgS7aiwnAqsSkH16PTbSOj8PQGli3aZMugmUYtYqi9YqAyqahG2pmgdFdvS/rdlcNwil4CPE=
Last-Modified
Tue, 18 Aug 2020 23:01:50 GMT
Server
AmazonS3
ETag
"ab3baf2680821a219478c4f9b63bec18"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame FEE9
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Requested by
Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-23/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
1479
date
Fri, 14 Aug 2020 10:20:35 GMT
expires
Sat, 14 Aug 2021 10:20:35 GMT
last-modified
Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
436448
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-146-86.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:44:36 GMT
content-encoding
gzip
vary
Origin
age
39008
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Tue, 23 Jun 2020 10:10:39 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 3395b043e03ecb4acfd925a6e5a26e92.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
xsJhKE6KxAiLux-BnMeg92pLMqXRIjD61ujySpQCo7PpZv_ZvwbEdw==
pv
backend.upapi.net/
0
114 B
XHR
General
Full URL
https://backend.upapi.net/pv?pid=N0oBLBCRAG&br=chrome&sid=z0cj36pV&w=5733492711227392&cv=06acd59a-v2&r=false&upapi=true
Requested by
Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5733492711227392&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 19 Aug 2020 11:34:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
clear
content-length
0
via
1.1 google
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/
2 KB
1 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:1e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 10:55:28 GMT
content-encoding
gzip
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
age
2356
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
xDWVbKeamWfn1q7XgLDpxL9tL-RAha04dmbqXuTIfV9R7JxuHsx2GQ==
via
1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1597836883493&ns_c=UTF-8&cv=3.5&c8=Cryptojacking%20worm%20steals%20AWS%20credentials%20from%20Docker%20systems&c7=https%3A%2F%2Fw...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1597836883493&ns_c=UTF-8&cv=3.5&c8=Cryptojacking%20worm%20steals%20AWS%20credentials%20from%20Docker%20systems&c7=https%3A%2F%2F...
0
528 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1597836883493&ns_c=UTF-8&cv=3.5&c8=Cryptojacking%20worm%20steals%20AWS%20credentials%20from%20Docker%20systems&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&c9=&cs_ak_ss=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-53-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:43 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1597836883493&ns_c=UTF-8&cv=3.5&c8=Cryptojacking%20worm%20steals%20AWS%20credentials%20from%20Docker%20systems&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:43 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
checksync.php
hbx.media.net/ Frame 59CE
0
0
Document
General
Full URL
https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C186%2C201%2C226%2C10000&usp_status=0&usp_consent=1&https=1&gdpr=1&gdprconsent=2
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=www.bleepingcomputer.com&version=&https=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.253.103 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-253-103.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
hbx.media.net
:scheme
https
:path
/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C186%2C201%2C226%2C10000&usp_status=0&usp_consent=1&https=1&gdpr=1&gdprconsent=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

status
200
server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Sat, 20 Feb 2021 11:34:43 GMT; domain=.media.net; Path=/; sameSite=none; secure=true visitor-id=2408384835006054000V10; Expires=Thu, 19 Aug 2021 11:34:43 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=14832
expires
Wed, 19 Aug 2020 15:41:55 GMT
date
Wed, 19 Aug 2020 11:34:43 GMT
content-length
6794
bid
c.amazon-adsystem.com/e/dtb/
23 B
376 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&pid=RzTL4g89noW20&cb=0&ws=1600x1200&v=7.53.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%5D&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-146-86.dus51.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
status
200
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
1qXQaHIRAkp3r1Ahjq15Kx_i8vNUyifqaPPLXcKECRrbYMTihCg68Q==
bid
c.amazon-adsystem.com/e/dtb/
23 B
376 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&pid=RzTL4g89noW20&cb=1&ws=1600x1200&v=7.53.00&t=1000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%5D&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-146-86.dus51.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
status
200
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
K8gOeHujmd9QJFuFCi24DQgi-FYWHyyGwk33pzozOPgz50eZmxGL8w==
t
jadserve.postrelease.com/
223 B
600 B
Script
General
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&ntv_mvi&us_privacy=1---
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.117.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-117-178.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
1eab91f81bf81819c8832c3a70044b09fc8a6c73fd75df3eda4b0decda03da4f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Aug 2020 11:34:43 GMT
content-encoding
gzip
server
nginx/1.12.1
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
184
expires
Mon, 1 Jan 1990 12:00:00 GMT
sr
capi.connatix.com/tr/ Frame 85D7
0
333 B
XHR
General
Full URL
https://capi.connatix.com/tr/sr?v=46383
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.128.233.190 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-233-190.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 19 Aug 2020 11:34:44 GMT
Content-Encoding
gzip
Server
openresty/1.15.8.2
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
e4e5d8cf-2f07-4180-a671-beb6712fc48d.bin
vid.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ Frame 85D7
2 KB
1 KB
XHR
General
Full URL
https://vid.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/e4e5d8cf-2f07-4180-a671-beb6712fc48d.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f329b7fc2457babced22f0de31b72927034aa90c5154e9703d0b71c6459e7e69

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
content-encoding
gzip
age
16856
x-cache
HIT, HIT
status
200
content-length
811
x-served-by
cache-bwi5140-BWI, cache-ams21045-AMS
last-modified
Wed, 19 Aug 2020 06:49:12 GMT
x-timer
S1597836884.767849,VS0,VE0
etag
"760b70aebafd9228475bcaec5b36b1e8"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
5, 1
1.png
img.connatix.com/067e5169-ece3-4ce8-87ad-c7961b8bb396/
7 KB
7 KB
Image
General
Full URL
https://img.connatix.com/067e5169-ece3-4ce8-87ad-c7961b8bb396/1.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
489caa649bc6af24b5de49c2db88c9ec21f992310412f0bdb136c2a9df3c6a87

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
via
1.1 varnish, 1.1 varnish
age
3169367
x-cache
HIT, HIT
fastly-io-info
ifsz=11996 idim=794x206 ifmt=png ofsz=6988 odim=794x206 ofmt=webp
status
200
fastly-stats
io=1
content-encoding
gzip
content-length
7011
x-served-by
cache-dca17723-DCA, cache-ams21062-AMS
x-timer
S1597836884.752219,VS0,VE1
etag
"ZtgrrdcQwjijqgVjQ/zsHTfkgcr8y8OnGx9yjy8Yz/Q"
vary
Accept
x-amz-request-id
9S3Y6R6V7G8KBTEJ
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 1
ps
capi.connatix.com/tr/ Frame 85D7
0
333 B
XHR
General
Full URL
https://capi.connatix.com/tr/ps?v=46383
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.128.233.190 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-233-190.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 19 Aug 2020 11:34:44 GMT
Content-Encoding
gzip
Server
openresty/1.15.8.2
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
ao
capi.connatix.com/tr/ Frame 85D7
0
333 B
XHR
General
Full URL
https://capi.connatix.com/tr/ao?v=46383
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.128.233.190 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-233-190.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 19 Aug 2020 11:34:44 GMT
Content-Encoding
gzip
Server
openresty/1.15.8.2
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
mq
capi.connatix.com/tr/ Frame 85D7
0
333 B
XHR
General
Full URL
https://capi.connatix.com/tr/mq?v=46383
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.128.233.190 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-233-190.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 19 Aug 2020 11:34:44 GMT
Content-Encoding
gzip
Server
openresty/1.15.8.2
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 85D7
281 KB
96 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffb9ab08b0d705956e14806463f2b8570a3d6d8c5965dfa50ecea37a33ee3db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98098
x-xss-protection
0
expires
Wed, 19 Aug 2020 11:34:43 GMT
pubfig.messaging.2.1.2.js
a.pub.network/core/
196 KB
51 KB
Script
General
Full URL
https://a.pub.network/core/pubfig.messaging.2.1.2.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6883ce59605b04b6c6782ba17cb02dae671c9228e429ced6c1ab1171a38e12a1

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
content-encoding
br
cf-cache-status
HIT
x-guploader-uploadid
AAANsUn1d8qMqQFzYMCCuQCZHpr6o20Mg7m-RPBMV-xEuWZg5KLAGqO1rXn-taCWReLqW5Du1z_2GOJ0O6Zq_1_SJg
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
content-type
text/javascript
cf-request-id
04a8190f990000fa24db2ee200000001
last-modified
Thu, 21 May 2020 18:48:40 GMT
server
cloudflare
etag
W/"a191b1edb3810d2c6bbd73bfed144567"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=ZRmSfw==, md5=oZGx7bOBDSxrvXO/7RRFZw==
x-goog-generation
1590086920350282
cache-control
private, max-age=1800
x-goog-stored-content-length
200438
cf-ray
5c53912c2faafa24-AMS
expires
Wed, 18 Aug 2021 03:44:30 GMT
4c47f964-e6f6-43ea-be0d-22a768a56816.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/
25 KB
25 KB
Image
General
Full URL
https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/4c47f964-e6f6-43ea-be0d-22a768a56816.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ff5be48ba7bafa4fbcd391a3f3cac4bf8715e81650b953aac8f17bb39d0dca0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
via
1.1 varnish, 1.1 varnish
age
17133
x-cache
HIT, HIT
fastly-io-info
ifsz=92132 idim=1280x450 ifmt=jpeg ofsz=25320 odim=800x450 ofmt=webp
status
200
fastly-stats
io=1
content-encoding
gzip
content-length
25348
x-served-by
cache-dca17768-DCA, cache-ams21062-AMS
x-timer
S1597836884.869516,VS0,VE1
etag
"EZZdZvfXc54HGYtERdVlmd1yFaK/qk/VaTGezDgn8d4"
vary
Accept
x-amz-request-id
3A499D0E841DB10C
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 1
b0a17d8f-13ed-46f9-a9a2-4865b42747be.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/
8 KB
8 KB
Image
General
Full URL
https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/b0a17d8f-13ed-46f9-a9a2-4865b42747be.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
64e96e37d0bac26a118af8e4ec865ce6d43bc1eaef2293ca9ebfd888374a1364

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
via
1.1 varnish, 1.1 varnish
age
17133
x-cache
HIT, HIT
fastly-io-info
ifsz=78664 idim=1600x600 ifmt=jpeg ofsz=7976 odim=834x469 ofmt=webp
status
200
fastly-stats
io=1
content-encoding
gzip
content-length
7999
x-served-by
cache-dca17754-DCA, cache-ams21062-AMS
x-timer
S1597836884.869495,VS0,VE1
etag
"C9Tsiml9NGLnctBIk7b7JqbTCrPCrSQVF8FKz9MZnjY"
vary
Accept
x-amz-request-id
0FE3113505F95D96
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 1
d15d1ea0-b1c9-4508-a32c-92fa58fac162.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/
5 KB
6 KB
Image
General
Full URL
https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/d15d1ea0-b1c9-4508-a32c-92fa58fac162.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d6249ec14344037d96f37aec8758b6e1a1b24fd16c8cdbe6c3ea84feb937ff0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
via
1.1 varnish, 1.1 varnish
age
17133
x-cache
HIT, HIT
fastly-io-info
ifsz=82251 idim=1600x800 ifmt=jpeg ofsz=5524 odim=834x469 ofmt=webp
status
200
fastly-stats
io=1
content-encoding
gzip
content-length
5547
x-served-by
cache-dca17771-DCA, cache-ams21062-AMS
x-timer
S1597836884.869489,VS0,VE1
etag
"UhJJD1p8s2FMKD1GYPUEgUBvpMkOwREB7M7kgaj/Zfg"
vary
Accept
x-amz-request-id
5708DA5FC4B96C9C
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 1
888cc652-7cb9-4835-9f3d-11689de2ebca.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/
54 KB
54 KB
Image
General
Full URL
https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/888cc652-7cb9-4835-9f3d-11689de2ebca.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b6fb739a81931613abe2a3938a639daccabecf109c3d4da78233af6ac332e4f8

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
via
1.1 varnish, 1.1 varnish
age
17134
x-cache
HIT, HIT
fastly-io-info
ifsz=128550 idim=1280x450 ifmt=jpeg ofsz=54904 odim=800x450 ofmt=webp
status
200
fastly-stats
io=1
content-encoding
gzip
content-length
54942
x-served-by
cache-dca17726-DCA, cache-ams21062-AMS
x-timer
S1597836884.870189,VS0,VE1
etag
"ACIMGUlFBfZES1BntPJ7XfBhfLQR0nTgwy33nvJW7vU"
vary
Accept
x-amz-request-id
EDD00ABA0D815D36
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 1
362f3ddf-06fd-408f-bb5c-a5273d89e12c.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/
4 KB
5 KB
Image
General
Full URL
https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/362f3ddf-06fd-408f-bb5c-a5273d89e12c.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e4da2fe124722082c7d13da5710223901621d238e6b343f6e835844c6c248745

