www.aquasec.com Open in urlscan Pro
141.193.213.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Submission: On August 22 via api (August 22nd 2024, 2:10:01 am UTC) from TR — Scanned from DE

Summary HTTP 84 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 18 domains to perform 84 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.aquasec.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 26th 2024. Valid for: 8 months.

This is the only time www.aquasec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	63.32.122.247 63.32.122.247	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:10:... 2606:4700:10::6816:3a5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:10::210:a9a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:8cd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2c40::c7... 2606:2c40::c73c:671c	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1f::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:440... 2606:4700:4400::ac40:9310	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4c8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:afc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.154.218.200 54.154.218.200	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:25a... 2600:9000:25a2:2600:2:7dc7:8f00:93a1	16509 (AMAZON-02) (AMAZON-02)
7	3.208.64.119 3.208.64.119	14618 (AMAZON-AES) (AMAZON-AES)
2	3.165.190.13 3.165.190.13	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:8e77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
84	23

37 141.193.213.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.aquasec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.122.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-122-247.eu-west-1.compute.amazonaws.com

log.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:3a5b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8cd1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2c40::c73c:671c (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.aquasec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1f::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9310 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4c8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.218.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-218-200.eu-west-1.compute.amazonaws.com

directory.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:25a2:2600:2:7dc7:8f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.208.64.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-64-119.compute-1.amazonaws.com

trackingapi.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.165.190.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-190-13.zrh55.r.cloudfront.net

pic.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8e77 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	aquasec.com www.aquasec.com info.aquasec.com	739 KB
11	trendemon.com assets.trendemon.com — Cisco Umbrella Rank: 246335 trackingapi.trendemon.com — Cisco Umbrella Rank: 210305 pic.trendemon.com — Cisco Umbrella Rank: 567946	119 KB
7	cdn-cookieyes.com cdn-cookieyes.com — Cisco Umbrella Rank: 12284	47 KB
5	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 8139 api.hubspot.com — Cisco Umbrella Rank: 9983 app.hubspot.com — Cisco Umbrella Rank: 10634 track.hubspot.com — Cisco Umbrella Rank: 5359	28 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 534	15 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	299 KB
3	cookieyes.com log.cookieyes.com — Cisco Umbrella Rank: 14171 directory.cookieyes.com — Cisco Umbrella Rank: 21821	767 B
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	16 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 14516	156 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 5135	25 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 10675	24 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 5067	19 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	254 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 5414	1 KB
84	18

	Domain	Requested by
37	www.aquasec.com	www.aquasec.com
7	trackingapi.trendemon.com	assets.trendemon.com
7	cdn-cookieyes.com	www.aquasec.com cdn-cookieyes.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.aquasec.com
3	www.googletagmanager.com	www.aquasec.com www.googletagmanager.com
2	pic.trendemon.com
2	assets.trendemon.com	www.aquasec.com assets.trendemon.com
2	api.hubspot.com	js.usemessages.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	log.cookieyes.com	www.aquasec.com
1	region1.google-analytics.com	www.googletagmanager.com
1	js.hsforms.net	assets.trendemon.com
1	directory.cookieyes.com	cdn-cookieyes.com
1	track.hubspot.com
1	app.hubspot.com	js.usemessages.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	px4.ads.linkedin.com	www.aquasec.com
1	www.google.de	www.aquasec.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	info.aquasec.com	www.aquasec.com
1	js.hs-scripts.com	www.googletagmanager.com
84	26

This site contains links to these domains. Also see Links.

Domain
www.cookieyes.com
cloud.aquasec.com
support.aquasec.com
trivy.dev
info.aquasec.com
aquademy.aquasec.com
success.aquasec.com
twitter.com
www.facebook.com
www.linkedin.com
www.instagram.com
attack.mitre.org
www.g2.com
www.youtube.com
github.com

Subject Issuer	Validity	Valid
www.aquasec.com Cloudflare Inc ECC CA-3	`2024-04-26` - `2024-12-31`	8 months	crt.sh
log.cookieyes.com Amazon RSA 2048 M02	`2024-03-26` - `2025-04-25`	a year	crt.sh
cdn-cookieyes.com WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
hs-scripts.com WE1	`2024-07-29` - `2024-10-27`	3 months	crt.sh
info.aquasec.com WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.de WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
hs-banner.com WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
usemessages.com WE1	`2024-08-08` - `2024-11-06`	3 months	crt.sh
hs-analytics.net WE1	`2024-08-09` - `2024-11-07`	3 months	crt.sh
directory.cookieyes.com Amazon RSA 2048 M03	`2024-02-02` - `2025-03-03`	a year	crt.sh
*.trendemon.com SSL.com RSA SSL subCA	`2024-06-18` - `2025-06-18`	a year	crt.sh
hsforms.net WE1	`2024-08-11` - `2024-11-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Frame ID: 3B006762658454D906B4A3EA1A08A188
Requests: 82 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/1665891/threads/utk/7f30dbcd186243b08f973e0d8795a58f?uuid=dcdea430aa8e4ded81d81773ff3593d1&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=aquasec.com&inApp53=false&messagesUtk=7f30dbcd186243b08f973e0d8795a58f&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false
Frame ID: EBB7126FBA26F7CDFD60385D84BFAC1D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PG_MEM: A Malware Hidden in the Postgres Processes

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

84
Requests

99 %
HTTPS

74 %
IPv6

18
Domains

26
Subdomains

23
IPs

4
Countries

1491 kB
Transfer

3769 kB
Size

19
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookieyes.com/product/cookie-consent

Search URL Search Domain Scan URL

URL: https://cloud.aquasec.com/signin
Title: Sign in

Search URL Search Domain Scan URL

URL: https://support.aquasec.com/support/home
Title: Support

Search URL Search Domain Scan URL

URL: https://trivy.dev/
Title: Trivy

Search URL Search Domain Scan URL

URL: https://info.aquasec.com/gartner_cnapp
Title: Research and Reports The new Gartner® Market Guide for Cloud-Native Application Protection Platforms (CNAPP) Get the expert guide by Gartner

Search URL Search Domain Scan URL

URL: https://info.aquasec.com/aws-misconfigurations
Title: Whitepaper The 15 Riskiest AWS Misconfigurations Download Now

Search URL Search Domain Scan URL

URL: https://aquademy.aquasec.com/
Title: AquademyThe Aqua academy

Search URL Search Domain Scan URL

URL: https://info.aquasec.com/2023-cloud-native-threat-report
Title: 2023 Annual Aqua Nautilus ResearchA Comprehensive Cloud Native Threat Report

Search URL Search Domain Scan URL

URL: https://info.aquasec.com/ciso-choice-awards?utm_source=zoom&utm_campaign=cwpp&utm_content=ciso_awards
Title: CISO Choice Awards Winner for Cloud Workload Protection Platform (CWPP)

Search URL Search Domain Scan URL

URL: https://info.aquasec.com/forrester-tei
Title: Forrester Consulting: The Total Economic Impact™ of Aqua CNAPP 90% Reduction in vulnerability research and detection time

Search URL Search Domain Scan URL

URL: https://info.aquasec.com/frost-sullivan-cnapp
Title: Frost & Sullivan CNAPP report Top innovation leader

Search URL Search Domain Scan URL

URL: https://success.aquasec.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://twitter.com/AquaSecTeam
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AquaSecTeam
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/aquasecteam
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.instagram.com/aquaseclife/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/
Title: MITRE ATT&CK

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/assaf-morag-812a9432?lipi=urn%3Ali%3Apage%3Ad_flagship3_profile_view_base_contact_details%3BjV7HR%2FUHRF%2BsUjhj%2FSgAFA%3D%3D

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/&text=PG_MEM%3A%20A%20Malware%20Hidden%20in%20the%20Postgres%20Processes

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/&title=PG_MEM%3A%20A%20Malware%20Hidden%20in%20the%20Postgres%20Processes

Search URL Search Domain Scan URL

URL: https://www.g2.com/products/aqua-security/reviews?utm_source=review-widget

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/AquasecTeam

Search URL Search Domain Scan URL

URL: https://github.com/aquasecurity

Search URL Search Domain Scan URL

URL: https://info.aquasec.com/kubernetes-security
Title: O’Reilly Book: Kubernetes Security

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1724292596281&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1724292596281&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F&e_ipv6=AQK7dcUhh8ktGgAAAZF32QKt5ARCgsp-Dyyh47nERXVM6-Hvc6KQg6LZJcWC6UAOPf06aj2Dl0A-GPSYanOgl8UU-eA

84 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/ 112 KB
24 KB 255ms
198ms Document
text/html 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b949ac25c1bb080266546fb0963f15645a8c5c9708bb58140e6d42ae311f630

