blogs.blackberry.com Open in urlscan Pro
2600:9000:223d:7000:19:cd0a:2e00:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
Submission: On September 16 via api (September 16th 2024, 7:05:48 am UTC) from DE — Scanned from DE

Summary HTTP 45 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 45 HTTP transactions. The main IP is 2600:9000:223d:7000:19:cd0a:2e00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is blogs.blackberry.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 24th 2024. Valid for: a year.

This is the only time blogs.blackberry.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2600:9000:223... 2600:9000:223d:7000:19:cd0a:2e00:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.245.86.73 18.245.86.73	16509 (AMAZON-02) (AMAZON-02)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.245.86.87 18.245.86.87	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.127 18.66.102.127	16509 (AMAZON-02) (AMAZON-02)
1	159.89.102.253 159.89.102.253	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
45	14

21 2600:9000:223d:7000:19:cd0a:2e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

blogs.blackberry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-73.fra60.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.86.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-87.fra60.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-127.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.102.253 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

geolocation-db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	blackberry.com blogs.blackberry.com	3 MB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	141 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327 px4.ads.linkedin.com — Cisco Umbrella Rank: 6795	2 KB
3	driftt.com js.driftt.com — Cisco Umbrella Rank: 6454	62 KB
3	gstatic.com fonts.gstatic.com	55 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	219 KB
1	geolocation-db.com geolocation-db.com — Cisco Umbrella Rank: 39544	256 B
1	company-target.com api.company-target.com — Cisco Umbrella Rank: 4156	2 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 782	14 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 491	295 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1900
45	12

	Domain	Requested by
21	blogs.blackberry.com	blogs.blackberry.com
7	cdn.cookielaw.org	blogs.blackberry.com cdn.cookielaw.org
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	js.driftt.com	blogs.blackberry.com js.driftt.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	blogs.blackberry.com
1	geolocation-db.com	blogs.blackberry.com
1	api.company-target.com	js.driftt.com
1	px4.ads.linkedin.com	blogs.blackberry.com
1	snap.licdn.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	fonts.googleapis.com	blogs.blackberry.com
1	kit.fontawesome.com	blogs.blackberry.com
45	13

This site contains links to these domains. Also see Links.

Domain
x.com
www.facebook.com
www.linkedin.com
www.bleepingcomputer.com
www.blackberry.com
www.youtube.com
www.instagram.com
developers.blackberry.com
www.qnx.com
devblog.blackberry.com
helpblog.blackberry.com

Subject Issuer	Validity	Valid
*.blackberry.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-24` - `2025-08-24`	a year	crt.sh
cookielaw.org WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
drift.com Amazon RSA 2048 M03	`2024-07-30` - `2025-08-27`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-09-11` - `2025-03-11`	6 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2024-08-13` - `2025-09-14`	a year	crt.sh
geolocation-db.com R11	`2024-09-07` - `2024-12-06`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
Frame ID: 716B26836390EB1F876768E914CEA3FF
Requests: 43 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=gxxdrnmwti55&eId=gxxdrnmwti55&region=US&forceShow=false&skipCampaigns=false&sessionId=1ab69db7-f0ff-4b64-bfd1-ee46e9c23ef4&sessionStarted=1726470343.37&campaignRefreshToken=8c3177cd-1994-4d68-8a54-cac98bd69bd9&hideController=false&pageLoadStartTime=1726470341956&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.blackberry.com%2Fen%2F2022%2F03%2Fthreat-thursday-cryptbot-infostealer
Frame ID: EF0004BC77D4C742B4341C90E63C70CF
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1726470341956
Frame ID: D0A781E470F9F3FD45DFE000AE00B986
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Threat Thursday: CryptBot Infostealer Masquerades as Cracked Software

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

98 %
HTTPS

64 %
IPv6

12
Domains

13
Subdomains

14
IPs

2
Countries

3535 kB
Transfer

5019 kB
Size

8
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://x.com/intent/tweet?url=https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer&text=Threat%20Thursday:%20CryptBot%20Infostealer%20Masquerades%20as%20Cracked%20Software&via=BlackBerry
Title: Share on X

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer&title=Threat%20Thursday:%20CryptBot%20Infostealer%20Masquerades%20as%20Cracked%20Software&summary=&source=blogs.blackberry.com
Title: Share on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/revamped-cryptbot-malware-spread-by-pirated-software-sites/
Title: outbreak in early 2022