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
via
1.1 varnish, 1.1 varnish
age
17133
x-cache
HIT, HIT
fastly-io-info
ifsz=85172 idim=1477x740 ifmt=jpeg ofsz=4568 odim=834x469 ofmt=webp
status
200
fastly-stats
io=1
content-encoding
gzip
content-length
4591
x-served-by
cache-dca17765-DCA, cache-ams21062-AMS
x-timer
S1597836884.871399,VS0,VE1
etag
"tHerf2bzpPvVMlwiwdx2lx3xRAEzvcgIpo0MYotf9XA"
vary
Accept
x-amz-request-id
EC90B88A109E9D2F
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 1
bridge3.402.1_en.html
imasdk.googleapis.com/js/core/ Frame CD77
0
0
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.402.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.402.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
191233
date
Tue, 18 Aug 2020 18:14:34 GMT
expires
Wed, 18 Aug 2021 18:14:34 GMT
last-modified
Tue, 18 Aug 2020 18:09:18 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
62409
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 85D7
26 KB
11 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10523
x-xss-protection
0
expires
Wed, 19 Aug 2020 11:34:43 GMT
integrator.js
adservice.google.com/adsid/ Frame 85D7
109 B
807 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 11:34:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200817/r20190131/show_ads_impl_fy2019.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45ce83f6d6e5dabc6ca43ece01bb87bf442d56e444f823d30a451717cdb2f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 11:34:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6315
x-xss-protection
0
v2yol89Rivh_r_0qJ7Afxdzq0PUnbDtpLmHf1Xx9cqgXi3bo2k00apAkOhz7-8MQooXkCbXRCGexSals8
dapperdiscussion.com/
216 B
617 B
Fetch
General
Full URL
https://dapperdiscussion.com/v2yol89Rivh_r_0qJ7Afxdzq0PUnbDtpLmHf1Xx9cqgXi3bo2k00apAkOhz7-8MQooXkCbXRCGexSals8
Requested by
Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
11.64.190.35.bc.googleusercontent.com
Software
/
Resource Hash
56cec7375f7cce32ca45085e1570462984a34f295aa7921db97d8e4eb755ddb2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
status
200
date
Wed, 19 Aug 2020 11:34:44 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
regan
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Wed, 19 Aug 2020 11:34:43 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200817/r20190131/show_ads_impl_fy2019.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Wed, 19 Aug 2020 11:34:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 243F
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Wed, 19 Aug 2020 11:00:38 GMT
expires
Thu, 19 Aug 2021 11:00:38 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2046
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
v2julfTtwjdu424EXWZzk7-U_1VZfQBS7g3ER-v-jDG-9iODw-gH3Mu7kObSo3_2DZvtMPS4ryQLiynWd
dapperdiscussion.com/
3 B
36 B
Fetch
General
Full URL
https://dapperdiscussion.com/v2julfTtwjdu424EXWZzk7-U_1VZfQBS7g3ER-v-jDG-9iODw-gH3Mu7kObSo3_2DZvtMPS4ryQLiynWd
Requested by
Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
11.64.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
status
200
date
Wed, 19 Aug 2020 11:34:44 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
x-hostname
regan
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
gen_204
pagead2.googlesyndication.com/pagead/
0
554 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200817&jk=99097593476193&bg=!JCelJz9YJ_f4wOpZ5yYCAAAAT1IAAAAMmQGv9Nr8giy67SME8TVPg3P_gN3630ZSP9x5Ay-ENqWxnt9oh3Sr8DRF6-Xv7WkX1Z6nC5LiwtylofbX7G0uyxlWdUUXSGgACBCpsSEDEaBJJ1TBAExuTimQ6lUPxjj2yE7bEEodkLzyyqlRTBfLUxIk6KAPzdznPKAiEDufbVZN7hsRcosaOW8IUb8MAMw43141DRlkx4QlITvlVVF121o7SJvhKbaNg47vvpfWuscUEJ9LZ7b7ajUF6C3IfACkhBq_pBhLTMbDjyS3aGY9zeixk4AR8L-HecAPBFQNUxjEm44clfSoNV9lKXx2Z5N6xTArvwqTRplt14muR9qqt78NgYdgeLp8clu-dwDg1ZfQo4UciCAHK78LJL3Iow_ucjxyVwZ9YYmIVH37grI3SaWTTAI2CpqojO-fKcttm0efI5GB2Yin6anOJcDQ9tMd855PrI3EvifleXjOf2sieJMvRRbpi92BbRJfWVJyAg0UIDgewy5N0-eux28Asi-1iTeyEWantHe4MzklF60hinhZq2YCuw-aiJ6LAcBoomgawbgY5LJnK1NjzOfnvNdAsQ4
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Aug 2020 11:34:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/
36 B
344 B
XHR
General
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig.messaging.2.1.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
a76acd5ea27cce3460f6043bb84ef68bea1403610cd0273413c81ceba804d993

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 19 Aug 2020 11:34:44 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
show_companion_ad.js
pagead2.googlesyndication.com/pagead/
284 KB
100 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d608284104f283919b1a5b3b5c4a71cd0b13a482a5a5aa91a72ffc92f6dae33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 10:58:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
101804
x-xss-protection
0
server
cafe
etag
5116636964866393763
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 19 Aug 2020 11:58:50 GMT
ads
securepubads.g.doubleclick.net/gampad/
43 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=99097593476193&correlator=381187452254607&output=ldjh&impl=fifs&adsid=NT&eid=21067043%2C21064170%2C21065516%2C21067071&vrg=2020081301&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200819&iu_parts=107430338%2Cca-pub-1929615694373103-tag%2C1511&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=88x31%7C120x20%7C120x30%7C120x60%7C120x90%7C125x125%7C168x28%7C168x42%7C180x150%7C200x200%7C200x446%7C216x36%7C216x54%7C220x90%7C234x60%7C240x133%7C250x250%7C250x360%7C292x30%7C300x31%7C300x50%7C300x75%7C300x100%7C300x250%7C320x50%7C320x100%7C320x240%7C336x280%7C400x350%7C468x60%7C480x320&prev_scp=domains%3Dwww.bleepingcomputer.com&eri=1&cust_params=user-agent%3DChrome%26section%3Dnews&cookie_enabled=1&bc=31&abxe=1&lmt=1597765141&dt=1597836884599&dlt=1597836882277&idt=1049&frm=20&biw=1600&bih=1200&oid=3&adxs=215&adys=915&adks=4201466092&ucis=1&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&dssz=68&icsg=10871668736&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=834x541&msz=834x541&ga_vid=1170761381.1597836883&ga_sid=1597836883&ga_hid=666876030&fws=4&ohw=834
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
2894cd5e7e698e814fea1665e4cb13312e1a2a8cb163e6426082db0fdf8d9399
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10635
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a16b13982d0c5ec816fc7bd8a4caeae5.safeframe.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://a16b13982d0c5ec816fc7bd8a4caeae5.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

fastlane.json
fastlane.rubiconproject.com/a/api/
260 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55&gdpr=0&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&tk_flint=pbjs_lite_v3.26.0&x_source.tid=095d2403-17fd-48d6-9eb4-1f29ed692b88&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9755752163520368
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
2c41f01fb35e7bb32b8b0a18ee9ab29d6a465a696eae0fcfb61a69e9e33b0b6a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:44 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
display
mantodea.mantisadnetwork.com/prebid/
56 B
346 B
XHR
General
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=-120&buster=1597836884634&secure=true&version=9&mobile=false&title=Cryptojacking%20worm%20steals%20AWS%20credentials%20from%20Docker%20systems&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&measurable=true&bids[0][bidId]=49a61ad55e261c&bids[0][config][property]=5c3404d83e048a00261ad27f&bids[0][config][zone]=bleepingcomputer_970x90_728x90_320x50_sticky&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&property=5c3404d83e048a00261ad27f&foo
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.243.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
51fec69968067d889ece493f10bd9e9cbcd372269b57915cc8ef8477bf48e1f5

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Aug 2020 11:34:44 GMT
status
200
x-powered-by
Express
etag
W/"38-THO0TRq9welIY/eNAdS6zjliXXM"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/
190 B
381 B
XHR
General
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
a7472728634fbcb18886f01d268c47ffd3f33f7eb1fbb198dcbb3214cd5239ce

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Aug 2020 11:34:44 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
190
expires
0
prebid
ib.adnxs.com/ut/v3/
19 B
722 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:44 GMT
X-Proxy-Origin
185.217.171.12; 185.217.171.12; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.238:80
AN-X-Request-Uuid
7a58a10f-4f58-454c-9078-39f9afd0b388
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/
0
62 B
XHR
General
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Aug 2020 11:34:44 GMT
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
cf-ray
5c5391319c426b7d-LHR
access-control-allow-headers
Content-Type, Origin
cf-request-id
04a81912fa00006b7dd82e6200000001
cygnus
as-sec.casalemedia.com/
25 B
762 B
XHR
General
Full URL
https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%22117afe244debe2b%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212daada401892e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221381855643ad0c2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.254.129 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ef98729e900305fa7a1b71b33efea54057ac3c4e3c2bfd07f34a104f4136be44

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:44 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Wed, 19 Aug 2020 11:34:44 GMT
prebid
ib.adnxs.com/ut/v3/
19 B
721 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:44 GMT
X-Proxy-Origin
185.217.171.12; 185.217.171.12; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.49:80
AN-X-Request-Uuid
bf407b74-88a9-4fc7-a7bf-f18e823a9161
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
122 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 19 Aug 2020 11:34:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
arj
freestar-d.openx.net/w/1.0/
190 B
579 B
XHR
General
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=095d2403-17fd-48d6-9eb4-1f29ed692b88&nocache=1597836884643&gdpr=0&us_privacy=1---&pubcid=502b0215-6dc8-4ccb-a942-1c695c4684fe&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=728x90%2C970x90&divIds=bleepingcomputer_970x90_728x90_320x50_sticky&auid=540959250
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.192.0 /
Resource Hash
b8ca0648388fdee589dcb0c5f83f91ae36044ebc58b5417c04d00e361f0758ad

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Aug 2020 11:34:44 GMT
content-encoding
gzip
server
OXGW/16.192.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
176
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
48 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=99097593476193&correlator=3248949407556150&output=ldjh&impl=fifs&adsid=NT&eid=21067043%2C21064170%2C21065516%2C21067071&vrg=2020081301&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200819&iu_parts=15184186%2Cbleepingcomputer_970x90_728x90_320x50_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=fsrefresh%3Dfalse%26fsrebid%3Dfalse%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout&eri=1&cust_params=user-agent%3DChrome%26section%3Dnews&cookie_enabled=1&bc=31&abxe=1&lmt=1597765141&dt=1597836884649&dlt=1597836882277&idt=1049&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1110&adks=3056404191&ucis=2&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&dssz=68&icsg=10871668736&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=1170761381.1597836883&ga_sid=1597836883&ga_hid=666876030&fws=512&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
be67e5937898250d69b307c97f4fb6e8e710b0d54a4568f3fe3742714ca47674
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11232
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/
0
119 B
XHR
General
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=WLM6GiL3zdSZQxjuNieepuQJ&bidId=2236d10e0407654&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.26.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.95.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 19 Aug 2020 11:34:44 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/
0
119 B
XHR
General
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=bDraMWgeoLM4KHJBzFQ8heMv&bidId=230e3cdaf739ef5&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.26.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.95.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 19 Aug 2020 11:34:44 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/
0
119 B
XHR
General
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=WLM6GiL3zdSZQxjuNieepuQJ&bidId=249aae374487ff8&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.26.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.95.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 19 Aug 2020 11:34:44 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/
0
119 B
XHR
General
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=uo4nuhxJikFrr3o47oeeZPL5&bidId=25b0c45e48adf32&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.26.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.95.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 19 Aug 2020 11:34:44 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/
0
119 B
XHR
General
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6f2XVeWT9HhHNo9TDFzKK7JK&bidId=264bccf4c34d11a&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.26.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.95.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 19 Aug 2020 11:34:44 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/
0
119 B
XHR
General
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=uo4nuhxJikFrr3o47oeeZPL5&bidId=2737cbff998651&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.26.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.95.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 19 Aug 2020 11:34:44 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/
0
119 B
XHR
General
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6f2XVeWT9HhHNo9TDFzKK7JK&bidId=2892e77fddc0951&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.26.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.95.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 19 Aug 2020 11:34:44 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/
0
119 B
XHR
General
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=WLM6GiL3zdSZQxjuNieepuQJ&bidId=29f7b922a52be0a&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.26.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.95.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 19 Aug 2020 11:34:44 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/
0
119 B
XHR
General
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=bDraMWgeoLM4KHJBzFQ8heMv&bidId=3091238be8fbc8&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.26.0&strVersion=3.2.1&secure=true&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.95.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 19 Aug 2020 11:34:44 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Origin
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/
456 B
646 B
XHR
General
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
cfff75e4abb31dd16b9b64a569faeba6de44de802fb7e9f6feabba97ec93b377

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Aug 2020 11:34:44 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
456
expires
0
prebid
ib.adnxs.com/ut/v3/
19 B
722 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:44 GMT
X-Proxy-Origin
185.217.171.12; 185.217.171.12; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.132:80
AN-X-Request-Uuid
1846e576-bfa1-4917-a03c-890a680c0b7d
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/
19 B
541 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=3.26.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&tmax=1200&gdpr=false&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.179.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-179-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Aug 2020 11:34:44 GMT
x-auction-status
12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
display
mantodea.mantisadnetwork.com/prebid/
56 B
346 B
XHR
General
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=-120&buster=1597836884669&secure=true&version=9&mobile=false&title=Cryptojacking%20worm%20steals%20AWS%20credentials%20from%20Docker%20systems&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&measurable=true&bids[0][bidId]=6218db6116420a5&bids[0][config][property]=5c3404d83e048a00261ad27f&bids[0][config][zone]=bleepingcomputer_728x90_970x90_970x250_320x50_ATF&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&bids[0][sizes][2][width]=970&bids[0][sizes][2][height]=250&bids[1][bidId]=63728f77e102d35&bids[1][config][property]=5c3404d83e048a00261ad27f&bids[1][config][zone]=bleepingcomputer_728x90_320x50_InContent_1&bids[1][sizes][0][width]=728&bids[1][sizes][0][height]=90&bids[2][bidId]=6488b151c5cae4&bids[2][config][property]=5c3404d83e048a00261ad27f&bids[2][config][zone]=bleepingcomputer_300x250_300x600_160x600_Right_2&bids[2][sizes][0][width]=300&bids[2][sizes][0][height]=250&bids[2][sizes][1][width]=300&bids[2][sizes][1][height]=600&bids[3][bidId]=658637ecf8136fc&bids[3][config][property]=5c3404d83e048a00261ad27f&bids[3][config][zone]=bleepingcomputer_300x250_300x600_160x600_Right_3&bids[3][sizes][0][width]=300&bids[3][sizes][0][height]=250&bids[3][sizes][1][width]=300&bids[3][sizes][1][height]=600&bids[4][bidId]=66fd5995e7be5f7&bids[4][config][property]=5c3404d83e048a00261ad27f&bids[4][config][zone]=bleepingcomputer_728x90_970x90_970x250_320x50_BTF&bids[4][sizes][0][width]=728&bids[4][sizes][0][height]=90&bids[4][sizes][1][width]=970&bids[4][sizes][1][height]=90&bids[4][sizes][2][width]=970&bids[4][sizes][2][height]=250&property=5c3404d83e048a00261ad27f&foo
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.243.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
51fec69968067d889ece493f10bd9e9cbcd372269b57915cc8ef8477bf48e1f5