Security Headers

Name	Value
Content-Security-Policy	img-src data: *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b6f52d2ba806711-AMS
content-encoding: br
content-security-policy: img-src data: *;
content-type: text/html; charset=UTF-8
date: Thu, 22 Aug 2024 02:09:55 GMT
permissions-policy: midi=()
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 49
x-cache-group: normal
x-cacheable: SHORT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 script.js Show response
www.aquasec.com/wp-content/cache/min/1/client_data/5bcdbce45953e61e74b8da56/ 101 KB
35 KB 52ms
51ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aquasec.com/wp-content/cache/min/1/client_data/5bcdbce45953e61e74b8da56/script.js?ver=1724120040
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f2dbd4aa266d3738c8f43e53e78731725b2b2ed99f56e2f76dde2e22edf75ab

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Aug 2024 02:14:00 GMT
server: cloudflare
age: 172534
etag: W/"66c3fbe8-19225"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52d40b236711-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 no-title-Blog-image-PG_MEM-1200x628-1.jpg
www.aquasec.com/wp-content/uploads/2024/07/ 101 KB
101 KB 52ms
51ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/uploads/2024/07/no-title-Blog-image-PG_MEM-1200x628-1.jpg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9880b66c843f7700c123bc5a6846198b020cc5ab09379093f7af92719bc7ab78

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Aug 2024 14:43:57 GMT
server: cloudflare
age: 44047
etag: "66c35a2d-19418"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d40b246711-AMS
alt-svc: h3=":443"; ma=86400
content-length: 103448
expires: Tue, 19 Aug 2025 14:47:02 GMT

GET
H2 200 aqua3.min.css
www.aquasec.com/wp-content/themes/aqua3/css/ 490 KB
65 KB 52ms
51ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12b98693fd5d713a901e3ef3353ca6961f74afbb1db5416b81334eb84eed9090

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Aug 2024 02:10:04 GMT
server: cloudflare
age: 172281
etag: W/"66c3fafc-7a97e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52d40b226711-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 aqua3.min.js Show response
www.aquasec.com/wp-content/themes/aqua3/js/ 167 KB
54 KB 99ms
99ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/js/aqua3.min.js?ver=1.0.654
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76a63095bd0c61faa8c6a82907bb7744caabfd3e523c979b48f08c80b6de037b

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Aug 2024 09:45:34 GMT
server: cloudflare
age: 172281
etag: W/"66c1c2be-29b11"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52d40b266711-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 Horizontal-Dark-Abyss.svg
www.aquasec.com/wp-content/uploads/2019/08/ 4 KB
2 KB 68ms
68ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/uploads/2019/08/Horizontal-Dark-Abyss.svg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18587626fe3db3b6adcfcc0d1280f65b56c5208d4894fafc5c0b590a5b68df70

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Jan 2023 16:43:41 GMT
server: cloudflare
etag: W/"63cd67bd-108e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52d40b286711-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 PG_mem.png
www.aquasec.com/wp-content/uploads/2024/07/ 169 KB
170 KB 33ms
33ms Image
image/png 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/uploads/2024/07/PG_mem.png
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffc50eb10212a8ac048f37fbf714ecb4adbc5013ad9c9fdf4a8d668683ec91c9

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
cf-cache-status: HIT
age: 46292
cf-polished: origSize=1143598, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 173540
cf-bgj: imgq:100,h2pri
last-modified: Sun, 28 Jul 2024 14:03:31 GMT
server: cloudflare
etag: "66a64fb3-11732e"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d40b276711-AMS
expires: Tue, 19 Aug 2025 14:44:08 GMT

GET
H2 200 IMAGE2.jpg
www.aquasec.com/wp-content/uploads/2024/07/ 92 KB
92 KB 52ms
51ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/uploads/2024/07/IMAGE2.jpg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbd566fd6a6f693d59fc3f1fb79e724a1a6e0da53a233d2837613ddf257e7671

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
cf-cache-status: HIT
age: 43829
cf-polished: origSize=100687, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 94348
cf-bgj: imgq:100,h2pri
last-modified: Fri, 09 Aug 2024 16:39:35 GMT
server: cloudflare
etag: "66b64647-1894f"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d40b296711-AMS
expires: Thu, 21 Aug 2025 13:01:08 GMT

GET
H3 200 IMAGE3.jpg
www.aquasec.com/wp-content/uploads/2024/08/ 57 KB
58 KB 27ms
27ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/uploads/2024/08/IMAGE3.jpg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96b698217d6bc82720c6e93c48123b2acd8c5b2bca2515771c9e848cbe439a1a

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
cf-cache-status: HIT
age: 46930
cf-polished: origSize=66058, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 58732
cf-bgj: imgq:100,h2pri
last-modified: Mon, 19 Aug 2024 12:32:01 GMT
server: cloudflare
etag: "66c33b41-1020a"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d46d792bb5-FRA
expires: Tue, 19 Aug 2025 14:44:09 GMT

GET
H3 200 lazyload.min.js Show response
www.aquasec.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 27ms
26ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aquasec.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Aug 2024 07:24:37 GMT
server: cloudflare
age: 302509
etag: W/"66c1a1b5-22bc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52d4bd8f2bb5-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
219 B 171ms
42ms Ping
text/plain 63.32.122.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/cache/min/1/client_data/5bcdbce45953e61e74b8da56/script.js?ver=1724120040
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.122.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-122-247.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryP22RgouiB6fm8x5g

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
link: <https://www.cookieyes.com>; rel="canonical"
content-length: 2

GET
H2 200 banner.js Show response
cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/ 101 KB
33 KB 88ms
17ms Script
application/javascript 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/banner.js
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/cache/min/1/client_data/5bcdbce45953e61e74b8da56/script.js?ver=1724120040
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9073f10f19ccfb621bd6a35dd004001b31777b1f989100b73a91bb06e1ca29b4

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 21 Aug 2024 17:02:36 GMT
server: cloudflare
age: 30254
etag: "1940f-620348242c876-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
accept-ranges: bytes
cf-ray: 8b6f52d52bc13a64-FRA
content-length: 33756

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 315 KB
105 KB 110ms
30ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H

Requested by

Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

240771791a756ded6780293e24f1988743a5b446538af62d7dcd610ceaa9f2cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106805
x-xss-protection: 0
last-modified: Thu, 22 Aug 2024 00:48:33 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Aug 2024 02:09:56 GMT

GET
H3 200 icon_alert_02.svg
www.aquasec.com/wp-content/themes/aqua3/images/ 1000 B
793 B 22ms
22ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/icon_alert_02.svg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 021dc691a8ac476a01b5c5738e2652610b950ecc2d9c745c929b2a30548eb1f6

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 10 Jun 2023 09:02:57 GMT
server: cloudflare
age: 298275
etag: W/"64843c41-3e8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52d4dd9f2bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo_aqua.svg
www.aquasec.com/wp-content/themes/aqua3/images/ 2 KB
1 KB 21ms
21ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/logo_aqua.svg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8eb8a7898d7f65f3407008af621d906d14d1f0d0ff3f03a70da78cc1e471ea0

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 19:12:29 GMT
server: cloudflare
age: 301636
etag: W/"628d2e1d-936"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52d4dda02bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo_aqua_white.svg
www.aquasec.com/wp-content/themes/aqua3/images/ 2 KB
1 KB 26ms
25ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/logo_aqua_white.svg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a068fef04a1b0f7601f0d566dd7356d960d79a0c255e1228e9e057249fc1139

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 19:12:27 GMT
server: cloudflare
age: 301636
etag: W/"628d2e1b-89f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52d4dda12bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logomark_small.png
www.aquasec.com/wp-content/themes/aqua3/images/ 370 B
597 B 26ms
25ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/logomark_small.png
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5a16ab4cec4edc93fb95a251904368b4ffb61c1886daf14d0e667e7ef5de2e2

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
cf-cache-status: HIT
last-modified: Sun, 04 Dec 2022 14:44:25 GMT
server: cloudflare
age: 298275
etag: "638cb249-172"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d4dda22bb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 370
expires: Mon, 18 Aug 2025 14:11:33 GMT

GET
H3 200 icons_opensource_sprite_03.png
www.aquasec.com/wp-content/themes/aqua3/images/ 3 KB
3 KB 27ms
26ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/icons_opensource_sprite_03.png
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d62307128d2ce171e5c693cc6c2d87b5cb3a8b120deaefd791269d6352908677

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Dec 2022 13:14:51 GMT
server: cloudflare
age: 298275
etag: "63ad92cb-a12"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d4dda32bb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2578
expires: Mon, 18 Aug 2025 14:11:33 GMT

GET
H3 200 logomark_wiki_blue_small.png
www.aquasec.com/wp-content/themes/aqua3/images/ 388 B
615 B 23ms
23ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/logomark_wiki_blue_small.png
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f21885521706b7ae0638ce79ea884c4e3a582073ecdc478b851d43ceb98adfe8

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Feb 2023 22:22:55 GMT
server: cloudflare
age: 298275
etag: "63e02c3f-184"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d4dda42bb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 388
expires: Mon, 18 Aug 2025 14:11:33 GMT