Search URL Search Domain Scan URL

URL: https://www.blackberry.com/us/en/services/incident-response
Title: The BlackBerry Incident Response team

Search URL Search Domain Scan URL

URL: https://www.blackberry.com/us/en/forms/cylance/handraiser/emergency-incident-response-containment
Title: https://www.blackberry.com/us/en/forms/cylance/handraiser/emergency-incident-response-containment

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BlackBerry/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://x.com/blackberry
Title: X

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BlackBerry
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/blackberry/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.blackberry.com/us/en/company
Title: Company

Search URL Search Domain Scan URL

URL: https://www.blackberry.com/us/en/company/newsroom
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://www.blackberry.com/us/en/company/investors
Title: Investors

Search URL Search Domain Scan URL

URL: https://www.blackberry.com/us/en/company/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.blackberry.com/us/en/company/leadership
Title: Leadership

Search URL Search Domain Scan URL

URL: https://www.blackberry.com/us/en/company/corporate-responsibility-at-blackberry
Title: Corporate Responsibility

Search URL Search Domain Scan URL

URL: https://www.blackberry.com/us/en/company/certifications
Title: Certifications

Search URL Search Domain Scan URL

URL: https://www.blackberry.com/us/en/success-stories
Title: Customer Success

Search URL Search Domain Scan URL

URL: https://developers.blackberry.com/
Title: Enterprise Platform & Apps

Search URL Search Domain Scan URL

URL: https://www.qnx.com/account/login.html?returnaddress=%2Fdownload%2Fgroup.html%3Fprogramid%3D29178
Title: BlackBerry QNX Developer Network

Search URL Search Domain Scan URL

URL: https://devblog.blackberry.com/
Title: Developers Blog

Search URL Search Domain Scan URL

URL: https://helpblog.blackberry.com/
Title: Help Blog

Search URL Search Domain Scan URL

URL: https://www.blackberry.com/us/en/legal
Title: Overview

Search URL Search Domain Scan URL

URL: https://www.blackberry.com/us/en/legal/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.blackberry.com/us/en/legal/blackberry-virtual-patent-marking
Title: Patents

Search URL Search Domain Scan URL

URL: https://www.blackberry.com/us/en/legal/trademarks
Title: Trademarks

Search URL Search Domain Scan URL

URL: https://www.blackberry.com/us/en/legal/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.blackberry.com/us/en/legal/cookies
Title: Learn More

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5079393&time=1726470342768&url=https%3A%2F%2Fblogs.blackberry.com%2Fen%2F2022%2F03%2Fthreat-thursday-cryptbot-infostealer HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5079393&time=1726470342768&url=https%3A%2F%2Fblogs.blackberry.com%2Fen%2F2022%2F03%2Fthreat-thursday-cryptbot-infostealer&e_ipv6=AQI0ZIGrM8qI_gAAAZH5pskzUAEQJky0O8cyUs7UyY0U2mjj-2RvQySwIz4NBTNSB6jCWh5i

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request threat-thursday-cryptbot-infostealer Show response
blogs.blackberry.com/en/2022/03/ 65 KB
18 KB 132ms
45ms Document
text/html 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

71117fe4bf34368700623873c336e70291755a0dca74ceb5ebfef880bd4b717f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 13238
content-encoding: gzip
content-length: 17451
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
content-type: text/html;charset=utf-8
date: Mon, 16 Sep 2024 03:25:03 GMT
etag: "10346-62205d6a16f93-gzip"
last-modified: Fri, 13 Sep 2024 20:12:11 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubdomains;
vary: Accept-Encoding
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-id: yxw7MOE-hXXjLYyozxTXcNEISFG9Jb0SZ8HETf83HiDh6VHBzW6URg==
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-dispatcher: dispatcher2uswest2-28586372
x-frame-options: SAMEORIGIN
x-vhost: publish
x-xss-protection: 1; mode=block

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 141ms
51ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b0809d8b9dc57eaa09cb0e13c210b24edfaeadb94a8cff0fee02751c1b0b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Sep 2024 07:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: UfYkxNZYUi8O8CsxmalgUg==
age: 84140
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6881
x-ms-lease-status: unlocked
last-modified: Thu, 12 Sep 2024 19:28:11 GMT
server: cloudflare
etag: 0x8DCD3610A4216D7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ab14641a-f01e-0091-240d-06073b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8c3f0275ff0d4d4a-FRA
expires: Sun, 15 Sep 2024 07:43:21 GMT