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Aug 2020 11:34:45 GMT
status
200
x-powered-by
Express
etag
W/"38-THO0TRq9welIY/eNAdS6zjliXXM"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
prebid
ib.adnxs.com/ut/v3/
19 B
722 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:44 GMT
X-Proxy-Origin
185.217.171.12; 185.217.171.12; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.183:80
AN-X-Request-Uuid
64bb4caf-7ae6-4d34-bac5-5ce1440549e0
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
freestar-d.openx.net/w/1.0/
191 B
369 B
XHR
General
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=75944e46-d76b-4e19-bc8a-7100bc506805%2Cd5680541-5fb6-464c-81d6-f0248bde7979%2C9cbba559-0ed0-4797-93fc-043b70ea59de%2C2707cb55-dba5-44f4-aed4-f9c287151040%2Caac7133f-8eba-4d38-913b-42c4c47b3a5f&nocache=1597836884671&gdpr=0&us_privacy=1---&pubcid=502b0215-6dc8-4ccb-a942-1c695c4684fe&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250%7C728x90%7C300x250%2C300x600%7C300x250%2C300x600%7C728x90%2C970x90%2C970x250&divIds=bleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_300x250_300x600_160x600_Right_3%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF&auid=540959250%2C540959250%2C540959250%2C540959250%2C540959250
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.192.0 /
Resource Hash
b5e6258bffc85cd8dd21c3585860af04bc302646a97de4abd01442acbc641daa

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Aug 2020 11:34:44 GMT
content-encoding
gzip
server
OXGW/16.192.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
176
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/
0
432 B
XHR
General
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Aug 2020 11:34:44 GMT
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
cf-ray
5c5391319c436b7d-LHR
access-control-allow-headers
Content-Type, Origin
cf-request-id
04a81912fa00006b7dd82e7200000001
cygnus
as-sec.casalemedia.com/
25 B
998 B
XHR
General
Full URL
https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%22852f00aaef23e5e%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22863f17df8697ce6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22870711082e0cea8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22881345125687b3f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22898feccb3771b6c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229032a5095c193c9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2291bd04c8009aa98%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22927ab37dea25f69%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229334a39de628979%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22947c6b0664f782d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2295b33f2bf7ef281%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2296757cbf7451eac%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.254.129 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bea21ce0a8875dd5fdb2dd478191ac7c342ff952d70e49fbe02db3ae38cdd016

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:44 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Wed, 19 Aug 2020 11:34:44 GMT
translator
hbopenbid.pubmatic.com/
4 KB
4 KB
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5ff9ef7e6afe99a02fde499f084462fba5b2f50817d631e5edf2f575ac598062

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
x-openrtb-version
2.3
access-control-allow-credentials
true
date
Wed, 19 Aug 2020 11:34:44 GMT
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/
263 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&gdpr=0&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&tk_flint=pbjs_lite_v3.26.0&x_source.tid=75944e46-d76b-4e19-bc8a-7100bc506805&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2912824153650586
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b2bd58f293bcd26a40acdc498cdc72622915032211b2c3391e00ea8077bade76

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:44 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
263
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
240 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&gdpr=0&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&tk_flint=pbjs_lite_v3.26.0&x_source.tid=d5680541-5fb6-464c-81d6-f0248bde7979&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7378416652904638
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
56afb1b69a9442f579dbf0280c643da3817f73a0dd1411fe68ceb7e4c4f400ac

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:44 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
261 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&gdpr=0&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&tk_flint=pbjs_lite_v3.26.0&x_source.tid=9cbba559-0ed0-4797-93fc-043b70ea59de&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.828417317187077
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
3d7fea22e358599a92efab7791715b34583fd5641323ccee191ce78dc4cef125

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:44 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
261 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&gdpr=0&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&tk_flint=pbjs_lite_v3.26.0&x_source.tid=2707cb55-dba5-44f4-aed4-f9c287151040&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4752969822679689
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
aba7ded3dea78c69a1ebf209ffc25e85cd5eb12bb30413e2fc6ff71707b4b16d

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:44 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
263 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&gdpr=0&us_privacy=1---&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&tk_flint=pbjs_lite_v3.26.0&x_source.tid=aac7133f-8eba-4d38-913b-42c4c47b3a5f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3583108140231792
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1968b2c15d2d81ec25e790f06650945baab3d405f6c6f40fd6d66c46b5109d81

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:44 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
263
Expires
Wed, 17 Sep 1975 21:32:10 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012008102328000/ Frame D394
206 KB
56 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e145eadf3c0d2ca018da2d25a02de55ac0f70874da8bba148713fa326f278c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
101165
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57397
x-xss-protection
0
server
sffe
date
Tue, 18 Aug 2020 07:28:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d730d226616e6acf"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 07:28:39 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame D394
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64f791cf5b11444b177786340186cb3ef3ed1c39938f49bc9d4a69bd21ba076d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149288
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5905
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3ad1eb5461ef0024"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame D394
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f125fd246e10689d46bc3c7c529be4f784c9adf3f80f0790a3532f7efd01b012
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
101156
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28844
x-xss-protection
0
server
sffe
date
Tue, 18 Aug 2020 07:28:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7dfeab575efd177f"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 07:28:48 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame D394
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
744f285380d50300c5f78b4a0e9b08f9cd096894251f5965264df5c21c287479
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149288
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1786
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7fce00afb81e6c42"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame D394
48 KB
16 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a1218e57e160a9bd9533ed8ac9d755feeb6249f8e0ba7ddb85a3ace770f45
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149288
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14952
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aacd301e108e3900"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
truncated
/ Frame D394
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e2e0acf04591323f480a29b790cabd59fa06734e2e96288615a39dda8b5f078

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
11135156357528265360
tpc.googlesyndication.com/simgad/ Frame D394
7 KB
7 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11135156357528265360?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql6ouEFrkcU1hRqiRjGnNy2QIF8CA
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eadd5a55bef224cf294109f1e95c762d22de57a99b27e245cc6a01c97da03f4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 10:47:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 Aug 2020 08:51:10 GMT
server
sffe
age
2816
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7404
x-xss-protection
0
expires
Thu, 19 Aug 2021 10:47:48 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D394
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
1546
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 20 Aug 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D394
295 B
388 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Aug 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
50866
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 19 Aug 2020 21:26:58 GMT
l
www.google.com/ads/measurement/ Frame D394
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmVW6JwllAuE88Ps1LbWK-nVyhMOG3_wj-sQDNXjRIhlGieYXrH1FH7n_zAvdhXnJOImjgC5QwezosT4if6aqaZTJ77g
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame D394
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CWr3BVA49X_WdKt-g4gHq67WQD-7ij-Ze_q7xxf8LwI23ARABIPKS5jhgkYSAgIwYoAGXgdakAsgBAuACAKgDAcgDCKoEwgJP0KSjCr9F1feRniFQDVb5mza3-lvp3ZgYz6kH5htllRZ6hktGsBPEyc3biXIU0fLDVSxZtX4rSiBCUYPNaCaFfPakJIOBRsKgJQ-6FANOGpRAHEDo-7mxLvmbIfyM12927tqDswgkEPfWuRKGN9u99-6m7YRIhRL38qP159CE4n6hh4JQuFDmbFl7LNMSQ7N_EV7O5MHkTZtDRdk94ACYy4Yq_TD_KMe5lUA0qRy7I9M0a_AVYRtAOUiyMWugMvqcu9QRlrncyYPoCfIQAi-JtUxOGowdbperyZ7kXTeLdWG6pdGiMz1toWfvPYsL8QR2a584IM6fBN__XF9oLSgYNDefc953G5LA70Do_-ssUd1AgyA5vyegqB4IwwRDCZ7DF7Znt7ETa0QrMyTQhd7w5af2cfKUk20bhJdLN5V-9bYkwAS6iIjxmQPgBAGgBgKAB9H-qdsBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEIXKHNIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjI5ODA5MzEzODg0MTQ1M4AKA8gLAdgTAw&sigh=N0Tz4rQCzFc&tpd=AGWhJmvJpzMbWQ2M769Vh8t9Q1ip1g6bjWhyOCllLj3ZvVc0zg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

c
c.pub.network/
36 B
344 B
XHR
General
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig.messaging.2.1.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
a76acd5ea27cce3460f6043bb84ef68bea1403610cd0273413c81ceba804d993

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 19 Aug 2020 11:34:45 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
si
googleads.g.doubleclick.net/pagead/drt/ Frame D394
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Wed, 19 Aug 2020 11:34:45 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
amp4ads-v0.js
cdn.ampproject.org/rtv/012008102328000/ Frame AEBE
206 KB
56 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e145eadf3c0d2ca018da2d25a02de55ac0f70874da8bba148713fa326f278c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
101166
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57397
x-xss-protection
0
server
sffe
date
Tue, 18 Aug 2020 07:28:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d730d226616e6acf"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 07:28:39 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame AEBE
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64f791cf5b11444b177786340186cb3ef3ed1c39938f49bc9d4a69bd21ba076d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149289
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5905
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3ad1eb5461ef0024"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame AEBE
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f125fd246e10689d46bc3c7c529be4f784c9adf3f80f0790a3532f7efd01b012
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
101157
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28844
x-xss-protection
0
server
sffe
date
Tue, 18 Aug 2020 07:28:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7dfeab575efd177f"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 07:28:48 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame AEBE
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
744f285380d50300c5f78b4a0e9b08f9cd096894251f5965264df5c21c287479
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149289
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1786
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7fce00afb81e6c42"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame AEBE
48 KB
15 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a1218e57e160a9bd9533ed8ac9d755feeb6249f8e0ba7ddb85a3ace770f45
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149289
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14952
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aacd301e108e3900"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
css
fonts.googleapis.com/ Frame AEBE
5 KB
774 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2202487eb46bf6c947314b28445ec928cccd43f6c9435fd1fed7629f0e4c0b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Aug 2020 09:52:49 GMT
server
ESF
date
Wed, 19 Aug 2020 11:34:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Aug 2020 11:34:45 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AEBE
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
1547
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 20 Aug 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AEBE
295 B
519 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Aug 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
50867
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 19 Aug 2020 21:26:58 GMT
truncated
/ Frame AEBE
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ffab78dc62052736d75039f2bc8947cf03763fe0ed67bcb16a43af83341e1c6

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame AEBE
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDV2rVA49X9_kKo_QgQeMqqagAdiqkv5cy_u008ALwI23ARABINrXxTlgkYSAgIwYoAGs8_24AsgBAakCTkf-q5AFtD7gAgCoAwHIAwqqBMICT9C5fE-JVaB8aRYNWvTG0XgoPY73fJQOWt7rZMK2NAYieNolR4sBGOUkciMTOZ-sBxCMFS3TCfAKKAMQC6PwsVvv7rrYAHv2qzc-H5Q5c7AjbSLlQKEKSyyjUCcEFtIpWeKPSnIPO0WqUIMytu7OcuJ8s4LShvDATQou-fdGUgA4UMJ4wI9I9YRQq5HWym1V7IddDRajFLckvznMUaDT7k4TlwHzt81-MXESIL2PMOSXdslUMWWY1rY8McdN5G8UwGtqa2jL9ESMA5_yl_ab6yG2Y6tLV84J-FjLECIuM-8VOM_KBCyg6rJXKVyWKoUa7BD_Z2nFAy_htFH8ATk4NDgo34TwVtycFSyRg52yLUNVYcaYSxSys2MgTJ-Uf__B-KAbvw87wSbTSnk5iQHCI_PXjQzHVbPxl63UxNpO6TUbH8AE7uD51e0C4AQBkgUECAQYAZIFBAgFGASAB7yMgscBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEKbUENIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA8gLAdgTCg&sigh=NkIqSRvfyqk&tpd=AGWhJmuQbNxqP8BkGyeiaW8IqIHfx31Rq8q4QMbB0ppUah3j5w
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ai
capi.connatix.com/tr/ Frame 85D7
0
333 B
XHR
General
Full URL
https://capi.connatix.com/tr/ai?v=46383
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.128.233.190 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-233-190.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 19 Aug 2020 11:34:45 GMT
Content-Encoding
gzip
Server
openresty/1.15.8.2
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame AEBE
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 10 Aug 2020 15:05:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
764930
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Tue, 10 Aug 2021 15:05:55 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame AEBE
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 09:53:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
697303
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 11 Aug 2021 09:53:02 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame AEBE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Wed, 19 Aug 2020 11:34:45 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AEBE
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
1547
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 20 Aug 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AEBE
295 B
324 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Aug 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
50867
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 19 Aug 2020 21:26:58 GMT
c
c.pub.network/
36 B
472 B
XHR
General
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig.messaging.2.1.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
0a6413daf94db20920a5dec4b7e2acd0ecc866dd6c5a03801b0b7286dc9fe9e9