GET
H3 200 icons_social_sprite_02.png
www.aquasec.com/wp-content/themes/aqua3/images/ 1 KB
1 KB 35ms
35ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/icons_social_sprite_02.png
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cbb0f1ee7e0c16e7792b41c8bc635bbfd80eaa15c2246727ecb09d9ae5a31f5

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
cf-cache-status: HIT
last-modified: Fri, 29 Sep 2023 10:24:37 GMT
server: cloudflare
age: 298275
etag: "6516a5e5-42c"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d4dda62bb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1068
expires: Mon, 18 Aug 2025 14:11:33 GMT

GET
H3 200 icon_search_sprite_03.png
www.aquasec.com/wp-content/themes/aqua3/images/ 418 B
645 B 27ms
26ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/icon_search_sprite_03.png
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13e9e30e321a29ea2fc897fe531dc79492758ed06fa246c4b824113430717afe

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
cf-cache-status: HIT
last-modified: Sun, 04 Dec 2022 14:44:25 GMT
server: cloudflare
age: 301370
etag: "638cb249-1a2"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d4eda82bb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 418
expires: Mon, 18 Aug 2025 14:11:33 GMT

GET
H3 200 Assaf-M-180-140x140.jpg
www.aquasec.com/wp-content/uploads/2024/01/ 6 KB
6 KB 45ms
43ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/uploads/2024/01/Assaf-M-180-140x140.jpg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6301c9c42c19c029aeeabbdd5f3d18467f2176f6542b62e0a085a8b982bd7ac

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
cf-cache-status: HIT
last-modified: Sun, 28 Jan 2024 09:28:27 GMT
server: cloudflare
age: 19385
etag: "65b61e3b-171e"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d4eda92bb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5918
expires: Mon, 18 Aug 2025 14:18:21 GMT

GET
H3 200 social_icon_bg_blue.png
www.aquasec.com/wp-content/themes/aqua3/images/ 2 KB
3 KB 28ms
26ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/social_icon_bg_blue.png
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca1cc2931d9b9d251ab7167845855887ed3ade46391a6af2b3f2cbd4a1ced08

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
cf-cache-status: HIT
last-modified: Sun, 02 Apr 2023 21:16:16 GMT
server: cloudflare
age: 298272
etag: "6429f0a0-9f8"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d4edaa2bb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2552
expires: Mon, 18 Aug 2025 14:09:08 GMT

GET
H3 200 ico_linkedin_white.svg
www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ 500 B
531 B 30ms
29ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ico_linkedin_white.svg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef613831627e1b66cfc1a63db65f2556fd82862d5984a407fa9a3bc12d15a08d

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Jul 2020 12:53:04 GMT
server: cloudflare
age: 302399
etag: W/"5f144230-1f4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52d4edab2bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 mesh_25_footer_full.svg
www.aquasec.com/wp-content/themes/aqua3/images/mesh/ 14 KB
2 KB 46ms
45ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/mesh/mesh_25_footer_full.svg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2682c47932a575492f1eba19f0061bbbf0936fbd969b108213e0474e14931e

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 10 Jun 2023 09:03:14 GMT
server: cloudflare
age: 298272
etag: W/"64843c52-3927"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52d4edac2bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 mesh_25_footer2_right.svg
www.aquasec.com/wp-content/themes/aqua3/images/mesh/ 878 B
777 B 46ms
45ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/mesh/mesh_25_footer2_right.svg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7606e84b34c394b34c596b002da5aaa0f301406ad2066bb6d9b93381505183fc

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 10 Jun 2023 09:03:13 GMT
server: cloudflare
age: 298272
etag: W/"64843c51-36e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52d4edad2bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo_aqua_dark.svg
www.aquasec.com/wp-content/themes/aqua3/images/ 2 KB
1 KB 26ms
25ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/logo_aqua_dark.svg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32046089ccace81843cbfbf1e80ec224e591a3a6441753dd62e0bcf4cf33c6d6

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 19:12:29 GMT
server: cloudflare
age: 302399
etag: W/"628d2e1d-936"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52d4edaf2bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ico_instagram_white.svg
www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ 2 KB
1018 B 30ms
29ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ico_instagram_white.svg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87d3036c2207d4cb8b2ab6ed65edde4aa2e351b50030e3515b664b5bd2117c13

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 16:22:46 GMT
server: cloudflare
age: 298271
etag: W/"61f023d6-74d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52d4edb02bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ico_youtube_white.svg
www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ 449 B
479 B 46ms
45ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ico_youtube_white.svg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29cecc5902de526c5b23f00d84e72ae7d29db58d2e3e8d11928ee5dea1169231

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Jul 2020 12:53:04 GMT
server: cloudflare
age: 302400
etag: W/"5f144230-1c1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52d4edb12bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ico_twitterx_white.svg
www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ 347 B
478 B 41ms
41ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ico_twitterx_white.svg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ecb1528ceb06e950fa027e7429321c91ea926dbc890e4fb34f07acf70b8c9f4

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Sep 2023 10:21:39 GMT
server: cloudflare
age: 298271
etag: W/"6516a533-15b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52d4edb32bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ico_git_white.svg
www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ 2 KB
1 KB 34ms
33ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ico_git_white.svg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a2e21c78744fd7ea0ace3cf3f78e8b46008ea982199c7df225dc4498b16703a

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Jul 2020 12:53:04 GMT
server: cloudflare
age: 302399
etag: W/"5f144230-794"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52d4edb42bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ico_facebook_white.svg
www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ 286 B
425 B 30ms
29ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ico_facebook_white.svg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce021d2a1a40ee29c16dd821b7fd9e661a98d77b89433bd5a5569a563e2129a3

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Jul 2020 12:53:04 GMT
server: cloudflare
age: 302399
etag: W/"5f144230-11e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52d4edb52bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 icon_accessibility.png
www.aquasec.com/wp-content/themes/aqua3/images/ 198 B
425 B 44ms
43ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/icon_accessibility.png
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f77564e29b03c97c7ecb155d1c974ff89de12cc0a4874724b6c259e9d9071d8

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 09:11:22 GMT
server: cloudflare
age: 298272
etag: "6332be3a-c6"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d4edb72bb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 198
expires: Mon, 18 Aug 2025 14:09:11 GMT

GET
H3 200 inter-v7-latin-600.woff2
www.aquasec.com/wp-content/themes/aqua3/fonts/ 17 KB
17 KB 41ms
33ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/fonts/inter-v7-latin-600.woff2
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f36b7ce29c7f51e6f99ffb230a4de3c58fb413c096963906fe52b7df5723526

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Origin: https://www.aquasec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
cf-cache-status: HIT
last-modified: Sun, 19 Dec 2021 10:40:34 GMT
server: cloudflare
age: 301306
etag: "61bf0c22-4460"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d52dd72bb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17504

GET
H3 200 inter-v7-latin-regular.woff2
www.aquasec.com/wp-content/themes/aqua3/fonts/ 16 KB
16 KB 40ms
32ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/fonts/inter-v7-latin-regular.woff2
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2069ee225073a115f31dcfbfc8e645967697bcf1d9b8f56d56b0aed8943d9f93

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Origin: https://www.aquasec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
cf-cache-status: HIT
last-modified: Sun, 19 Dec 2021 10:40:41 GMT
server: cloudflare
age: 301306
etag: "61bf0c29-410c"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d52dd82bb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 16652

GET
H3 200 inter-v7-latin-700.woff2
www.aquasec.com/wp-content/themes/aqua3/fonts/ 17 KB
17 KB 29ms
22ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/fonts/inter-v7-latin-700.woff2
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2be4f770c150289ae7c966dba6508266866f02223f41c6b9088699338ae99e7

Request headers

Referer: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.654
Origin: https://www.aquasec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
cf-cache-status: HIT
last-modified: Sun, 19 Dec 2021 10:40:38 GMT
server: cloudflare
age: 302400
etag: "61bf0c26-44c4"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d52dd92bb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17604

GET
H3 200 Gartner-CNAPP-2024-thumb-2.jpg
www.aquasec.com/wp-content/uploads/2024/04/ 28 KB
28 KB 33ms
25ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/uploads/2024/04/Gartner-CNAPP-2024-thumb-2.jpg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea48a58a9bc2b46b598e380703bd07f9e0e4ffbc4e3139c7e14eb6bce5771512

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
cf-cache-status: HIT
last-modified: Wed, 07 Aug 2024 08:48:34 GMT
server: cloudflare
age: 300125
etag: "66b334e2-708a"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d52dd42bb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 28810
expires: Mon, 18 Aug 2025 14:13:06 GMT

GET
H3 200 15-misfigs-Resources-thumbnail-1.jpg
www.aquasec.com/wp-content/uploads/2021/01/ 23 KB
23 KB 37ms
29ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/uploads/2021/01/15-misfigs-Resources-thumbnail-1.jpg
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b118d300f94d3de6d9c6c51ef8f6936f76dad17371bf24450bfcdd7056522948