GET
H2 200 clientlib-site.min.54dd5587820b16101b4a5bc26ae87194.css
blogs.blackberry.com/etc.clientlibs/blogs-bbcom/clientlibs/ 209 KB
32 KB 50ms
46ms Stylesheet
text/css 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.blackberry.com/etc.clientlibs/blogs-bbcom/clientlibs/clientlib-site.min.54dd5587820b16101b4a5bc26ae87194.css

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

2ec54e382481140e39b389d235cc35451fd7f8e286840d8dea664a9454a5373f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher4uswest2-28586372
date: Mon, 16 Sep 2024 02:08:08 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
content-encoding: gzip
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-vhost: publish
x-cache: Hit from cloudfront
age: 17853
content-length: 32351
x-xss-protection: 1; mode=block
last-modified: Tue, 28 May 2024 18:01:33 GMT
server: Apache
etag: "3453d-619876c913940-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: B0XFz7i5s91WX2KOwlX7472oLvI6nj3zrb4FvQZkcsxHZvUbVTqe-g==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
83 KB 151ms
63ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-944900006

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

488d4c3034f101f093e0120ef92c18a1e138d76c01ce0ef75de43febbef3183c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 07:05:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84852
x-xss-protection: 0
last-modified: Mon, 16 Sep 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 Sep 2024 07:05:42 GMT

GET
H2 403 3c243f8233.js
kit.fontawesome.com/ 0
0 255ms
158ms Script
text/plain 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/3c243f8233.js
Requested by: Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://blogs.blackberry.com/
Origin: https://blogs.blackberry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 07:05:42 GMT
cf-cache-status: MISS
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
vary: Accept-Encoding
cf-ray: 8c3f02760e009a3b-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
content-length: 9
x-request-id: F_WnoQKC8-PG72TX4ZoC

GET
H2 200 tt-cryptbot-875x530-ibb.png
blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/ 1 MB
1 MB 63ms
61ms Image
image/png 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/tt-cryptbot-875x530-ibb.png

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

7adf4e26debc21eca46d0b266703acf8fb132fc0a75382c1f879f27066f9e9aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher4uswest2-28586372
date: Mon, 16 Sep 2024 06:35:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1802
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 1059404
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 06:29:37 GMT
server: Apache
etag: "102a4c-5d9d7568f9640"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 5ynnWCrPAdD_MwIcLYWzLw_uMMZPFCLg6B1s-dm_1RWZAuVV6w7Edw==

GET
H2 200 cryptbot-table-001.png
blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/ 6 KB
7 KB 186ms
185ms Image
image/png 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/cryptbot-table-001.png

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

46bdacc819263327f9840d86a4512111e8709e3830f18e706619c4378c5880df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher3uswest2-28586372
date: Mon, 16 Sep 2024 06:35:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1802
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 6417
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 04:23:32 GMT
server: Apache
etag: "1911-5d9d593a6d900"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: dqKU0ucHijfI8CKuaQzg-vLHl0kFR4dQHDULFmaypBHkHMU3PL3YuA==

GET
H2 200 cryptbot-table002.png
blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/ 4 KB
5 KB 44ms
44ms Image
image/png 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/cryptbot-table002.png

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

297b139c52792ae8b27e5531f91d2af35451bf5e8f95bbc1960cca6717a3f1d3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher1uswest2-28570889
date: Mon, 16 Sep 2024 06:35:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1803
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 4595
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 04:23:32 GMT
server: Apache
etag: "11f3-5d9d593a6d900"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: ROxxt3OwNrS8DJxOnlJ2H-vv77EY0ohH94ey0dK_uUw06sECa6WPHw==

GET
H2 200 cryptbot-fig01.png
blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/ 218 KB
219 KB 39ms
38ms Image
image/png 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/cryptbot-fig01.png

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

bb1bcfc6318ec6edbf0ef31b945798d4f0c7e02536c9b9a5de6b0f68cca00b4e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher4uswest2-28586372
date: Mon, 16 Sep 2024 06:35:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1803
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 222980
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 04:23:30 GMT
server: Apache
etag: "36704-5d9d593885480"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: dZV4i8OrLjCrbAA08_EN5CP_5S2kp4zGUNOVUZ1Xgcjz6tW1VCIXfA==

GET
H2 200 cryptbot-fig02.png
blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/ 112 KB
113 KB 51ms
51ms Image
image/png 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/cryptbot-fig02.png