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 19 Aug 2020 11:34:45 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
ads
securepubads.g.doubleclick.net/gampad/
259 KB
27 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=99097593476193&correlator=3248949407556150&output=ldjh&impl=fifs&adsid=NT&eid=21067043%2C21064170%2C21065516%2C21067071&vrg=2020081301&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200819&iu_parts=15184186%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_300x250_300x600_160x600_Right_3%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_1x1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=970x250%7C970x90%7C728x90%2C728x90%2C300x600%7C300x250%2C300x600%7C300x250%2C970x250%7C970x90%7C728x90%2C1x1&ists=1&prev_scp=fsrefresh%3Dfalse%26fsrebid%3Dfalse%26amznbid%3D2%26amznp%3D2%26fsbid%3D0%26fspbg%3Dfreestar%26freestar_path%3D%252Fnews%252Fsecurity%252Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%252F%26freestar_domain%3Dbleepingcomputer.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Dpubmatic_970x90%26hb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D0.02%26hb_adid%3D115db3b3c96bc394%26hb_bidder%3Dpubmatic%7Cfsrefresh%3Dfalse%26fsrebid%3Dfalse%26amznbid%3D2%26amznp%3D2%26fsbid%3D0%7Cfsrefresh%3Dfalse%26fsrebid%3Dfalse%26amznbid%3D2%26amznp%3D2%26fsbid%3D0%7Cfsrefresh%3Dfalse%26fsrebid%3Dfalse%26amznbid%3D2%26amznp%3D2%26fsbid%3D0%7Cfsrefresh%3Dfalse%26fsrebid%3Dfalse%26amznbid%3D2%26amznp%3D2%26fsbid%3D0%7Cfsrefresh%3Dfalse%26fsrebid%3Dfalse%26fsbid%3D0&eri=1&cust_params=user-agent%3DChrome%26section%3Dnews&cookie=ID%3Dac27e4fb31e09fe9%3AT%3D1597836884%3AS%3DALNI_MY-03sfu5Q7UYPkZNS6hfmeO_Z1pQ&bc=31&abxe=1&lmt=1597765141&dt=1597836885503&dlt=1597836882277&idt=1049&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C268%2C1082%2C1082%2C315%2C800&adys=146%2C3752%2C1368%2C2243%2C5183%2C5849&adks=1078295657%2C4047242158%2C1498267662%2C2397762747%2C389221393%2C2635258439&ucis=3%7C4%7C5%7C6%7C7%7C8&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&dssz=68&icsg=10871668736&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x280%7C834x90%7C306x600%7C306x600%7C1200x250%7C1600x5852&msz=1170x250%7C834x90%7C306x600%7C306x600%7C1170x250%7C1600x1&ga_vid=1170761381.1597836883&ga_sid=1597836883&ga_hid=666876030&fws=0%2C0%2C0%2C512%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b56ad11a796a0bb9c92f0e2a2e6bbf74faeac481bfad1a68df65789b474108c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27588
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,4769125089
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-1,138312950612
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012008102328000/ Frame 7D01
206 KB
56 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e145eadf3c0d2ca018da2d25a02de55ac0f70874da8bba148713fa326f278c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
101167
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57397
x-xss-protection
0
server
sffe
date
Tue, 18 Aug 2020 07:28:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d730d226616e6acf"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 07:28:39 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame 7D01
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64f791cf5b11444b177786340186cb3ef3ed1c39938f49bc9d4a69bd21ba076d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149290
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5905
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3ad1eb5461ef0024"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame 7D01
94 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f125fd246e10689d46bc3c7c529be4f784c9adf3f80f0790a3532f7efd01b012
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
101158
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28844
x-xss-protection
0
server
sffe
date
Tue, 18 Aug 2020 07:28:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7dfeab575efd177f"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 07:28:48 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame 7D01
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
744f285380d50300c5f78b4a0e9b08f9cd096894251f5965264df5c21c287479
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149290
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1786
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7fce00afb81e6c42"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame 7D01
48 KB
15 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a1218e57e160a9bd9533ed8ac9d755feeb6249f8e0ba7ddb85a3ace770f45
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149290
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14952
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aacd301e108e3900"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
css
fonts.googleapis.com/ Frame 7D01
5 KB
733 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=nl
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Aug 2020 10:15:58 GMT
server
ESF
date
Wed, 19 Aug 2020 11:34:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Aug 2020 11:34:46 GMT
css
fonts.googleapis.com/ Frame 7D01
5 KB
687 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Aug 2020 10:30:58 GMT
server
ESF
date
Wed, 19 Aug 2020 11:34:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Aug 2020 11:34:46 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7D01
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
1548
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 20 Aug 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7D01
295 B
324 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Aug 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
50868
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 19 Aug 2020 21:26:58 GMT
truncated
/ Frame 7D01
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf8eecd929495e4f534d830a1e0be0508cbcc18a5d16512bf7dd578946cee6a8

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
4878972685955854796
tpc.googlesyndication.com/daca_images/simgad/ Frame 7D01
42 KB
42 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/4878972685955854796?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI2gMQ-AEYASABLQAAAD8w2gM4-AFFAACAPw&rs=AOga4qnvOzxlm3w42FKQI_yeIsR1PWI45Q
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae28d9b21731e05774307608bda631218c317fdcefdbc1ddb4b55bde1fcfc39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Apr 2020 18:14:42 GMT
server
sffe
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43145
x-xss-protection
0
expires
Wed, 26 Aug 2020 11:34:46 GMT
40933678460698624
tpc.googlesyndication.com/simgad/ Frame 7D01
1 KB
867 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 20:22:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
659510
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Aug 2021 20:22:56 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7D01
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2wdiVQ49X-vwI4yAgQfT9LOgAdiqkv5cy_u008ALwI23ARABINrXxTlgkYSAgIwYoAGs8_24AsgBBqkCTkf-q5AFtD7gAgCoAwHIAwqqBMgCT9C1xE3gMErObnzbmk4hzweWFZsezKHQKTnQsza2TPd5MDFAPlKxynyEZhI4wohTyCsodlrUYHl4JpA8fv1szQbNalJSm7kKIKog8SBY_UdvLkW6SmlJgijlV24PbqK4WT_G4EzP6W_ZDTHd7DYzoGyd894bMlsqWhFINlGVzmE5eNs6Il6r7vk465416qBzCCgklAhRECYFsQnKf4FE_6laEj-jhihPFq7tPo4hBEneRiDSKcZ-Fg9cgXjDXOv812VB10Q76V4SRzM0Omweqajy00OPVlhoZQXU0aKspMG5bnXunSSSOXESb1kUckKOeJX8i1CyG48kZkbjJwj2JvPn91LauYYMyhHTqkNE-OPOsW8lvNK0pZJhS_ywCmBBj1-xri0ynzqv1XzwzYGPntFx5kj3dGzwIdns6T7gzRY9s5OmMm88wMAE7uD51e0C4AQBkgUECAQYAZIFBAgFGASgBjeAB7yMgscBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEKvnHNIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA8gLAdgTCg&sigh=53srjQKiVu4&template_id=492&tpd=AGWhJmvUYl_ZsJ7j0EydEFaMcTjtErZmVYeVhNTITJxUlngFsw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

l
www.google.com/ads/measurement/ Frame 7D01
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXsvAqrym8mpOHutLl-JxA_uA9aQrabiA1L2Zqoo1DKsveM1bfeJ3FNcBLvEM_8ujZHVatL4-FHL9MmeF1PnKMGKRTxg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

amp4ads-v0.js
cdn.ampproject.org/rtv/012008102328000/ Frame B005
206 KB
56 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e145eadf3c0d2ca018da2d25a02de55ac0f70874da8bba148713fa326f278c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
101167
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57397
x-xss-protection
0
server
sffe
date
Tue, 18 Aug 2020 07:28:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d730d226616e6acf"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 07:28:39 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame B005
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64f791cf5b11444b177786340186cb3ef3ed1c39938f49bc9d4a69bd21ba076d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149290
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5905
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3ad1eb5461ef0024"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame B005
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f125fd246e10689d46bc3c7c529be4f784c9adf3f80f0790a3532f7efd01b012
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
101158
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28844
x-xss-protection
0
server
sffe
date
Tue, 18 Aug 2020 07:28:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7dfeab575efd177f"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 07:28:48 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame B005
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
744f285380d50300c5f78b4a0e9b08f9cd096894251f5965264df5c21c287479
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149290
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1786
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7fce00afb81e6c42"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame B005
48 KB
15 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a1218e57e160a9bd9533ed8ac9d755feeb6249f8e0ba7ddb85a3ace770f45
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149290
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14952
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aacd301e108e3900"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
css
fonts.googleapis.com/ Frame B005
4 KB
647 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Aug 2020 11:05:08 GMT
server
ESF
date
Wed, 19 Aug 2020 11:34:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Aug 2020 11:34:46 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B005
295 B
336 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Aug 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
50868
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 19 Aug 2020 21:26:58 GMT
truncated
/ Frame B005
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c52fe72e3ef098d5692133ab83f4d1520d5f359f657f0b86ce11cb79f3b3b7d6

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.js
cdn.ampproject.org/rtv/012008102328000/ Frame 8B3E
206 KB
56 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e145eadf3c0d2ca018da2d25a02de55ac0f70874da8bba148713fa326f278c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
101167
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57397
x-xss-protection
0
server
sffe
date
Tue, 18 Aug 2020 07:28:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d730d226616e6acf"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 07:28:39 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame 8B3E
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64f791cf5b11444b177786340186cb3ef3ed1c39938f49bc9d4a69bd21ba076d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149290
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5905
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3ad1eb5461ef0024"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame 8B3E
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f125fd246e10689d46bc3c7c529be4f784c9adf3f80f0790a3532f7efd01b012
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
101158
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28844
x-xss-protection
0
server
sffe
date
Tue, 18 Aug 2020 07:28:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7dfeab575efd177f"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 07:28:48 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame 8B3E
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
744f285380d50300c5f78b4a0e9b08f9cd096894251f5965264df5c21c287479
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149290
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1786
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7fce00afb81e6c42"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame 8B3E
48 KB
15 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a1218e57e160a9bd9533ed8ac9d755feeb6249f8e0ba7ddb85a3ace770f45
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149290
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14952
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aacd301e108e3900"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8B3E
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
1548
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 20 Aug 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8B3E
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Aug 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
50868
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 19 Aug 2020 21:26:58 GMT
truncated
/ Frame 8B3E
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
206710015f44ae457b05fb8ccd960bd9c6a70fcab43bbdb9235f654374d14405

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.js
cdn.ampproject.org/rtv/012008102328000/ Frame F411
206 KB
56 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e145eadf3c0d2ca018da2d25a02de55ac0f70874da8bba148713fa326f278c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
101167
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57397
x-xss-protection
0
server
sffe
date
Tue, 18 Aug 2020 07:28:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d730d226616e6acf"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 07:28:39 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame F411
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64f791cf5b11444b177786340186cb3ef3ed1c39938f49bc9d4a69bd21ba076d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149290
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5905
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3ad1eb5461ef0024"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame F411
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f125fd246e10689d46bc3c7c529be4f784c9adf3f80f0790a3532f7efd01b012
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
101158
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28844
x-xss-protection
0
server
sffe
date
Tue, 18 Aug 2020 07:28:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7dfeab575efd177f"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 07:28:48 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame F411
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
744f285380d50300c5f78b4a0e9b08f9cd096894251f5965264df5c21c287479
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149290
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1786
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7fce00afb81e6c42"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame F411
48 KB
15 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a1218e57e160a9bd9533ed8ac9d755feeb6249f8e0ba7ddb85a3ace770f45
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149290
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14952
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aacd301e108e3900"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F411
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
1548
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 20 Aug 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F411
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Aug 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
50868
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 19 Aug 2020 21:26:58 GMT
truncated
/ Frame F411
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f8fa551f08be2b03dec4b58764eedef1d8ca9ad6b7fe947f0047f9bdf469979

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.js
cdn.ampproject.org/rtv/012008102328000/ Frame 4A31
206 KB
56 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e145eadf3c0d2ca018da2d25a02de55ac0f70874da8bba148713fa326f278c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
101167
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57397
x-xss-protection
0
server
sffe
date
Tue, 18 Aug 2020 07:28:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d730d226616e6acf"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 07:28:39 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame 4A31
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64f791cf5b11444b177786340186cb3ef3ed1c39938f49bc9d4a69bd21ba076d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149290
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5905
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3ad1eb5461ef0024"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame 4A31
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f125fd246e10689d46bc3c7c529be4f784c9adf3f80f0790a3532f7efd01b012
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
101158
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28844
x-xss-protection
0
server
sffe
date
Tue, 18 Aug 2020 07:28:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7dfeab575efd177f"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 07:28:48 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame 4A31
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
744f285380d50300c5f78b4a0e9b08f9cd096894251f5965264df5c21c287479
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149290
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1786
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7fce00afb81e6c42"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012008102328000/v0/ Frame 4A31
48 KB
15 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012008102328000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a1218e57e160a9bd9533ed8ac9d755feeb6249f8e0ba7ddb85a3ace770f45
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149290
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14952
x-xss-protection
0
server
sffe
date
Mon, 17 Aug 2020 18:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aacd301e108e3900"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Aug 2021 18:06:36 GMT
css
fonts.googleapis.com/ Frame 4A31
5 KB
687 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Aug 2020 11:16:24 GMT
server
ESF
date
Wed, 19 Aug 2020 11:34:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Aug 2020 11:34:46 GMT
css
fonts.googleapis.com/ Frame 4A31
5 KB
687 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Aug 2020 10:51:13 GMT
server
ESF
date
Wed, 19 Aug 2020 11:34:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Aug 2020 11:34:46 GMT
40933678460698624
tpc.googlesyndication.com/simgad/ Frame 4A31
1 KB
755 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 20:22:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
659510
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Aug 2021 20:22:56 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4A31
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
1548
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 20 Aug 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4A31
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Aug 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
50868
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 19 Aug 2020 21:26:58 GMT
truncated
/ Frame 4A31
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb53f1298c658566ee2ed1f72852ffaaee212b2c0918fa64ccf2aba97b445697