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
cf-cache-status: HIT
last-modified: Wed, 29 May 2024 11:25:03 GMT
server: cloudflare
age: 298277
etag: "6657108f-5ac2"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d52dd52bb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 23234
expires: Mon, 18 Aug 2025 14:13:06 GMT

GET
H3 200 aqua_default_140x140.png
www.aquasec.com/wp-content/themes/aqua3/images/ 1 KB
2 KB 39ms
31ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/images/aqua_default_140x140.png
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a82beac313447af7db1dfa7b9aed48f9663af8ba0f9214075537de060b853a05

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 16:08:51 GMT
server: cloudflare
age: 7548
etag: "628e5493-582"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8b6f52d52dd62bb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1410
expires: Mon, 18 Aug 2025 14:13:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
102 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D2G99SQ9HG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41d0c56511f3eb6dde55beae3108058bf2b28a71090779f0ad789e539087b9ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104134
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Aug 2024 02:09:56 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 269 KB
92 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-881756472&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

224d567f8b94593275ef0b5f75a89e9e9b3d19b1b973d61b5f931deaecf018c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94449
x-xss-protection: 0
last-modified: Thu, 22 Aug 2024 00:48:33 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Aug 2024 02:09:56 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
1 KB 43ms
14ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1e898342f996200ceb14753e5829a6ff91de9ba3bc8114240e22e1c4d859bf2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 534, 534
date: Thu, 22 Aug 2024 02:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2024 07:32:21 GMT
x-cdn: AKAM
x-edgeconnect-midmile-rtt: 0, 0
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=20152
accept-ranges: bytes
content-length: 755

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 68ms
32ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 22 Aug 2024 02:09:55 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E648BDDAEAC948B18192F494A0059C25 Ref B: FRAEDGE1213 Ref C: 2024-08-22T02:09:56Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H2 200 1665891.js Show response
js.hs-scripts.com/ 2 KB
1 KB 153ms
119ms Script
application/javascript 2606:4700::6810:8cd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/1665891.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8cd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82fbd33383e88ecad9d0538289ead4053b7602f534a0f6e8fa0177a7addb3939

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cc729119-96b4-45d8-aeb1-9703785854c9
x-envoy-upstream-service-time: 7
content-length: 617
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cc729119-96b4-45d8-aeb1-9703785854c9
last-modified: Thu, 22 Aug 2024 02:09:56 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.aquasec.com
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-78c8468c8b-n4nkw
access-control-allow-credentials: true
cache-control: public, max-age=90
accept-ranges: bytes
cf-ray: 8b6f52d66a7e4db8-FRA
expires: Thu, 22 Aug 2024 02:11:26 GMT

GET
H3 200 data-layer-events.js Show response
info.aquasec.com/hubfs/ 11 KB
4 KB 904ms
835ms Script
application/javascript 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://info.aquasec.com/hubfs/data-layer-events.js?v=1724293196194

Requested by

Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

396f95fe76847ae1beacf9c523d2b852b3fc31ce9beedbde4df6b7f8ba6901ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-77926488921,P-1665891,FLS-ALL
x-amz-request-id: GGZGEVEV5JJ3JVMQ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-77926488921,P-1665891,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"b492d523ec97a31b53add8896e2baeca"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1656583869290
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 22 Aug 2024 02:09:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 f59e52adbf3a58a76dec03547cb4b34c.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: XcRlKoDF..T4fG.0Cjjm9Tr4D9UFP3Rp
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-77926488921,P-1665891,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: abVyhe1s1wRTQnOkedMyfU0NwC9w4FDqGdVHDMUBXl9YhVLWW8LlABcxQz4PIJfBbFqTylCvufA=
last-modified: Thu, 30 Jun 2022 10:11:10 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ayxWAL8jktPyQ2hLDdXIooe%2FgLTm8MrukDiQHVIaDIhdPdPWgG94oJqmSZry%2BWiOnjRBsvKgFN0mbAi6kJyzqpXh91ktjhl5LiWdS8yr2Xyrh5wHEJptMVpNFSGYM5rU2cskBNEYa%2BCddQjHqMA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b6f52d6bbce9106-FRA
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: guNbEtL2KSEFHvwpeSPbnRl5F0P_t1d9arJf_cUxw1kAGdhc5kAS5Q==

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 14ms
14ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

759bb13ca8d3bf157ea00880f75525c5cf9852d2afb83046a08bd01d0754e0af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 18 Aug 2024 09:01:55 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=60440
accept-ranges: bytes
content-length: 14628

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 45ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-D2G99SQ9HG&gtm=45je48j0v875778671z871822536za200zb71822536&_p=1724292595967&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1240559456.1724292596&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1724292596&sct=1&seg=0&dl=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F&dt=PG_MEM%3A%20A%20Malware%20Hidden%20in%20the%20Postgres%20Processes&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Blog%20new&ep.debug_mode=true&tfd=706
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D2G99SQ9HG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 02:09:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.aquasec.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 81ms
24ms Ping
text/plain 2a00:1450:400c:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D2G99SQ9HG&cid=1240559456.1724292596&gtm=45je48j0v875778671z871822536za200zb71822536&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D2G99SQ9HG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 02:09:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.aquasec.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 42ms
20ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D2G99SQ9HG&cid=1240559456.1724292596&gtm=45je48j0v875778671z871822536za200zb71822536&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1534725726

Requested by

Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 02:09:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
1 KB 137ms
112ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=45226&time=1724292596281&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-cache: CONFIG_NOCACHE
x-li-uuid: AAYgPCexxoyk3DJt/S060Q==
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B4177B449CA4491E866AF8509EFA8D9D Ref B: FRAEDGE1514 Ref C: 2024-08-22T02:09:56Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lva1
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-fs-uuid: 0006203c27b1c68ca4dc326dfd2d3ad1

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1724292596281&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1724292596281&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F&e_ipv6=AQK7dcUhh8ktGgAAA...

0
264 B

219ms
182ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1724292596281&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F&e_ipv6=AQK7dcUhh8ktGgAAAZF32QKt5ARCgsp-Dyyh47nERXVM6-Hvc6KQg6LZJcWC6UAOPf06aj2Dl0A-GPSYanOgl8UU-eA
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A25C868A27FA4BA786839C784D16D908 Ref B: FRAEDGE1810 Ref C: 2024-08-22T02:09:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYgPCe1rz0WjdK4yb1JRw==

Redirect headers

date: Thu, 22 Aug 2024 02:09:55 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3533D89835A2451C96878DD50717DFBE Ref B: FRAEDGE1507 Ref C: 2024-08-22T02:09:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1724292596281&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F&e_ipv6=AQK7dcUhh8ktGgAAAZF32QKt5ARCgsp-Dyyh47nERXVM6-Hvc6KQg6LZJcWC6UAOPf06aj2Dl0A-GPSYanOgl8UU-eA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYgPCeyWwvJcvvGR6Zqwg==

GET
H2 200 25111106.js Show response
bat.bing.com/p/action/ 334 B
415 B 33ms
32ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25111106.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

08a70bbce72580774f43a559d6e8f338acb64136e2c102ad2e0b5b1c1766ce16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 22 Aug 2024 02:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4DE6A88AD33645469870C3ED9EF94B6E Ref B: FRAEDGE1213 Ref C: 2024-08-22T02:09:56Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H2 204 0
bat.bing.com/action/ 0
286 B 33ms
33ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25111106&tm=gtm002&Ver=2&mid=afb82fd6-5397-440e-b1f5-6dfd02ec476b&sid=a06e41c0602b11ef8f2553f966947a0c&vid=a06e51a0602b11ef91c4bd0a06004acc&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=PG_MEM%3A%20A%20Malware%20Hidden%20in%20the%20Postgres%20Processes&p=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F&r=&lt=445&evt=pageLoad&sv=1&cdb=AQcT&rn=489436

Requested by

Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 22 Aug 2024 02:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DF5A2AA946344F5EA24FA6F36C8866D6 Ref B: FRAEDGE1213 Ref C: 2024-08-22T02:09:56Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1665891.js Show response
js.hs-banner.com/ 63 KB
19 KB 329ms
299ms Script
text/javascript 2606:4700:4400::ac40:9310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/1665891.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1665891.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eae6577f5d40e9c221f9490f2384d6afaf58f9660850a82f50e4d816e7394ca

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
x-amz-version-id: Ya49LhJrKGAIP6Qw89TAuKeSk1sdxOSw
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: KXNX0HJFQ571WJXB
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 38a165ee-b0bd-4d77-9413-7530d159c578
x-envoy-upstream-service-time: 33
x-amz-id-2: WX9AG8cWAWGzLYv5AK/snAN/A098pBBkJco7Cy1wzglxDmao0V4YHqgfnJiYS4q8f9a8RTB4Xoc=
x-evy-trace-listener: listener_https
x-request-id: 38a165ee-b0bd-4d77-9413-7530d159c578
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 20 Aug 2024 13:33:07 GMT
server: cloudflare
etag: W/"b498b42de17db7512538316a7894d7ae"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://trivy.dev
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-gfff7
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8b6f52d76d761e64-FRA
expires: Thu, 22 Aug 2024 02:14:56 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 83 KB
24 KB 187ms
157ms Script
application/javascript 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1665891.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a58fb4ba57e791839c580c3ab186ee45d39e5558c62fa910a531e2225be9331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Origin: https://www.aquasec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1347/bundles/project.js&cfRay=8b6f52d76ab1368b-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"d5eb842cb627d3498b8eea8cb51bd4ba"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1347/bundles/project.js
date: Thu, 22 Aug 2024 02:09:56 GMT
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: qlSsOogDzDfjHYWqoRnPM3MeITU5eHaq
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 51cffd79-5acc-44f2-9822-cd6a2fb011d0
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-request-id: 51cffd79-5acc-44f2-9822-cd6a2fb011d0
last-modified: Tue, 13 Aug 2024 14:43:57 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vgQTVak2xhhMF5Qb0Ebtm7KNcq6DBjNGFx1twQUCt0QK0nqAICX7joJ8CoobzXYwx5%2FuB%2F9Y%2BWs2EcKPubk5zwpyKxKc5XuFll0L3Od%2F2mu5VeWOiJxDOYshDVsqjvdxXLzw07FUUbuLdoh"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-vn9j6
cf-ray: 8b6f52d76ab1368b-FRA
x-amz-cf-id: Vm3zpoMKC7UVsrFyLHjl65yHCpV-e0STj-l6mWeSmPhxy5hg4c3ZrA==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 85 KB
24 KB 57ms
27ms Script
application/javascript 2606:4700::6810:4c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1665891.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3584b2a942278c3971a683fa367a93c77fbb44bb84620afa4257aa9bb61a9ef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
content-encoding: gzip
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
x-amz-version-id: 3Ha5iopcbUaTU_mjeerTHrWcx9897bgQ
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P3
age: 122
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.17691/bundles/project.js&cfRay=8b6f4fdbea96365b-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: f5ab76cd-d175-4e88-97fe-4748ea53c992
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f5ab76cd-d175-4e88-97fe-4748ea53c992
last-modified: Wed, 21 Aug 2024 16:56:50 UTC
server: cloudflare
etag: W/"a0e234db45681ad3a8cd21c3ba1db505"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-sw27x
cf-ray: 8b6f52d75805360a-FRA
x-amz-cf-id: nScdZHu3ol7Hb_lURxdG7kVkOl2Y6oQSgOl7AwW_IAJD5wpNoiTiLg==
x-hs-target-asset: conversations-embed/static-1.17691/bundles/project.js

GET
H2 200 1665891.js Show response
js.hs-analytics.net/analytics/1724292300000/ 73 KB
25 KB 214ms
184ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1724292300000/1665891.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1665891.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4640239bc8536a6794890c2fc9a7d857398b8331ea92200404c070bc7034f5e

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:56 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: GGZRZQK9YV5D43MB
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 053e6f12-c562-4ce3-a7c8-8a739b6e96ce
x-envoy-upstream-service-time: 74
x-amz-id-2: 0Ni54XJpnFD/PRBtFeAMLmnYnw2stQiPrRDbBgUn1ZSeyneg9s1/8UV7I49DoTVPjFM7XRV2oOs=
x-evy-trace-listener: listener_https
x-request-id: 053e6f12-c562-4ce3-a7c8-8a739b6e96ce
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 20 Aug 2024 13:33:17 GMT
server: cloudflare
etag: W/"f65782287a60d589f8a9acd7cea8c802"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-gfff7
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8b6f52d76d2b1c85-FRA
expires: Thu, 22 Aug 2024 02:14:56 GMT

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
3 KB 479ms
477ms XHR
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=1665891&conversations-embed=static-1.17691&mobile=false&messagesUtk=7f30dbcd186243b08f973e0d8795a58f&traceId=7f30dbcd186243b08f973e0d8795a58f

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eac9b9666c32f90b09ff6557827ea731fc56904b14fbf66e84b1f2fa79288e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
X-HubSpot-Messages-Uri: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6b15a97d-84a8-4d58-8ce0-5e99860d776d
x-envoy-upstream-service-time: 184
content-length: 1683
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6b15a97d-84a8-4d58-8ce0-5e99860d776d
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.aquasec.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-78c8468c8b-258sg
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2BZeeeuqfug%2B6DBuxQtNVI4jaDdf0%2Bx8%2Fw38xLn%2BF6wH5SE9ZvzJJVVgCZ9dOdIfnKHJl60ilkg9aBw3SpdQ2sPfgrVpS%2FfqBuoZq8Vrwv2wWvNe%2FAj4aA2LEZmQuQvcOk833J5QcHwkdzO2Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b6f52d87b3c368b-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 129ms
124ms Preflight
text/plain 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.aquasec.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.aquasec.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8b6f52d7aad8368b-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Thu, 22 Aug 2024 02:09:56 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CKXgj81iqUaxz2kQe%2FLi%2B9H7DFm2rBsYE4eRG5CNGZOQRkAl4ulOHxuIcI4jgz9Vwf2MNgvAnyqTsdqUvBLoewt9DJ8Fx2nSh8xFmajllSDEfItbkMbK5ZgTgxsx87eRWV4CVeITCrdsknbAig%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-78c8468c8b-j768l
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 0668b173-294c-46f4-b7fa-d028747e2440
x-request-id: 0668b173-294c-46f4-b7fa-d028747e2440

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
193 B 185ms
184ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 22 Aug 2024 02:09:55 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 0B50E12232164C158068C924B8BA3461 Ref B: FRAEDGE1507 Ref C: 2024-08-22T02:09:56Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://www.aquasec.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYgPCe4h8O2O2JdoWheOw==

GET
H2 200 7f30dbcd186243b08f973e0d8795a58f
app.hubspot.com/conversations-visitor/1665891/threads/utk/ Frame EBB7 0
0 229ms
199ms Document
text/html 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/1665891/threads/utk/7f30dbcd186243b08f973e0d8795a58f?uuid=dcdea430aa8e4ded81d81773ff3593d1&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=aquasec.com&inApp53=false&messagesUtk=7f30dbcd186243b08f973e0d8795a58f&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
age: 1922
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 8b6f52dbbbcc8ed8-FRA
content-encoding: gzip
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.20143/html/index.html&cfRay=8b6f52dbbbcc8ed8&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F1665891%2Fthreads%2Futk%2F7f30dbcd186243b08f973e0d8795a58f%3Fuuid%3Ddcdea430aa8e4ded81d81773ff3593d1%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Daquasec.com%26inApp53%3Dfalse%26messagesUtk%3D7f30dbcd186243b08f973e0d8795a58f%26url%3Dhttps%253A%252F%252Fwww.aquasec.com%252Fblog%252Fpg_mem-a-malware-hidden-in-the-postgres-processes%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue%26isIOSMobile%3Dfalse&referrer=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F&cfenv=prod&pdt=2024-08-22&csp=ro
content-type: text/html; charset=utf-8
date: Thu, 22 Aug 2024 02:09:57 GMT
etag: W/"857484e430aaeb169ff056e3fb110061"
last-modified: Wed, 21 Aug 2024 16:56:50 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8b6f52dbbbcc8ed8&resource=conversations-visitor-ui/static-1.20143/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
x-amz-cf-id: bf7Ic4dedQpriFwPfCcqW4K7XvV-LMPtaBhjLN7ipbRkd1BehRXNrw==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: 3SSq8HDbQYFvBPlxZ6Q6mlg0veo70S6V
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 7
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-tmvlw
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.20143/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 5ae6053f-3399-42aa-8437-4386d85a6bbc
x-request-id: 5ae6053f-3399-42aa-8437-4386d85a6bbc

GET
H2 200 kDtxDeEE.json Show response
cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/ 738 B
433 B 39ms
18ms Fetch
application/json 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/kDtxDeEE.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5debdbe26fb25ed30b4b6c05be6d235da7033863045f5694fb6ea8fcb8c7adb7

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 21 Aug 2024 17:02:36 GMT
server: cloudflare
age: 32831
etag: W/"2e2-620348242d816"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 8b6f52de3c573a9a-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
932 B 245ms
134ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=1240600147&v=1.1&a=1665891&rcu=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F&pu=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F&t=PG_MEM%3A+A+Malware+Hidden+in+the+Postgres+Processes&cts=1724292597457&vi=010e695163ef04428893e5d756d2527c&nc=true&u=207889101.010e695163ef04428893e5d756d2527c.1724292597455.1724292597455.1724292597455.1&b=207889101.1.1724292597455&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b0a11977-3d20-488c-95a0-65ddcc2c26dd
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 11
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b0a11977-3d20-488c-95a0-65ddcc2c26dd
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PYJ4N7C39KL9QtKzrcKnKcSU0gPKpD6SXSFwqHRpLqDLIaOpvqLyrj2AD4dnw2k6OLTJIpKHwXNZtNylF4ad%2BvQSqOU0aeaNhQ3yqPQhrQ9g9iz45OthhKX8ZCPxX2o8YG7PWuebOrSpw56%2FEcRf"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-rtlfs
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8b6f52decc929732-FRA
x-robots-tag: none