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
native-loader.js
video.unrulymedia.com/native/ Frame 3BEE
7 KB
3 KB
Script
General
Full URL
https://video.unrulymedia.com/native/native-loader.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.212.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f69e95f74800e4dab8418f465db6eca0bb8f662605ddb2d8c27d1210bc37973e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:27:39 GMT
content-encoding
gzip
x-amz-expiration
expiry-date="Wed, 28 Jul 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Tue, 28 Jul 2020 08:43:35 GMT
server
AmazonS3
age
428
etag
"70a57b8061c12cca0f04da7b90f850f3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=600
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
APoCMm79UtrTq59XK305ir8YgQLW8l3brk3B-JOx8BnfT0P9UoGixw==
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
view
securepubads.g.doubleclick.net/pcs/ Frame 3BEE
0
31 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgD0599UDT-EaRpY9A0d7SZxp9J1lk_Jmv0ZbOPdTuKgBihWR7LA6CUQE9gbS72G7vO8mEJc9bcNeNZ82MWQx9hrqRU1MJpa-8uFJAuNNVaMGGLMCX4oY7nldGZTEQxw1PACo9XP_AJymoM-_SZcipmXu7q55h0fkQO3BqMo5JmJ0fuqeRv2fy2y9Me3qRJPApH0t-Y89BbP9TnU7cS-86txLIn-75LxtVHT8-liAgONmNaG7wHKXwoDr_9hKr_8K_ZPJVxKanVJL4YODpShv_jhhxc2esp-2RBBBremu1YKkkfuRSmvU&sig=Cg0ArKJSzPj93YJ9dEvMEAE&urlfix=1&adurl=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081301.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 11:34:46 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B005
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 02:36:36 GMT
x-content-type-options
nosniff
server
cafe
age
32290
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2471
x-xss-protection
0
expires
Thu, 20 Aug 2020 02:36:36 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B005
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C92BXVQ49X67yI4yAgQfT9LOgAcyMtuNekfWmr_kLpOfy7ZUCEAEg2tfFOWCRhICAjBigAd37-JcDyAEB4AIAqAMByAMKqgTKAk_Q5_jM8qInuyzTp_-_FFVn7kegcuu0Q_puFd34608472MF3m0_ssUeXB3MpT0QAZ5_sG1ONzxLhmDRqUSrrbl5xcCf200SFNks49kN3f1SDpiOvLebQIX_a-4S86VOr-rn5c5ybihPZr75hEHhnV7lOJZGOQH1dYY0gwU6zaaEPw0PEt-Xa2zhVu10HLqKbjjxVB9pTy-Dp6TqWWkmmH7824RvXigLcKIQ9ajx-fFNOrQ-xcRmnyFug6aJXvOiJsNOP-RFi-50qa0OOaXvnjdV9E-jdxfmHmvrYDNj_SDzt6FIFIetZjRVe5QixQu72NzmzQEaAZpSa2DgVdaOrU8Ldyzq5bmyGfFamc_J9eSumaHUnnIR74PhSUeSyyZtz_Gg14djpNJXYn8Zgm1gDmFrO8XUTt3-9zzJP7fugTQvM4RZFRfSBrEr5cAEktTH8_MC4AQBkgUECAQYAZIFBAgFGASgBlGAB4uEh2ioB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQxPcD0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xNzQyMjQ5NjAzMjg5MDgzgAoDyAsB2BMM&sigh=0f_fc9fEG7Q&tpd=AGWhJmuXJe21q9ALNd64JjiEHfZnGtJx7BxxMJna4nF68QFTkg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

9899392262825195304
tpc.googlesyndication.com/simgad/ Frame 8B3E
29 KB
29 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9899392262825195304?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlf30fRF8REfa7coP2dVQ1ci8Kirw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8fb7717faf61efb8c271691ba84ec01ea107b6946783ded26fb313c2b9a17760
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 03:08:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2019 19:49:56 GMT
server
sffe
age
635192
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29458
x-xss-protection
0
expires
Thu, 12 Aug 2021 03:08:14 GMT
l
www.google.com/ads/measurement/ Frame 8B3E
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSuSyOo4UUrdEg7PfJQeuCZxhnuT4TLCWP8EMRdpQ7eFlEJzbEQjEn1fmsXsGkwpNZ0sAp2fmh_44wSmlOWWIiavskPag
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

B23768030.267046035;dc_pre=CNrviqCWp-sCFQrFuwgd9zUAQg;dc_trk_aid=461813827;dc_trk_cid=106332843;ord=3472132697;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/ Frame 8B3E
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046035;dc_trk_aid=461813827;dc_trk_cid=106332843;ord=3472132697;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046035;dc_pre=CNrviqCWp-sCFQrFuwgd9zUAQg;dc_trk_aid=461813827;dc_trk_cid=106332843;ord=3472132697;dc_lat=;dc_rdid=;tag...
42 B
98 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046035;dc_pre=CNrviqCWp-sCFQrFuwgd9zUAQg;dc_trk_aid=461813827;dc_trk_cid=106332843;ord=3472132697;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
172.217.21.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f198.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Aug 2020 11:34:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Aug 2020 11:34:46 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046035;dc_pre=CNrviqCWp-sCFQrFuwgd9zUAQg;dc_trk_aid=461813827;dc_trk_cid=106332843;ord=3472132697;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8B3E
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cxi3fVQ49X9vzI4yAgQfT9LOgAeaIlsxe-N6Dh6QL4LmVmEMQASDHg_wBYJGEgICMGKAB7_WO2wPIAQLgAgCoAwHIAwiqBMUCT9BhL4XxreD3J6vPCiGjTxz4UGVRJ3fDle_ksml8IkYtcFD7L__GE-7Xt43_G_jo0u5npYYX804ow9JMpyjwXToi9wuhrQQuKgFasIvIRL1sKYBmNEwY2LDnFiWNmbiQG0-Zub8ULoELdggoBtX1KhFCaFmpXQOnLIPW_mppEcSRB2FzIaQFunc-edU7y4WRLYJTfMuiO6E9h0w7jXR9frj2h-XrCdaq5ihbSgIbDo7vnbLprM6cBJgk3gv5_AXFsNJVo6EMFtjzjqdVvJVxfOnzVsZXXMvBHRGILh8Hv2xsp168JFSERLmdQiEGChQfMfpa18d36l_ZvCFumyx-yXY4rhLXNR6_gbhYzayy6P3K6xfjuaKLhH4FdwuCtwnkO6WBwZifBJPOHqAbqIv6hbQdw_9ZbXYZu1Klc9El8xfKJ-AwX8AEj5f0pKkC4AQBkgUECAQYAZIFBAgFGASgBgKAB562mymoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQ54kg0ggJCIDhgBAQARgdgAoByAsB2BMM&sigh=MXXF6ryaZes&tpd=AGWhJmuJ0r1C9ylGh7cfOwUMXkmUAnZwBMbPh69s246DHkccSg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

3478925172574435173
tpc.googlesyndication.com/simgad/ Frame F411
8 KB
8 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3478925172574435173?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkos8wptgTbAeQJGtzRfWG84YWj4A
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12dcf216e4ac62a835036836518edc6a972578146e9ab478946f201c426ea6ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 10:47:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 Aug 2020 08:51:10 GMT
server
sffe
age
2852
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8383
x-xss-protection
0
expires
Thu, 19 Aug 2021 10:47:14 GMT
l
www.google.com/ads/measurement/ Frame F411
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQN021YM0hoyrpRRvgB_1z1Y0gtsUZbTq9XLDK6050d7vMdjAwsFaQAbtkUu0lXd3psviz1zLMvIpM6Dq0pivnjBZ6EAQ
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame F411
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjZcBVQ49X5L1I4yAgQfT9LOgAe7ij-Zejq3xxf8LwI23ARABIMeD_AFgkYSAgIwYoAGXgdakAsgBAuACAKgDAcgDCKoEyAJP0EQ4Kf0pWhcid_gZUu0GeR-FP2dyb58X-BuoNdGOygo0MBwC1ZkX0fPKeUx9VQCbCGm9f5Z25eO6ByP2yvivAOE4nRsqZqgdUhnxF8c7BtOYquzj2m1D9Zyv3ZI8b86NKso5Uw1zEj4quMw2TOdJ7tq1BXR8D4_B6uV_bBwN2xqCUiopW40xIr8LKgvkFQXyB_gwMXykyQQbU56Y26CEgpWyw-pktTFmUOrnvzVpPBj4Zo44uh7nGz8Gaw7LCalArIeuJxTs1QFv_fKwaiALTnb7Pjg7wgTbdr4sudwHH5GQQsIy7pR8G4Mic2MBH7t7pLSVl44c5IA3WPM0kCMPOOvd58w3eezkaaZU9svUKwWUcIDBJvIL0Q53GkU9dCLgHXqiocU0I1B_FtJPSyCY6SVM0B_OhDOujd8thkTDVTgAqUxGFxZfwAS6iIjxmQPgBAGgBgKAB9H-qdsBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEKe3MtIICQiA4YAQEAEYHYAKAcgLAdgTAw&sigh=BCok8_CEfjk&tpd=AGWhJmu5ApfTcYuVyFeuh2VcXDSAzTh9_7c_viStGiy5A0_4uw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

5783251670283858574
tpc.googlesyndication.com/daca_images/simgad/ Frame 4A31
75 KB
75 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/5783251670283858574
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160df22a91da02a87389943a6dd003a720f5f412e484c41963013c96007ad5f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 13:31:06 GMT
x-content-type-options
nosniff
age
684220
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77134
x-xss-protection
0
last-modified
Wed, 08 Feb 2017 19:28:33 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Aug 2021 13:31:06 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4A31
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CApldVQ49X9X2I4yAgQfT9LOgAcyMtuNeprL2_uMLpOfy7ZUCEAEg2tfFOWCRhICAjBigAd37-JcDyAEB4AIAqAMByAMKqgTKAk_QGyacfkikvlA-6otoOY4BxTPZs6aWgdsX0wIQ4vxWg3L5xDZy00y7rzEa2pQ8uh2K3gM1vuN75qg__ZEKRD2eO8K-Cyk95g2RjV6zGHm81L0I_5E9PHv_80fK0e5JygFOhefBrFFoYmlrpZ4Oe1HXOwjn4ME2P6FkMcBo2SbciHgCnbWWs_LPHgt81YhwQj_56dxxNz5KxQMza-UnHwP26EgAOehbaoVMc2T2xL6EggLkf_6nk5ytdEbjImt0cRs6ZRdgbDoIy-CY-l8F7zEDJWTQcTAUod63AztRCxqoI3LCFNA-tUK093Six6Ik17w6OXPZkPH8A8d0JjlE9yhg5DcCaLUShlxKYKkcnDOnoPb8dDnn2kj9j4b5SLUfKJ3heLnjtarFlbLdblezOw5NdTAn4lqQqRUkhhpqGyt6YwI_GoJyZtyqEsAE496B25AD4AQBkgUECAQYAZIFBAgFGASgBlGAB4uEh2ioB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQpMcH0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xNzQyMjQ5NjAzMjg5MDgzgAoDyAsB2BMM&sigh=q_52sV46pzU&tpd=AGWhJmsAGsqa_U-SJlWrayLMgc_jQujDsUOhoRMu7X4b5fDEvw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

l
www.google.com/ads/measurement/ Frame 4A31
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR07jhHB7AvIPZ44-ebuX6KWFizSI4N_uScrFWvHnt7C-hHfNcIhUlcp22wrZik759XwrFG_aL4iOifH2z0eRbCrr8RWw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame B005
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v16/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 05:34:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:26 GMT
server
sffe
age
540037
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14608
x-xss-protection
0
expires
Fri, 13 Aug 2021 05:34:09 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame B005
14 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v16/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 05:24:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:18 GMT
server
sffe
age
540641
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14816
x-xss-protection
0
expires
Fri, 13 Aug 2021 05:24:05 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 4A31
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 09:53:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
697304
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 11 Aug 2021 09:53:02 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 4A31
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 10 Aug 2020 15:05:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
764931
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Tue, 10 Aug 2021 15:05:55 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7D01
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=nl
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=nl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 09:53:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
697304
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 11 Aug 2021 09:53:02 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7D01
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=nl
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=nl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 10 Aug 2020 15:05:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
764931
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Tue, 10 Aug 2021 15:05:55 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AEBE
42 B
175 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGpG26GRoPvkSVad_iEX_3QtydCvKkq59hM42FHq8xHm3pi6-lT58PZqoTpbuQ5H1rg0lRXGEO0Q1rfbBVZPfbib8H7U09YIuQsQpnEqKEUv3X3PIIHQopfaVX5g&sai=AMfl-YS7krXO4vXX4vMJ0oBusDUDjfyj5sjDHr0qU-gWjK_LeOJAdGgqE0Th5h7Mg2Uppl5BB15eqTIL4YWWL6xRqSAoMxMaFjCOhNcAoj9yZ3ZOiinbIYkpNcaTi5pO&sig=Cg0ArKJSzEUgzhWZIpUcEAE&cid=CAASF-Roa0nVWWzjhkms-ctsYK5aMla3DBI_&id=ampim&o=315,1110&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1017&mtos=0,0,1017,1017,1017&tos=0,0,1017,0,0&tfs=104&tls=1121&g=100&h=100&tt=1121&r=v&avms=ampa&adk=3056404191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Aug 2020 11:34:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
et_v1.0.1679-0-g81025a8.js
video.unrulymedia.com/native/ Frame F091
2 KB
2 KB
Script
General
Full URL
https://video.unrulymedia.com/native/et_v1.0.1679-0-g81025a8.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.212.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9ed37930833acd055309329602291eae6b05f7adf3643dbde06f7ffb4526209