GET
H3 200 favicon.ico
www.aquasec.com/wp-content/themes/aqua3/ 15 KB
1 KB 21ms
21ms Other
image/x-icon 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aquasec.com/wp-content/themes/aqua3/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89de0c24e64daab3fd78e61c512bc6e5ebcd4f771e6d7d81d4e678b259f3f92a

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 19:25:34 GMT
server: cloudflare
age: 301805
etag: W/"628d312e-3aee"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b6f52de2ac82bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ip Show response
directory.cookieyes.com/api/v1/ 111 B
330 B 127ms
33ms Fetch
text/html 54.154.218.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://directory.cookieyes.com/api/v1/ip
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.218.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-218-200.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 21ebea138bee21258d3d2cfb81f096a6c0141f5ed0b4ebab8182febfe6384633

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:57 GMT
etag: W/"6f-JQ10BS85MY8gRsxWYWHFQ9PNiao"
x-powered-by: Express
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
link: <https://www.cookieyes.com>; rel="canonical"
content-length: 111

GET
H2 200 Cck2_7l9.json Show response
cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/config/ 33 KB
6 KB 18ms
18ms Fetch
application/json 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/config/Cck2_7l9.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b62c6a1d8d6e6638449c088ad1fb9bedf1b2f0d550dc772fdbd32c07e438e37c

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 21 Aug 2024 17:02:36 GMT
server: cloudflare
age: 30254
etag: W/"84d2-620348242c876"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 8b6f52df3cdd3a9a-FRA

GET
H2 200 n72tmEuY.json Show response
cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/translations/ 2 KB
857 B 15ms
15ms Fetch
application/json 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/translations/n72tmEuY.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52bd0f23fdf9fec10087ec823dab8717d7e0205f1056a6cbb91ab1ed92f73b1f

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 21 Aug 2024 17:02:36 GMT
server: cloudflare
age: 30254
etag: W/"73c-620348242d816"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 8b6f52df4cf03a9a-FRA

GET
H2 200 SJTPhqIL.json Show response
cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/audit-table/ 18 KB
5 KB 14ms
14ms Fetch
application/json 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/audit-table/SJTPhqIL.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0457dd0b27dc5a87533d6df125aa5300a1355b9581d4fe742c5cedcef684e62

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 21 Aug 2024 17:02:36 GMT
server: cloudflare
age: 30254
etag: W/"4785-620348242c876"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 8b6f52df6cff3a9a-FRA

GET
H2 200 close.svg
cdn-cookieyes.com/assets/images/ 1 KB
767 B 16ms
16ms Image
image/svg+xml 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/close.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 04:40:50 GMT
server: cloudflare
age: 230296
etag: W/"541-5da3a66c769d4"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
cf-ray: 8b6f52df8a693a64-FRA

GET
H2 200 poweredbtcky.svg
cdn-cookieyes.com/assets/images/ 4 KB
2 KB 14ms
13ms Image
image/svg+xml 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/poweredbtcky.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 04:41:24 GMT
server: cloudflare
age: 230296
etag: W/"eb2-5da3a68c50d09"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
cf-ray: 8b6f52df8a6a3a64-FRA

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
218 B 38ms
36ms Ping
text/plain 63.32.122.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/cache/min/1/client_data/5bcdbce45953e61e74b8da56/script.js?ver=1724120040
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.122.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-122-247.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryF8jW3IsSe0SbM7xV

Response headers

date: Thu, 22 Aug 2024 02:09:57 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
link: <https://www.cookieyes.com>; rel="canonical"
content-length: 2

GET
H2 200 trends.min.js Show response
assets.trendemon.com/tag/ 301 KB
60 KB 84ms
20ms Script
application/javascript 2600:9000:25a2:2600:2:7dc7:8f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/tag/trends.min.js
Requested by: Host: www.aquasec.com
URL: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:2600:2:7dc7:8f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 633bcfe427a83d802616ed31a4a273861f102af031357ecdd96336af3cde81b8

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 15:19:37 GMT
content-encoding: gzip
via: 1.1 6ea1443d3dc39c2be7c23883fb0bd3e0.cloudfront.net (CloudFront)
last-modified: Thu, 15 Aug 2024 13:47:35 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
age: 39023
x-amz-server-side-encryption: AES256
etag: "be18d6d096975527536c71e8023b1f33"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 61225
x-amz-cf-id: BvvWgmprNiSl_dA-mhRYsOAiBAhzBPTajPmpbpKShUD6wXpq3xBDpA==

GET
H2 200 1810 Show response
trackingapi.trendemon.com/api/settings/ 759 B
898 B 325ms
96ms Script
application/x-javascript 3.208.64.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/settings/1810?callback=jsonp893232&vid=
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.64.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-64-119.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 0516c2e44ac8d3510b2eae365a3bf84e9453d53c8148dc8c93c1e92e53d63075

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 02:09:58 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 759
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 identity.min.js Show response
assets.trendemon.com/global/ 18 KB
6 KB 18ms
18ms Script
application/javascript 2600:9000:25a2:2600:2:7dc7:8f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/global/identity.min.js
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:2600:2:7dc7:8f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1220bdf087a7b3b0f068e1dc2422c361ef11cf999ff8ea343573d9e5a7c19bdc

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:11:58 GMT
content-encoding: gzip
via: 1.1 6ea1443d3dc39c2be7c23883fb0bd3e0.cloudfront.net (CloudFront)
last-modified: Thu, 15 Aug 2024 13:47:39 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
age: 86281
etag: W/"3f44b799c727cbac65d90f0779b8eb4e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: _47s6-1_1KHzMcDzddjQAvme4Am7prwYv_4d1B2NxYTX9BxJN3hJNA==

GET
H2 200 me Show response
trackingapi.trendemon.com/api/Identity/ 95 B
508 B 100ms
100ms Script
application/x-javascript 3.208.64.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/Identity/me?accountId=1810&DomainCookie=17242925981319856&fingerPrint=7555eb4bd181f83f6befe92182b1276c&callback=jsonp222416&vid=
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.64.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-64-119.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 6dc71241094ed9968cbae27d4be418d8a379d8bce275cceb65e986826b10053d

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 02:09:58 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 95
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 ace-campaign Show response
trackingapi.trendemon.com/api/experience/ 17 B
116 B 100ms
99ms Script
application/x-javascript 3.208.64.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/experience/ace-campaign?AccountId=1810&ClientUrl=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F&Referral=&callback=jsonp309177&vid=1810:17242925981319856
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.64.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-64-119.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 6f009098d988adaab4c4086823a53b9488a4114334e2bf5aa9949fb74375fe35

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:58 GMT
server: Kestrel
content-length: 17
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 pageview
trackingapi.trendemon.com/api/events/ 43 B
234 B 145ms
145ms Image
image/gif 3.208.64.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trackingapi.trendemon.com/api/events/pageview?accountId=1810&url=aHR0cHM6Ly93d3cuYXF1YXNlYy5jb20vYmxvZy9wZ19tZW0tYS1tYWx3YXJlLWhpZGRlbi1pbi10aGUtcG9zdGdyZXMtcHJvY2Vzc2VzLw%3D%3D&cookie=17242925981319856&referral=&variant=&otwId=&otwItemId=&streamId=&streamContentId=&vid=1810:17242925981319856&r=1724292598417
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.64.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-64-119.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 02:09:58 GMT
server: Kestrel
age: 1691358
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 personal Show response
trackingapi.trendemon.com/api/experience/ 1 KB
2 KB 313ms
313ms Script
application/x-javascript 3.208.64.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/experience/personal?AccountId=1810&ClientUrl=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F&MarketingAutomationCookie=&ExcludeUnitsJson=%5B%5D&streamId=&callback=jsonp944437&vid=1810:17242925981319856
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.64.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-64-119.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 1eee5b7d56f37a598ea40ce7a12130bc30ec9c510371e8d0ebb6d4e9b7da9aa0

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:59 GMT
server: Kestrel
content-length: 1450
content-type: application/x-javascript; charset=UTF-8

GET
H/1.1 200
OK closex.png
pic.trendemon.com/images/ 386 B
844 B 107ms
29ms Image
image/png 3.165.190.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.trendemon.com/images/closex.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.190.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-190-13.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3a58e45ccfffece1df8e470fd853a81321e4f78f6af8d22e78310da1380f7d5