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 15:15:05 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
1973982
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
https://www.bleepingcomputer.com
x-amz-expiration
expiry-date="Mon, 26 Jul 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Sun, 26 Jul 2020 08:10:29 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
mg7lYTDUdpL1ExjUWxPQB0y2SBf6-XmAdco5d3Sxkc_5---0uTBuVQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame F091
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 21:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
570817
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Aug 2021 21:01:09 GMT
img
rx-stats3.unrulymedia.com/trackedevent/ Frame 3BEE
43 B
339 B
Image
General
Full URL
https://rx-stats3.unrulymedia.com/trackedevent/img?event=tag_load&adslotid=803044083&clientver=v1.0.1679-0-g81025a8&siteid=1101818&iframe=true&compat=CSS1Compat&pageloadid=206659441&cb=1597836886388&siteenv=html&doc_type=outstream_pread_event
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.150 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:46 GMT
Server
Tengine
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
Expires
0
truncated
/ Frame 3BEE
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71cba6f88cbeec86fcc5e5e23b4b6241daab720bec27ebd8539d0ce22dd359f3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
4878972685955854796
tpc.googlesyndication.com/daca_images/simgad/ Frame 7D01
42 KB
42 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/4878972685955854796?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI2gMQ-AEYASABLQAAAD8w2gM4-AFFAACAPw&rs=AOga4qnvOzxlm3w42FKQI_yeIsR1PWI45Q
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae28d9b21731e05774307608bda631218c317fdcefdbc1ddb4b55bde1fcfc39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Apr 2020 18:14:42 GMT
server
sffe
age
0
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43145
x-xss-protection
0
expires
Wed, 26 Aug 2020 11:34:46 GMT
40933678460698624
tpc.googlesyndication.com/simgad/ Frame 7D01
1 KB
771 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 20:22:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
659510
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Aug 2021 20:22:56 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7D01
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
1548
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 20 Aug 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7D01
295 B
320 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Aug 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
50868
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 19 Aug 2020 21:26:58 GMT
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B005
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 02:36:36 GMT
x-content-type-options
nosniff
server
cafe
age
32290
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2471
x-xss-protection
0
expires
Thu, 20 Aug 2020 02:36:36 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B005
295 B
320 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Aug 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
50868
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 19 Aug 2020 21:26:58 GMT
9899392262825195304
tpc.googlesyndication.com/simgad/ Frame 8B3E
29 KB
29 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9899392262825195304?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlf30fRF8REfa7coP2dVQ1ci8Kirw
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8fb7717faf61efb8c271691ba84ec01ea107b6946783ded26fb313c2b9a17760
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 03:08:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Oct 2019 19:49:56 GMT
server
sffe
age
635192
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29458
x-xss-protection
0
expires
Thu, 12 Aug 2021 03:08:14 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8B3E
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
1548
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 20 Aug 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8B3E
295 B
320 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Aug 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
50868
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 19 Aug 2020 21:26:58 GMT
3478925172574435173
tpc.googlesyndication.com/simgad/ Frame F411
8 KB
8 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3478925172574435173?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkos8wptgTbAeQJGtzRfWG84YWj4A
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12dcf216e4ac62a835036836518edc6a972578146e9ab478946f201c426ea6ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 10:47:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 Aug 2020 08:51:10 GMT
server
sffe
age
2852
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8383
x-xss-protection
0
expires
Thu, 19 Aug 2021 10:47:14 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F411
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
1548
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 20 Aug 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F411
295 B
320 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Aug 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
50868
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 19 Aug 2020 21:26:58 GMT
5783251670283858574
tpc.googlesyndication.com/daca_images/simgad/ Frame 4A31
75 KB
75 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/5783251670283858574
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160df22a91da02a87389943a6dd003a720f5f412e484c41963013c96007ad5f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 13:31:06 GMT
x-content-type-options
nosniff
age
684220
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77134
x-xss-protection
0
last-modified
Wed, 08 Feb 2017 19:28:33 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Aug 2021 13:31:06 GMT
40933678460698624
tpc.googlesyndication.com/simgad/ Frame 4A31
1 KB
755 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 20:22:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
659510
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Aug 2021 20:22:56 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4A31
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Aug 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
1548
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 20 Aug 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4A31
295 B
320 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Aug 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
50868
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 19 Aug 2020 21:26:58 GMT
c
c.pub.network/
36 B
344 B
XHR
General
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig.messaging.2.1.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
0a6413daf94db20920a5dec4b7e2acd0ecc866dd6c5a03801b0b7286dc9fe9e9

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 19 Aug 2020 11:34:46 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
native_v1.0.1679-0-g81025a8.js
video.unrulymedia.com/native/ Frame F091
66 KB
18 KB
Script
General
Full URL
https://video.unrulymedia.com/native/native_v1.0.1679-0-g81025a8.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.212.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aad8739f57a09d8b276d16cfd7a70b556b532f636454b8de0877581eb9a8f0b5

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 15:15:06 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
1973981
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
https://www.bleepingcomputer.com
x-amz-expiration
expiry-date="Mon, 26 Jul 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Sun, 26 Jul 2020 08:10:28 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
sBt6Ra7IYVvZwDs0XlWGtu0W2FdZA8G0KbUSneOft4fnH6nhuBz-fg==
skin-1101818.json
video.unrulymedia.com/native/skins/ Frame F091
347 B
946 B
XHR
General
Full URL
https://video.unrulymedia.com/native/skins/skin-1101818.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.212.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ffd88402bd7da213453634115d1872431f2ff6132e2a7c6aa38644606b3de809

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 11:34:47 GMT
via
1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA53-C1
x-cache
RefreshHit from cloudfront
status
200
content-length
347
x-amz-expiration
expiry-date="Fri, 13 Aug 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Thu, 13 Aug 2020 17:30:32 GMT
server
AmazonS3
etag
"09362ea19ef8bf59029394bda9399b2f"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
vsVgVSMMeyl2ePuJrXmRG21MULQHEL_SZo0gSPX0qaYQTDs2hTQa5w==
c
c.pub.network/
36 B
344 B
XHR
General
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig.messaging.2.1.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
0a6413daf94db20920a5dec4b7e2acd0ecc866dd6c5a03801b0b7286dc9fe9e9

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 19 Aug 2020 11:34:47 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
third-party-iframes.html
video.unrulymedia.com/iframes/ Frame 1A47
0
0
Document
General
Full URL
https://video.unrulymedia.com/iframes/third-party-iframes.html?clientver=v1.0.1679-0-g81025a8&siteId=1101818
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native_v1.0.1679-0-g81025a8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.212.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
video.unrulymedia.com
:scheme
https
:path
/iframes/third-party-iframes.html?clientver=v1.0.1679-0-g81025a8&siteId=1101818
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

status
200
content-type
text/html
content-length
466
last-modified
Tue, 28 Jul 2020 08:43:37 GMT
x-amz-expiration
expiry-date="Wed, 28 Jul 2027 00:00:00 GMT", rule-id="Delete after 7 years"
accept-ranges
bytes
server
AmazonS3
date
Wed, 19 Aug 2020 11:34:48 GMT
etag
"7d4a0c9d9666d8efeaa45d7f737f3cff"
cache-control
max-age=600
x-cache
RefreshHit from cloudfront
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
dnCmjVwRwOBNwKCHsDJY5XzXep7AXJo7vQsihiZXrvXHKZxwnyF_Hw==
chunk-vendors~populatePlacement-4242fbd218d3e61dec2a.js
video.unrulymedia.com/native/chunks/ Frame F091
110 KB
30 KB
Script
General
Full URL
https://video.unrulymedia.com/native/chunks/chunk-vendors~populatePlacement-4242fbd218d3e61dec2a.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native_v1.0.1679-0-g81025a8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.212.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f37ab3b21d92d7500abfcb165c977aee0b97bd367ecd675bac96a08df02059e3

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 18 Aug 2020 23:19:36 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
44112
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
https://www.bleepingcomputer.com
x-amz-expiration
expiry-date="Wed, 28 Jul 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Tue, 28 Jul 2020 08:43:34 GMT
server
AmazonS3
etag
W/"20b7785f1a44e9f8acec5a979edf971c"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
MY_zV4bI8eTk8dvNkz94kIComnwxmWaYb1krIh9Ei3RPh3VNuuTaEA==
chunk-populatePlacement-61e9035782ea0e0c55f4.js
video.unrulymedia.com/native/chunks/ Frame F091
80 KB
22 KB
Script
General
Full URL
https://video.unrulymedia.com/native/chunks/chunk-populatePlacement-61e9035782ea0e0c55f4.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native_v1.0.1679-0-g81025a8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.212.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aef8bb52d079cd26d7f24bb4968ae9c5485fefd28ee9a7a580d968af83bd5758

Request headers

Origin
https://www.bleepingcomputer.com
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 18 Aug 2020 23:19:36 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
44112
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
https://www.bleepingcomputer.com
x-amz-expiration
expiry-date="Wed, 28 Jul 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Tue, 28 Jul 2020 08:43:34 GMT
server
AmazonS3
etag
W/"8abe5b35b287496bd1493d71dc72e2da"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
Us5FS5O3L5vN9IcliGZZ5ZYAspb0tL9P0o-X8rRiF8Ow1q2k7BU9Ag==
img
rx-stats3.unrulymedia.com/trackedevent/ Frame F091
43 B
339 B
Image
General
Full URL
https://rx-stats3.unrulymedia.com/trackedevent/img?event=adcall&page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&domain=www.bleepingcomputer.com&videoplcmt=%5B3%5D&siteid=1101818&devicetype=desktop&pageloadid=206659441&siteenv=html&perfconsentstart=1597836886625&perfcorejsstart=1597836886387&perfcorejsend=1597836886625&perfskinstart=1597836886627&perfskinend=1597836887036&perfadagestart=1597836887171&doc_type=outstream_pread_event&clientver=v1.0.1679-0-g81025a8&adslotid=803044083&cb=1597836887174
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.150 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:47 GMT
Server
Tengine
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
Expires
0
2.2
rx.targeting.unrulymedia.com/openrtb/ Frame F091
0
0
Fetch
General
Full URL
https://rx.targeting.unrulymedia.com/openrtb/2.2?uuid=2e4df11b-0c63-4b2b-88bf-2b5b7002021d&site.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F&site.domain=www.bleepingcomputer.com&video_width=640&video_height=360&allowDisplay=false&imp%5B0%5D.placement=3&unr.site.env=html&h=v1.0.1679-0-g81025a8
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/chunks/chunk-populatePlacement-61e9035782ea0e0c55f4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:47 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
img
rx-stats3.unrulymedia.com/trackedevent/ Frame F091
43 B
339 B
Image
General
Full URL
https://rx-stats3.unrulymedia.com/trackedevent/img?event=error_no_ads&videoplcmt=%5B%5D&siteid=1101818&devicetype=desktop&pageloadid=206659441&siteenv=html&perfconsentstart=1597836886625&perfcorejsstart=1597836886387&perfcorejsend=1597836886625&perfskinstart=1597836886627&perfskinend=1597836887036&perfadagestart=1597836887171&doc_type=outstream_pread_event&clientver=v1.0.1679-0-g81025a8&adslotid=803044083&cb=1597836887279&message=Empty%20VAST%20Response
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.150 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Aug 2020 11:34:47 GMT
Server
Tengine
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7D01
42 B
129 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpM6LwUWSA27Almm9oyxGmyg0l7iW9zKwBFjUWmNEP9rq1f2gaQSvtVs1h69esW-ED5NB0EDTtDEntQdJ8mb5ScVuRbeVR7Ov59oe2DnyjvJYaDyCtgJLUGEUAlw&sai=AMfl-YQYrbSS0ji_RyFwNakqS1na3LDqLIYNZ7IB7geKA-FxWAbMjm1AF_Y9ogLIPKlfyoDu7oLveCZTicWqeKvEyylgYVoCzVbcXfcH0mIjr7OjRPgUngcHVN3On0H3&sig=Cg0ArKJSzCPTzSbCeEzmEAE&cid=CAASF-Ro1MfzJbiKEASt9zr7pTJbQRdzdT8z&id=ampim&o=315,146&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=283&tls=1283&g=100&h=100&tt=1283&r=v&avms=ampa&adk=1078295657
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Aug 2020 11:34:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
demand-source
d.pub.network/
54 B
501 B
XHR
General
Full URL
https://d.pub.network/demand-source
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
a70eac5161c44bc050cc6f7f3287bdec863913cc484dba6052d76ed06a35da95

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 19 Aug 2020 11:34:48 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
demand-source
d.pub.network/ Frame
0
0
Other
General
Full URL
https://d.pub.network/demand-source
Protocol
HTTP/1.1
Server
35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors

Response headers

Date
Wed, 19 Aug 2020 11:34:48 GMT
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Methods
POST
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Content-Length
0
abt
capi.connatix.com/tr/ Frame 85D7
0
333 B
XHR
General
Full URL
https://capi.connatix.com/tr/abt?v=46383
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.128.233.190 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-233-190.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 19 Aug 2020 11:34:48 GMT
Content-Encoding
gzip
Server
openresty/1.15.8.2
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
v2yol89Rivh_r_0qJ7Afxdzq0PUnbDtpLmHf1Xx9cqgXi3bo2k00apAkOhz7-8MQooXkCbXRCGexSals8
dapperdiscussion.com/
166 B
249 B
Fetch
General
Full URL
https://dapperdiscussion.com/v2yol89Rivh_r_0qJ7Afxdzq0PUnbDtpLmHf1Xx9cqgXi3bo2k00apAkOhz7-8MQooXkCbXRCGexSals8
Requested by
Host: dapperdiscussion.com
URL: https://dapperdiscussion.com/v2mojjRqxm0uSiopiD-aABaVl-1eYGn-9jdzP46hyVV260JPOwzzIpayjWhZBI5i-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
11.64.190.35.bc.googleusercontent.com
Software
/
Resource Hash
6108f0ca4ffa92e24232c07173a154be1785e11d29e30c64d900dfb97230aff2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
status
200
date
Wed, 19 Aug 2020 11:34:49 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
regan
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
166
expires
Wed, 19 Aug 2020 11:34:48 GMT
st
capi.connatix.com/tr/ Frame 85D7
0
333 B
XHR
General
Full URL
https://capi.connatix.com/tr/st?v=46383
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.128.233.190 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-233-190.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 19 Aug 2020 11:34:50 GMT
Content-Encoding
gzip
Server
openresty/1.15.8.2
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
sync
eb2.3lift.com/ Frame E748
Redirect Chain
  • https://eb2.3lift.com/sync?us_privacy=1---&
  • https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
0
0
Document
General
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.173.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-173-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?us_privacy=1---&&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=541679500570592432
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

status
200
date
Wed, 19 Aug 2020 11:34:51 GMT
content-type
text/html; charset=utf-8
content-length
465
set-cookie
sync=CgoIgQIQrKiAtMAuCgoIoQEQrKiAtMAuCgoI4gEQrKiAtMAuCgoI5gEQrKiAtMAuCgoI1gEQrKiAtMAuCgoIhwIQrKiAtMAuCgkIOhCsqIC0wC4KCQgLEKyogLTALgoJCF8QrKiAtMAuCgkIHxCsqIC0wC4=; Max-Age=7776000; Expires=Tue, 17 Nov 2020 11:34:51 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=541679500570592432; Max-Age=7776000; Expires=Tue, 17 Nov 2020 11:34:51 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

status
302
date
Wed, 19 Aug 2020 11:34:51 GMT
content-length
0
set-cookie
tluid=541679500570592432; Max-Age=7776000; Expires=Tue, 17 Nov 2020 11:34:51 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?us_privacy=1---&&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
iframe
mantodea.mantisadnetwork.com/prebid/ Frame 35FF
0
0
Document
General
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1597836885501&secure=true&version=9&mobile=false&uuid=beccba29-b993-4231-9c77-345844f245a5&title=Cryptojacking%20worm%20steals%20AWS%20credentials%20from%20Docker%20systems&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.243.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

:method
GET
:authority
mantodea.mantisadnetwork.com
:scheme
https
:path
/prebid/iframe?tz=-120&buster=1597836885501&secure=true&version=9&mobile=false&uuid=beccba29-b993-4231-9c77-345844f245a5&title=Cryptojacking%20worm%20steals%20AWS%20credentials%20from%20Docker%20systems&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

status
200
date
Wed, 19 Aug 2020 11:34:51 GMT
content-type
text/html; charset=utf-8
content-length
332
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
W/"14c-9r5Bjy6XDsnlA90RhdhNIIvVOvI"
pd
eu-u.openx.net/w/1.0/ Frame 016F
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
0
0
Document
General
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.192.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=f58c2eea-9df0-0c2a-322b-ce6830b1f8c7|1597836891
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

status
200
vary
Accept, Accept-Encoding
set-cookie
i=f58c2eea-9df0-0c2a-322b-ce6830b1f8c7|1597836891; Version=1; Expires=Thu, 19-Aug-2021 11:34:51 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1597836891|mOgegqnskin0vNomiygu; Version=1; Expires=Thu, 03-Sep-2020 11:34:51 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.192.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 19 Aug 2020 11:34:51 GMT
content-type
text/html
content-length
547
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

status
302
set-cookie
i=f463cc2b-58b6-05e9-3d60-ce8adcc250b5|1597836891; Version=1; Expires=Thu, 19-Aug-2021 11:34:51 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.192.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
date
Wed, 19 Aug 2020 11:34:51 GMT
content-length
0
via
1.1 google
alt-svc
clear
iframe
mantodea.mantisadnetwork.com/prebid/ Frame 3BF4
0
0
Document
General
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1597836885016&secure=true&version=9&mobile=false&uuid=beccba29-b993-4231-9c77-345844f245a5&title=Cryptojacking%20worm%20steals%20AWS%20credentials%20from%20Docker%20systems&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.243.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

:method
GET
:authority
mantodea.mantisadnetwork.com
:scheme
https
:path
/prebid/iframe?tz=-120&buster=1597836885016&secure=true&version=9&mobile=false&uuid=beccba29-b993-4231-9c77-345844f245a5&title=Cryptojacking%20worm%20steals%20AWS%20credentials%20from%20Docker%20systems&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcryptojacking-worm-steals-aws-credentials-from-docker-systems%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

status
200
date
Wed, 19 Aug 2020 11:34:51 GMT
content-type
text/html; charset=utf-8
content-length
332
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
W/"14c-9r5Bjy6XDsnlA90RhdhNIIvVOvI"
showad.js
ads.pubmatic.com/AdServer/js/ Frame C741
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.252.114 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-252-114.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

Server
Apache/2.2.15 (CentOS)
ETag
"13006b6-94fd-5abd223c2ac92"
Last-Modified
Sat, 01 Aug 2020 14:58:34 GMT
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=38209
Expires
Wed, 19 Aug 2020 22:11:40 GMT
Date
Wed, 19 Aug 2020 11:34:51 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 2534
0
0
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.254.129 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

Server
Apache
Last-Modified
Mon, 19 Jun 2017 19:18:19 GMT
ETag
"74087b-112-55254ff6699bb"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
211
Date
Wed, 19 Aug 2020 11:34:51 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame C4E0
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
0
0
Document
General
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.192.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=f58c2eea-9df0-0c2a-322b-ce6830b1f8c7|1597836891
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

status
200
vary
Accept, Accept-Encoding
set-cookie
i=f58c2eea-9df0-0c2a-322b-ce6830b1f8c7|1597836891; Version=1; Expires=Thu, 19-Aug-2021 11:34:51 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1597836891|mOgegqnskin0vNomiygu; Version=1; Expires=Thu, 03-Sep-2020 11:34:51 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.192.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 19 Aug 2020 11:34:51 GMT
content-type
text/html
content-length
547
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

status
302
set-cookie
i=f58c2eea-9df0-0c2a-322b-ce6830b1f8c7|1597836891; Version=1; Expires=Thu, 19-Aug-2021 11:34:51 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.192.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
date
Wed, 19 Aug 2020 11:34:51 GMT
content-length
0
via
1.1 google
alt-svc
clear
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2650
0
0
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

Connection
keep-alive
Content-Length
17037
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Tue, 24 Mar 2020 15:52:19 GMT
ETag
W/"5e7a2cb3-cefd"
Expires
Thu, 06 Aug 2020 09:53:08 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 19 Aug 2020 11:34:51 GMT
Age
6076
X-Served-By
cache-lga21982-LGA, cache-hhn4072-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1585538, 61596
X-Timer
S1597836891.099339,VS0,VE0
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D22D
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Wed, 29 Jul 2020 16:40:43 GMT
Content-Encoding
gzip
Content-Length
9468
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=20050
Expires
Wed, 19 Aug 2020 17:09:01 GMT
Date
Wed, 19 Aug 2020 11:34:51 GMT
Connection
keep-alive
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame CD14
0
0
Document
General
Full URL
https://cdn.districtm.io/ids/index.html?ccpa=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html?ccpa=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

status
204
date
Wed, 19 Aug 2020 11:34:51 GMT
set-cookie
__cfduid=dc9dc31e0f5c741e0c37e5f9bf766fd031597836891; expires=Fri, 18-Sep-20 11:34:51 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
04a8192bc200006b7dd8014200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5c5391593f6c6b7d-LHR
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7093
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.252.114 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-252-114.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

Server
Apache/2.2.15 (CentOS)
ETag
"13006b6-94fd-5abd223c2ac92"
Last-Modified
Sat, 01 Aug 2020 14:58:34 GMT
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=38209
Expires
Wed, 19 Aug 2020 22:11:40 GMT
Date
Wed, 19 Aug 2020 11:34:51 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 47D5
0
0
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

Connection
keep-alive
Content-Length
17037
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Tue, 24 Mar 2020 15:52:19 GMT
ETag
W/"5e7a2cb3-cefd"
Expires
Thu, 06 Aug 2020 09:53:08 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 19 Aug 2020 11:34:51 GMT
Age
6076
X-Served-By
cache-lga21982-LGA, cache-hhn4034-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1585538, 58900
X-Timer
S1597836891.133034,VS0,VE0
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame C390
0
0
Document
General
Full URL
https://cdn.districtm.io/ids/index.html?ccpa=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html?ccpa=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

status
204
date
Wed, 19 Aug 2020 11:34:51 GMT
set-cookie
__cfduid=dc9dc31e0f5c741e0c37e5f9bf766fd031597836891; expires=Fri, 18-Sep-20 11:34:51 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
04a8192bce00006b7dd8015200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5c5391594f736b7d-LHR
ixmatch.html
js-sec.indexww.com/um/ Frame 47C1
0
0
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.26.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.254.129 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Response headers

Server
Apache
Last-Modified
Mon, 19 Jun 2017 19:18:19 GMT
ETag
"74087b-112-55254ff6699bb"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
211
Date
Wed, 19 Aug 2020 11:34:51 GMT
Connection
keep-alive
aq
capi.connatix.com/tr/ Frame 85D7
0
333 B
XHR
General
Full URL
https://capi.connatix.com/tr/aq?v=46383
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.128.233.190 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-233-190.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 19 Aug 2020 11:34:52 GMT
Content-Encoding
gzip
Server
openresty/1.15.8.2
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

212 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| cnxps object| freestar object| apd_options function| admiral object| googletag function| __cmp function| __uspapi function| gtag object| dataLayer object| google_tag_manager object| adsbygoogle object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map boolean| fifabAlready function| fi_fab function| Blazy object| fixto function| validate_comment_box_not_empty function| cz_strip_tags function| cz_br2nl function| editForm string| loginhash boolean| main_nav_hide_flag number| scrollTop string| main_nav_hide_timer function| call_main_nav_hide number| cz_header_pos number| prevScrollTop object| jQuery1111006930882593017174 object| fsdata function| load_script object| fsprebid object| $jscomp undefined| commonInit function| visibilityEventsManager function| visibilityEventsManagerDOM function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fipbChunk object| fipb object| _pbjsGlobals object| __core-js_shared__ function| fiPrebidAnalyticsHandler function| fiQuery object| async function| loadDeferredStyles function| raf object| cnx_usr_storage function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_share object| addthis_config object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof function| ownKeys function| _objectSpread function| _defineProperty object| _0x15b8 function| _0x13be object| BT object| BT_PAGEVIEW_MAP object| blockthrough object| BT_RETRY object| BT_REDIRECT_RULES function| fsprebidChunk function| 4dm1r11545242527 boolean| __@@##MUH object| oattr function| a object| b boolean| c string| e undefined| f undefined| g undefined| h undefined| k string| m function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| apstag undefined| firstSpcFetch object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks boolean| SVGFEFuncCMYKElement boolean| YSVGFEFuncCMYKElement object| Fi object| __upo_d boolean| uponitAlreadyLoaded object| _qevents object| advBidxc object| _comscore boolean| apstagLOADED function| quantserve function| __qc object| ezt object| _qoptions function| udm_ object| ns_p object| COMSCORE function| _mR function| _mD undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| closure_lm_352122 object| GoogleGcLKhOms object| google_image_requests function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_show_companion_ad function| google_show_companion_ad_in_slot function| google_get_companion_slot_params function| google_companion_error function| google_companion_loaded function| google_increment_num_ad_mouseovers string| google_ad_output string| google_flash_version boolean| google_webgl_support string| google_ad_section string| google_country object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager string| mantis_uuid number| __unrulyPageLoadId number| unruly:native-ad:nativeAdLoadedTimes function| cnxAddEventListener

21 Cookies

Domain/Path Name / Value
.addthis.com/ Name: uvc
Value: 1%7C34
.doubleclick.net/ Name: IDE
Value: AHWqTUmU2SHkMYJfxQ8tIjc3T_zsmS4Bwdi5R9lRB99iBJzSDKIX_t8u36Xm7TDn
www.bleepingcomputer.com/ Name: ntv_as_us_privacy
Value: 1---
www.bleepingcomputer.com/ Name: fi_utm
Value: direct%7Cdirect%7C%7C%7C%7C
www.bleepingcomputer.com/ Name: _fsloc
Value: ?i=NL&c=Utrecht
www.bleepingcomputer.com/ Name: _fsuid
Value: 5c8ec47c-e45e-4ac6-9dfc-9ecfc01a3a3f
.media.net/ Name: visitor-id
Value: 2408384835006054000V10
www.bleepingcomputer.com/ Name: usprivacy
Value: 1---
www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems Name: fsbotchecked
Value: true
.bleepingcomputer.com/ Name: _ga
Value: GA1.2.1170761381.1597836883
www.bleepingcomputer.com/ Name: __atuvs
Value: 5f3d0e529089c1e7000
www.bleepingcomputer.com/ Name: fssts
Value: false
www.bleepingcomputer.com/ Name: lav
Value: 8994
.bleepingcomputer.com/ Name: _gat_gtag_UA_91740_1
Value: 1
.bleepingcomputer.com/ Name: session_id
Value: 2cef9594b45322cdf5f9f4d376184d47
www.bleepingcomputer.com/ Name: fitracking_12
Value: no
www.bleepingcomputer.com/ Name: _fssid
Value: a2854c0d-57b9-4b83-bbf3-be2dd97b08fd
.bleepingcomputer.com/ Name: _gid
Value: GA1.2.1552038753.1597836883
www.bleepingcomputer.com/ Name: __atuvc
Value: 1%7C34
.media.net/ Name: gdpr_status
Value: 1
.bleepingcomputer.com/ Name: __cfduid
Value: d5383340f30355433b88e6aed707d6f8b1597836881