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 22 Aug 2024 02:09:59 GMT
Via: 1.1 e0af5ef33b40e73d4f01738e4cd1f556.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Apr 2019 23:23:30 GMT
Server: AmazonS3
X-Amz-Cf-Pop: ZRH55-P2
Age: 4
ETag: "7da2ae17c3b671047838f7b78687a56f"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 386
X-Amz-Cf-Id: xTMa1fod3tbqr1F6v0HZGCoWB0aswQKD9c1on5HwqvaTQKH3pKDdOQ==

GET
H2 200 personal-embedded Show response
trackingapi.trendemon.com/api/experience/ 6 KB
6 KB 121ms
120ms Script
application/x-javascript 3.208.64.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/experience/personal-embedded?AccountId=1810&ClientUrl=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F&MarketingAutomationCookie=&Ids=%5B%22ac25252f-46f9-4952-bdc4-33b23e371131%22%2C%22c1b5dcad-43be-4cfe-ba26-4b44aca4d54f%22%5D&Groups=%5B%5D&StreamId=&callback=jsonp639165&vid=1810:17242925981319856
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.64.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-64-119.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 6ce5fb9dbf68bca2975e1d919d6840f5d4bdaaa608d7df15300264e385583f9d

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 02:09:59 GMT
server: Kestrel
content-length: 6099
content-type: application/x-javascript; charset=UTF-8

GET
H3 200 v2.js Show response
js.hsforms.net/forms/ 483 KB
156 KB 33ms
21ms Script
application/javascript 2606:4700::6812:8e77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8e77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfdf1af1a230e3ee08968606c4322f5a9c51a5a6bf341687fedac60716c9ddab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
age: 15
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5781/bundles/project-v2.js&cfRay=8b6f528988841c05-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"07033d485ccfcdda144e7a4173dbc0bc"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5781/bundles/project-v2.js
date: Thu, 22 Aug 2024 02:09:59 GMT
via: 1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: __TkXxzKt.v8sm6CVT1EUR2QdTtEmM_4
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 3994512f-3bbc-4e07-9a2e-ddcabfcdfcd0
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 3994512f-3bbc-4e07-9a2e-ddcabfcdfcd0
last-modified: Wed, 07 Aug 2024 13:25:19 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwONsL%2B0QcAe4jANHzoqKZzDkgbDvQy7%2B5BjXDcBZFElH0ffeGr5w%2FMHbyoMjaDB9mI9tTEM9r0FKcEZ0yu8huhVMDXI9lwctyHYU%2BWUVpgAyC6XX%2B8fFsHGD0e%2Fbb%2FBTMaq8a4E%2BVbBjY7M"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-sffzl
cf-ray: 8b6f52e97b469739-FRA
x-amz-cf-id: UBzM4JyQUXb_l-PuDbg8nm6zxmAK9xA2nYHT-mVPH8iHKl3RYI1a1g==

GET
H/1.1 200
OK 267f47b5bca6bd04d265b1d5a12616e9.jpg
pic.trendemon.com/tasks_logo/1810/ 42 KB
42 KB 20ms
20ms Image
image/jpeg 3.165.190.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.trendemon.com/tasks_logo/1810/267f47b5bca6bd04d265b1d5a12616e9.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.190.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-190-13.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d80634ff7b299a4822da649b251cb016fff11be494a512d88d105f94da2b9657

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 06:35:27 GMT
Via: 1.1 e0af5ef33b40e73d4f01738e4cd1f556.cloudfront.net (CloudFront)
Last-Modified: Thu, 18 Jan 2024 13:09:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: ZRH55-P2
Age: 70473
x-amz-server-side-encryption: AES256
ETag: "f3aedf5521f5f14daef08144bd2e1f13"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42917
X-Amz-Cf-Id: 9yKNPMmREl6RbK1H6Gc4sUAMqPJVPoMFE1cDRI38w5X22S-M6BKA3A==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 15ms
14ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D2G99SQ9HG&gtm=45je48j0v875778671z871822536za200zb71822536&_p=1724292595967&gcs=G100&gcd=13m3mPm2m5l1&npa=1&dma_cps=-&dma=1&tag_exp=0&gdid=dY2Q2ZW&cid=334880117.1724292599&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=2&sid=1724292599&sct=1&seg=0&dl=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Fpg_mem-a-malware-hidden-in-the-postgres-processes%2F&dt=PG_MEM%3A%20A%20Malware%20Hidden%20in%20the%20Postgres%20Processes&en=trendemon_load&_fv=1&_nsi=1&_ss=1&ep.content_group=Blog%20new&ep.debug_mode=true&ep.unitName=TraceeShark%20-%20Nautilus&tfd=3704
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D2G99SQ9HG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 02:09:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.aquasec.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uplift
trackingapi.trendemon.com/api/events/ 43 B
234 B 244ms
243ms Image
image/gif 3.208.64.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trackingapi.trendemon.com/api/events/uplift?AccountId=1810&Cookie=17242925981319856&Url=aHR0cHM6Ly93d3cuYXF1YXNlYy5jb20vYmxvZy9wZ19tZW0tYS1tYWx3YXJlLWhpZGRlbi1pbi10aGUtcG9zdGdyZXMtcHJvY2Vzc2VzLw%3D%3D&EventType=GENERIC_UNIT_LOAD&CtaId=117118&Widget=true&InAbTest=false&UnitTypeId=0&StreamId=&vid=1810:17242925981319856&r=1724292599269
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.64.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-64-119.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.aquasec.com/blog/pg_mem-a-malware-hidden-in-the-postgres-processes/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 02:09:59 GMT
server: Kestrel
age: 1691358
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bing.com/	1970-01-21 08:19:48	Name: MUID Value: 0A95D4C8EA056B1B303DC02BEBD76A46
.linkedin.com/	1970-01-21 07:43:48	Name: bcookie Value: "v=2&84b1edcd-99cc-4d05-8bf3-67e684cdfa7d"
.linkedin.com/	1970-01-21 03:17:24	Name: li_gc Value: MTswOzE3MjQyOTI1OTY7MjswMjEoYbEVoht69sC666E3QEJcfhSv5WC3xikGvdlsoa2oyQ==
.linkedin.com/	1970-01-20 22:59:38	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3325:u=1:x=1:i=1724292596:t=1724378996:v=2:sig=AQHr2tjW75pXJAEdpRdnt1-xBVfAFvzR"
.info.aquasec.com/	1970-01-20 22:58:14	Name: __cf_bm Value: qGVp.48fB8t5ZK4eSUN0ZbpG1.gINfpH.1UTIIpJgU8-1724292597-1.0.1.1-W8Q6J9zN.yuEavNg_zS.mkX5muEAUBJj0_hf7B3jQ1dVO1909SaXXlfSxjuT8Up13ep5ljNc1v2dq1BAZhyDng
.info.aquasec.com/	1969-12-31 23:59:59	Name: __cfruid Value: 593a4690a7223f088366d00d4c442fd950cc3c81-1724292597
.aquasec.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.aquasec.com/	1970-01-20 22:58:14	Name: __hssc Value: 207889101.1.1724292597455
.aquasec.com/	1970-01-21 03:17:24	Name: messagesUtk Value: 7f30dbcd186243b08f973e0d8795a58f
.hubspot.com/	1970-01-20 22:58:14	Name: __cf_bm Value: P0DOPQxI0rOMte974WhJ4o5F5gHOCbi8uc1bP5pFeP8-1724292597-1.0.1.1-8I8rkejIsxEUpa7NHw_QUkl_SCcW_Z0j5UERxo4J0GWozkRsy6jsAPE.1Scd21orm332EJMwQDBUwveRGN0uEw
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Cj99jn3Xgh91toj1HxR_hr8g9HZA5HWz3qyEM0nGBSc-1724292597610-0.0.1.1-604800000
.www.aquasec.com/	1970-01-21 07:43:48	Name: cookieyes-consent Value: consentid:bWhoUEs3TUtyRmgwWjQyOXJsQ3dSSVdDekZJVE9oOFY,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no,other:no
.aquasec.com/	1970-01-21 07:43:48	Name: trd_cid Value: 17242925981319856
trackingapi.trendemon.com/	1970-01-21 08:34:12	Name: trd_gavid_1810 Value: 17242925981319856
trackingapi.trendemon.com/	1970-01-21 08:34:12	Name: trd_gvid Value: 17242925981319856
trackingapi.trendemon.com/	1970-01-21 08:34:12	Name: trd_vid_1810 Value: 1810%3A17242925981319856
.aquasec.com/	1970-01-21 07:43:48	Name: trd_vid_l Value: 1810%3A17242925981319856
.aquasec.com/	1970-01-21 07:43:48	Name: trd_vuid_l Value: -8868598868112784104
.hsforms.net/	1970-01-20 22:58:14	Name: __cf_bm Value: _EhG5HlaF3OQ7cA.f9_L9KIuaM1s8mRT4RyTSuSDE9U-1724292599-1.0.1.1-z.WiiIRNyOp.bNb3aHngvtNFxn1bIxZBnqF4WcBb4Uprvjl7q3ApNkGzqcKP5N8ecYxKTj._ATMJSWsABY_9ww