9 Console Messages

Source Level URL
Text
console-api log URL: https://freestar-io.videoplayerhub.com/gallery.js(Line 1)
Message:
Video gallery initializing
console-api info URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js(Line 1)
Message:
%cPubfig background: #00C389; color: #fff; border-radius: 3px; padding: 3px pubfig.messaging.js - Init ========== LOADING MESSAGING ==========
console-api info URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js(Line 422)
Message:
Powered by AMP ⚡ HTML – Version 2008102328000 https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
console-api info URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js(Line 422)
Message:
Powered by AMP ⚡ HTML – Version 2008102328000 https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
console-api info URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js(Line 422)
Message:
Powered by AMP ⚡ HTML – Version 2008102328000 https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
console-api info URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js(Line 422)
Message:
Powered by AMP ⚡ HTML – Version 2008102328000 https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
console-api info URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js(Line 422)
Message:
Powered by AMP ⚡ HTML – Version 2008102328000 https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
console-api info URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js(Line 422)
Message:
Powered by AMP ⚡ HTML – Version 2008102328000 https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/
console-api info URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js(Line 422)
Message:
Powered by AMP ⚡ HTML – Version 2008102328000 https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
a16b13982d0c5ec816fc7bd8a4caeae5.safeframe.googlesyndication.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
admiral.mgr.consensu.org
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
as-sec.casalemedia.com
backend.upapi.net
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
capi.connatix.com
cd.connatix.com
cdn.ampproject.org
cdn.districtm.io
cdn.firstimpression.io
cds.connatix.com
cse.google.com
d.pub.network
dapperdiscussion.com
dmx.districtm.io
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
googleads.g.doubleclick.net
graph.facebook.com
hbopenbid.pubmatic.com
hbx.media.net
ib.adnxs.com
imasdk.googleapis.com
img.connatix.com
jadserve.postrelease.com
js-sec.indexww.com
mantodea.mantisadnetwork.com
mrb.upapi.net
pagead2.googlesyndication.com
rules.quantcount.com
rx-stats3.unrulymedia.com
rx.targeting.unrulymedia.com
s.ntv.io
s0.2mdn.net
s7.addthis.com
s9.addthis.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
tlx.3lift.com
tpc.googlesyndication.com
v1.addthisedge.com
vid.connatix.com
video.unrulymedia.com
web.hb.ad.cpe.dotomi.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.reddit.com
z.moatads.com
s7.addthis.com
104.111.230.142
104.16.68.69
104.20.60.209
104.26.12.6
13.226.146.86
130.211.23.194
143.204.212.226
151.101.113.108
151.101.194.137
172.217.21.198
178.79.175.86
18.194.179.143
185.3.93.184
185.33.221.11
185.64.189.112
199.232.53.140
2.21.36.164
213.19.147.150
213.19.147.210
216.58.208.34
23.37.53.17
2600:9000:2182:1e00:6:44e3:f8c0:93a1
2606:4700:20::681a:18b
2606:4700:20::681a:346
2606:4700:20::681a:81b
2606:4700:20::681a:832
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:800::2006
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:814::2002
2a00:1450:4001:814::200e
2a00:1450:4001:815::2008
2a00:1450:4001:819::200a
2a00:1450:4001:81c::2004
2a00:1450:4001:821::2001
2a00:1450:4001:824::200e
2a00:1450:4001:825::2001
2a02:fa8:8806:13::1460
2a03:2880:f01c:800e:face:b00c:0:2
3.127.95.92
3.128.233.190
34.226.243.182
34.249.124.75
35.188.71.214
35.190.64.11
35.190.76.239
35.226.36.58
35.244.159.8
52.58.173.218
54.80.117.178
69.173.144.140
92.122.252.114
92.122.253.103
92.122.253.191
92.122.254.129
92.122.255.233
02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0a6413daf94db20920a5dec4b7e2acd0ecc866dd6c5a03801b0b7286dc9fe9e9
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
12dcf216e4ac62a835036836518edc6a972578146e9ab478946f201c426ea6ac
137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be
160df22a91da02a87389943a6dd003a720f5f412e484c41963013c96007ad5f0
187f239be41d541c6f3d1281845ea641c9a813b679aeb9853da05870c2c8730d
1968b2c15d2d81ec25e790f06650945baab3d405f6c6f40fd6d66c46b5109d81
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
1e9322d90411989f7e09ef5ad4a3465d6cb97c77741d1030b254cd50d7c7ffe5
1eab91f81bf81819c8832c3a70044b09fc8a6c73fd75df3eda4b0decda03da4f
203a1218e57e160a9bd9533ed8ac9d755feeb6249f8e0ba7ddb85a3ace770f45
206710015f44ae457b05fb8ccd960bd9c6a70fcab43bbdb9235f654374d14405
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
2894cd5e7e698e814fea1665e4cb13312e1a2a8cb163e6426082db0fdf8d9399
2a6bfabe65ca353e4359be32e10d40b8b514590b536dd93499bc1067e4bf6329
2c41f01fb35e7bb32b8b0a18ee9ab29d6a465a696eae0fcfb61a69e9e33b0b6a
2dda7ea92135dcf21660d4d79391d303fc38f6a6524ae74bbe2986f1d2e990d5
2ff5be48ba7bafa4fbcd391a3f3cac4bf8715e81650b953aac8f17bb39d0dca0
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
363f22c76410442e2a630649ba500312ff284f6e2744edc863fd9d6aeb56defe
3d7fea22e358599a92efab7791715b34583fd5641323ccee191ce78dc4cef125
3e2e0acf04591323f480a29b790cabd59fa06734e2e96288615a39dda8b5f078
45ce83f6d6e5dabc6ca43ece01bb87bf442d56e444f823d30a451717cdb2f31e
460eb8d4b80c0435124f0ce7a19b3daee0abe6a4b1a4a253ef95e963b5f8c1ee
469aa63ecc2a3fbb6f1a3dd7a7f22980cf5ac166f41964c2901dc23ffbb141e9
483b2c6e8a3771b651a3c43957e16e7e56f7a11551e8f1b922c59e6c4434b055
489caa649bc6af24b5de49c2db88c9ec21f992310412f0bdb136c2a9df3c6a87
491cc7c0fc3c395a2614ab8d0bc133c31f213b1381b52a7329a109fe86c5c01b
4b3ce2dd4a0e6cd70d762012bfe9df7c7d377d80149ee97318f4030cbf2bde38
4ceba3cc609ad8cc0e38c894672d63a3471cb5bba40bacd1d6e5fd9dbf7f0472
4d608284104f283919b1a5b3b5c4a71cd0b13a482a5a5aa91a72ffc92f6dae33
4d6249ec14344037d96f37aec8758b6e1a1b24fd16c8cdbe6c3ea84feb937ff0
4da6aabb7a3dc17bb4065edf301173279e2353f15bf6fdfd04bb22faf876bc38
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
4ffab78dc62052736d75039f2bc8947cf03763fe0ed67bcb16a43af83341e1c6
505a26d47d5767bae19ce9b81c3fb11a509361c7a97ef36e371bc0c7130b9b6e
51fec69968067d889ece493f10bd9e9cbcd372269b57915cc8ef8477bf48e1f5
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55b703024b0ae4678707ef08256e1a982bfc94bc43309ec06b3885519a451f54
55ed4df8b046f6e8f22e5b52f39fe1bb1b8c6775eea5af867a0569fd9ffdeb46
56afb1b69a9442f579dbf0280c643da3817f73a0dd1411fe68ceb7e4c4f400ac
56cec7375f7cce32ca45085e1570462984a34f295aa7921db97d8e4eb755ddb2
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5d88c6a9ea4370abd8360a86f75308b72819b8e91f78e8d7a1455b3b4a74f8c1
5f8fa551f08be2b03dec4b58764eedef1d8ca9ad6b7fe947f0047f9bdf469979
5ff9ef7e6afe99a02fde499f084462fba5b2f50817d631e5edf2f575ac598062
6108f0ca4ffa92e24232c07173a154be1785e11d29e30c64d900dfb97230aff2
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
6339f780bdef9300fcb91084aa935e9b624fe94baf78a4633059eeda23205479
64e96e37d0bac26a118af8e4ec865ce6d43bc1eaef2293ca9ebfd888374a1364
64f791cf5b11444b177786340186cb3ef3ed1c39938f49bc9d4a69bd21ba076d
66cfd93f20fe1bb1545202b2138ec00c34d51f2cf915409404f4615560dcf7cb
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
6883ce59605b04b6c6782ba17cb02dae671c9228e429ced6c1ab1171a38e12a1
6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6f7918d5107757163ace80a286f58050542bce4ef9e4c50dfd3b4c2ba18382ec
71cba6f88cbeec86fcc5e5e23b4b6241daab720bec27ebd8539d0ce22dd359f3
7201c68941659b42bc4a7fb8c660618005582eeaadfa91c4f9057d913c9ddf68
744f285380d50300c5f78b4a0e9b08f9cd096894251f5965264df5c21c287479
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8aa57c94573d8a0e132536ed043b8a978d2b9412f382a2180c2c7abbdfffe4b1
8d147bef307cb390e6afe377ee7325a54375832338df4b793b5e183c69d2cba5
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede
8fb7717faf61efb8c271691ba84ec01ea107b6946783ded26fb313c2b9a17760
93b5e369f56659659682af095f0d35e6585318c7c1791e678c556db3e341e950
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a03ef67e3e5d381fba17ef505ad2acd15efdefa17fff571750617c817b52b268
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a572f885750bb5525583831cc7964585a70881c7096ff8fb93398bdd9a99ca97
a5e145eadf3c0d2ca018da2d25a02de55ac0f70874da8bba148713fa326f278c
a70eac5161c44bc050cc6f7f3287bdec863913cc484dba6052d76ed06a35da95
a7472728634fbcb18886f01d268c47ffd3f33f7eb1fbb198dcbb3214cd5239ce
a76acd5ea27cce3460f6043bb84ef68bea1403610cd0273413c81ceba804d993
a774e1a7a5475cdedfa879e0076309c1d2bfdeb7bce389506631274a0fd59653
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
aad8739f57a09d8b276d16cfd7a70b556b532f636454b8de0877581eb9a8f0b5
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
aba7ded3dea78c69a1ebf209ffc25e85cd5eb12bb30413e2fc6ff71707b4b16d
aef8bb52d079cd26d7f24bb4968ae9c5485fefd28ee9a7a580d968af83bd5758
affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e
b2bd58f293bcd26a40acdc498cdc72622915032211b2c3391e00ea8077bade76
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad
b4059f5282a71b1ac7db679bf951fba85322fb2a5fbdeecd9cf8fa273318de2f
b56ad11a796a0bb9c92f0e2a2e6bbf74faeac481bfad1a68df65789b474108c0
b5e6258bffc85cd8dd21c3585860af04bc302646a97de4abd01442acbc641daa
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b6fb739a81931613abe2a3938a639daccabecf109c3d4da78233af6ac332e4f8
b8ca0648388fdee589dcb0c5f83f91ae36044ebc58b5417c04d00e361f0758ad
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bccac31167fd264918a8bdf35425a945c84c172d163daa72526e7f6616b8e2bc
be67e5937898250d69b307c97f4fb6e8e710b0d54a4568f3fe3742714ca47674
bea21ce0a8875dd5fdb2dd478191ac7c342ff952d70e49fbe02db3ae38cdd016
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
c52fe72e3ef098d5692133ab83f4d1520d5f359f657f0b86ce11cb79f3b3b7d6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb53f1298c658566ee2ed1f72852ffaaee212b2c0918fa64ccf2aba97b445697
cd40e755189c34a3eb9b15124f5505cd23d9e16e1b4be1b38e49b5cd6ea5e7be
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8eecd929495e4f534d830a1e0be0508cbcc18a5d16512bf7dd578946cee6a8
cfff75e4abb31dd16b9b64a569faeba6de44de802fb7e9f6feabba97ec93b377
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d
d2202487eb46bf6c947314b28445ec928cccd43f6c9435fd1fed7629f0e4c0b2
d891249bb070f521f34a78e2ed2ac22e71dc58a745d67563ce63a5d6371f2489
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da74d150d8f46e382a0ee99f126272518aa260e799a45e453258d6b1916c36db
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e1f341f14db09393bb0df14c2e1163be6ff46d182aba73b96a125f29108efecb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4da2fe124722082c7d13da5710223901621d238e6b343f6e835844c6c248745
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85
e93656546954ba710bc3006375132f7f550eb43738227e2c46afa147e5476752
eadd5a55bef224cf294109f1e95c762d22de57a99b27e245cc6a01c97da03f4a
eae28d9b21731e05774307608bda631218c317fdcefdbc1ddb4b55bde1fcfc39
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
ec4d92217271b00e8918a64ee0c3b302859c196b563f3264637e9f55c7bc04ef
ed8d39a3541368243e5fc78ad604bc830a4df8908fba9cb0964d9729b8405ba4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef66bc33d4c15b20ec273c7738568ed5d5004eb9a329182d0c09ad1cfcdfc691
ef98729e900305fa7a1b71b33efea54057ac3c4e3c2bfd07f34a104f4136be44
f125fd246e10689d46bc3c7c529be4f784c9adf3f80f0790a3532f7efd01b012
f1863167a05bbf84826e0d1109204d383fb59f03f119b40b507c81a32268d5da
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f329b7fc2457babced22f0de31b72927034aa90c5154e9703d0b71c6459e7e69
f37ab3b21d92d7500abfcb165c977aee0b97bd367ecd675bac96a08df02059e3
f69e95f74800e4dab8418f465db6eca0bb8f662605ddb2d8c27d1210bc37973e
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
f9ed37930833acd055309329602291eae6b05f7adf3643dbde06f7ffb4526209
fcfb91186dcd1c29a1cc5391c4c2f99648f39ebae090ba03bf8713cf6002399b
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
ffb9ab08b0d705956e14806463f2b8570a3d6d8c5965dfa50ecea37a33ee3db7
ffd88402bd7da213453634115d1872431f2ff6132e2a7c6aa38644606b3de809