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	img-src data: *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.hubspot.com
assets.trendemon.com
bat.bing.com
cdn-cookieyes.com
directory.cookieyes.com
info.aquasec.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
js.hubspot.com
js.usemessages.com
log.cookieyes.com
pic.trendemon.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
snap.licdn.com
stats.g.doubleclick.net
track.hubspot.com
trackingapi.trendemon.com
www.aquasec.com
www.google.de
www.googletagmanager.com
13.107.42.14
141.193.213.21
2001:4860:4802:34::36
2600:9000:25a2:2600:2:7dc7:8f00:93a1
2606:2c40::c73c:671c
2606:4700:10::6816:3a5b
2606:4700:4400::ac40:9310
2606:4700::6810:4c8e
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8cd1
2606:4700::6811:afc9
2606:4700::6812:8e77
2620:1ec:21::14
2620:1ec:c11::237
2a00:1450:4001:828::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c1f::9b
2a02:26f0:3500:10::210:a9a
3.165.190.13
3.208.64.119
54.154.218.200
63.32.122.247
021dc691a8ac476a01b5c5738e2652610b950ecc2d9c745c929b2a30548eb1f6
0516c2e44ac8d3510b2eae365a3bf84e9453d53c8148dc8c93c1e92e53d63075
08a70bbce72580774f43a559d6e8f338acb64136e2c102ad2e0b5b1c1766ce16
1220bdf087a7b3b0f068e1dc2422c361ef11cf999ff8ea343573d9e5a7c19bdc
12b98693fd5d713a901e3ef3353ca6961f74afbb1db5416b81334eb84eed9090
13e9e30e321a29ea2fc897fe531dc79492758ed06fa246c4b824113430717afe
18587626fe3db3b6adcfcc0d1280f65b56c5208d4894fafc5c0b590a5b68df70
1a2e21c78744fd7ea0ace3cf3f78e8b46008ea982199c7df225dc4498b16703a
1b949ac25c1bb080266546fb0963f15645a8c5c9708bb58140e6d42ae311f630
1cbb0f1ee7e0c16e7792b41c8bc635bbfd80eaa15c2246727ecb09d9ae5a31f5
1e898342f996200ceb14753e5829a6ff91de9ba3bc8114240e22e1c4d859bf2b
1eee5b7d56f37a598ea40ce7a12130bc30ec9c510371e8d0ebb6d4e9b7da9aa0
2069ee225073a115f31dcfbfc8e645967697bcf1d9b8f56d56b0aed8943d9f93
21ebea138bee21258d3d2cfb81f096a6c0141f5ed0b4ebab8182febfe6384633
224d567f8b94593275ef0b5f75a89e9e9b3d19b1b973d61b5f931deaecf018c4
240771791a756ded6780293e24f1988743a5b446538af62d7dcd610ceaa9f2cc
29cecc5902de526c5b23f00d84e72ae7d29db58d2e3e8d11928ee5dea1169231
2a58fb4ba57e791839c580c3ab186ee45d39e5558c62fa910a531e2225be9331
2f2dbd4aa266d3738c8f43e53e78731725b2b2ed99f56e2f76dde2e22edf75ab
32046089ccace81843cbfbf1e80ec224e591a3a6441753dd62e0bcf4cf33c6d6
3584b2a942278c3971a683fa367a93c77fbb44bb84620afa4257aa9bb61a9ef2
396f95fe76847ae1beacf9c523d2b852b3fc31ce9beedbde4df6b7f8ba6901ec
41d0c56511f3eb6dde55beae3108058bf2b28a71090779f0ad789e539087b9ff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4eae6577f5d40e9c221f9490f2384d6afaf58f9660850a82f50e4d816e7394ca
52bd0f23fdf9fec10087ec823dab8717d7e0205f1056a6cbb91ab1ed92f73b1f
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a068fef04a1b0f7601f0d566dd7356d960d79a0c255e1228e9e057249fc1139
5debdbe26fb25ed30b4b6c05be6d235da7033863045f5694fb6ea8fcb8c7adb7
5f77564e29b03c97c7ecb155d1c974ff89de12cc0a4874724b6c259e9d9071d8
633bcfe427a83d802616ed31a4a273861f102af031357ecdd96336af3cde81b8
6ce5fb9dbf68bca2975e1d919d6840f5d4bdaaa608d7df15300264e385583f9d
6dc71241094ed9968cbae27d4be418d8a379d8bce275cceb65e986826b10053d
6f009098d988adaab4c4086823a53b9488a4114334e2bf5aa9949fb74375fe35
759bb13ca8d3bf157ea00880f75525c5cf9852d2afb83046a08bd01d0754e0af
7606e84b34c394b34c596b002da5aaa0f301406ad2066bb6d9b93381505183fc
76a63095bd0c61faa8c6a82907bb7744caabfd3e523c979b48f08c80b6de037b
7f36b7ce29c7f51e6f99ffb230a4de3c58fb413c096963906fe52b7df5723526
82fbd33383e88ecad9d0538289ead4053b7602f534a0f6e8fa0177a7addb3939
87d3036c2207d4cb8b2ab6ed65edde4aa2e351b50030e3515b664b5bd2117c13
89de0c24e64daab3fd78e61c512bc6e5ebcd4f771e6d7d81d4e678b259f3f92a
8ecb1528ceb06e950fa027e7429321c91ea926dbc890e4fb34f07acf70b8c9f4
9073f10f19ccfb621bd6a35dd004001b31777b1f989100b73a91bb06e1ca29b4
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
96b698217d6bc82720c6e93c48123b2acd8c5b2bca2515771c9e848cbe439a1a
9880b66c843f7700c123bc5a6846198b020cc5ab09379093f7af92719bc7ab78
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a82beac313447af7db1dfa7b9aed48f9663af8ba0f9214075537de060b853a05
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
aca1cc2931d9b9d251ab7167845855887ed3ade46391a6af2b3f2cbd4a1ced08
b118d300f94d3de6d9c6c51ef8f6936f76dad17371bf24450bfcdd7056522948
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2be4f770c150289ae7c966dba6508266866f02223f41c6b9088699338ae99e7
b62c6a1d8d6e6638449c088ad1fb9bedf1b2f0d550dc772fdbd32c07e438e37c
b8eb8a7898d7f65f3407008af621d906d14d1f0d0ff3f03a70da78cc1e471ea0
bbd566fd6a6f693d59fc3f1fb79e724a1a6e0da53a233d2837613ddf257e7671
c3a58e45ccfffece1df8e470fd853a81321e4f78f6af8d22e78310da1380f7d5
ce021d2a1a40ee29c16dd821b7fd9e661a98d77b89433bd5a5569a563e2129a3
d0457dd0b27dc5a87533d6df125aa5300a1355b9581d4fe742c5cedcef684e62
d4640239bc8536a6794890c2fc9a7d857398b8331ea92200404c070bc7034f5e
d62307128d2ce171e5c693cc6c2d87b5cb3a8b120deaefd791269d6352908677
d80634ff7b299a4822da649b251cb016fff11be494a512d88d105f94da2b9657
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dfdf1af1a230e3ee08968606c4322f5a9c51a5a6bf341687fedac60716c9ddab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a16ab4cec4edc93fb95a251904368b4ffb61c1886daf14d0e667e7ef5de2e2
e6301c9c42c19c029aeeabbdd5f3d18467f2176f6542b62e0a085a8b982bd7ac
ea48a58a9bc2b46b598e380703bd07f9e0e4ffbc4e3139c7e14eb6bce5771512
eac9b9666c32f90b09ff6557827ea731fc56904b14fbf66e84b1f2fa79288e91
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2682c47932a575492f1eba19f0061bbbf0936fbd969b108213e0474e14931e
ef613831627e1b66cfc1a63db65f2556fd82862d5984a407fa9a3bc12d15a08d
f21885521706b7ae0638ce79ea884c4e3a582073ecdc478b851d43ceb98adfe8
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
ffc50eb10212a8ac048f37fbf714ecb4adbc5013ad9c9fdf4a8d668683ec91c9

www.aquasec.com Open in urlscan Pro 141.193.213.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

84 Requests

99 %HTTPS

74 %IPv6

18 Domains

26 Subdomains

23 IPs

4 Countries

1491 kBTransfer

3769 kBSize

19 Cookies

25 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.aquasec.com Open in urlscan Pro
141.193.213.21 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

99 %
HTTPS

74 %
IPv6

18
Domains

26
Subdomains

23
IPs

4
Countries

1491 kB
Transfer

3769 kB
Size

19
Cookies

84 HTTP transactions
0 data transactions