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

0d6c1c4e26ad9b975c8d5a04e36ecc1ac6460ac414a880654c2810e2ce9f52c8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher3uswest2-28586372
date: Mon, 16 Sep 2024 06:35:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1803
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 114530
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 04:23:30 GMT
server: Apache
etag: "1bf62-5d9d593885480"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: cfRgockp3sgMbft0DPZH5Kl2tKBOH2KKiYxgHJ3v54zpl6tSfmnQrw==

GET
H2 200 cryptbot-fig03.png
blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/ 139 KB
140 KB 44ms
41ms Image
image/png 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/cryptbot-fig03.png

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

cae5376e018c99723dbda3ee1ca8f3a9976abf31dadfe4507fd08cc8678b63a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher2uswest2-28586372
date: Mon, 16 Sep 2024 06:35:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1803
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 142644
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 04:23:31 GMT
server: Apache
etag: "22d34-5d9d5939796c0"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: rEYhWYYw7pej40THvZX_AD3b3ZiacrX5ZQ8GWBJ5yB5eQ4C0qlZU1A==

GET
H2 200 cryptbot-fig04.png
blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/ 131 KB
132 KB 58ms
56ms Image
image/png 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/cryptbot-fig04.png

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

f8d8bbb5d080a816cf689ffc662b94c714238d3cc54f37f14f6162e8fa383193

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher2uswest2-28586372
date: Mon, 16 Sep 2024 06:35:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1803
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 133952
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 04:23:31 GMT
server: Apache
etag: "20b40-5d9d5939796c0"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: SuWPRA3oshEc3dSPsD6JI1Nz8_aP04ystdziQnFesvqYfh_k8QCEHQ==

GET
H2 200 cryptbot-fig05.png
blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/ 428 KB
429 KB 49ms
47ms Image
image/png 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/cryptbot-fig05.png

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

cd651cbad12e404ff39c334cfe63fffea31d90f502278190559d3f14f614e4f1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher1uswest2-28570889
date: Mon, 16 Sep 2024 06:35:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1803
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 438324
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 04:23:31 GMT
server: Apache
etag: "6b034-5d9d5939796c0"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: WCEsJymxRjeKUKMhv6mbrNiPWyJ-NbhvIy7sdM-L0e0kuHmK4iiLdw==

GET
H2 200 cryptbot-fig06.png
blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/ 70 KB
71 KB 62ms
60ms Image
image/png 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/cryptbot-fig06.png

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

14b4829a35b8e60b8b06dbe0e8ab5e958e03a65dd54d4ca3012b008da1cbf0cc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher2uswest2-28586372
date: Mon, 16 Sep 2024 06:35:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1803
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 71765
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 04:23:31 GMT
server: Apache
etag: "11855-5d9d5939796c0"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: igJZBCixCKHFfZl5etQwzLeR2HzJtnAogAFdcURGzRjrWTLcNlDE5w==

GET
H2 200 cryptbot-fig07.png
blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/ 270 KB
270 KB 63ms
61ms Image
image/png 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/cryptbot-fig07.png

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b212d247d6338572dae60c8b7b63d42639dfbac54d2e295b03e6684be1e5b302

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher1uswest2-28570889
date: Mon, 16 Sep 2024 06:35:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1803
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 276056
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 04:23:31 GMT
server: Apache
etag: "43658-5d9d5939796c0"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: eJwdO4GqDUTO2ha_9sVi_wzSahmMhYLh4_SXv6G4axjaIzVfJUQGuA==

GET
H2 200 cryptbot-fig08.png
blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/ 264 KB
265 KB 72ms
71ms Image
image/png 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2022/03/cryptbot-fig08.png

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

e68e061bfcd9da8ae5f45f6bb6ed6b8f7dc51a77bd12cb168281efda1a68a03a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher3uswest2-28586372
date: Mon, 16 Sep 2024 06:35:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1803
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 270501
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Mar 2022 04:23:31 GMT
server: Apache
etag: "420a5-5d9d5939796c0"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: FRir8J9s2olwIJtx4DgZTA3GVG5AoaycxzhvAtJ6HGDLS22OjBQVtA==

GET
H2 200 cobalt-strike-beacon-1200px-banner.jpg
blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2021/10/ 184 KB
185 KB 76ms
74ms Image
image/jpeg 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.blackberry.com/content/dam/blogs-blackberry-com/images/blogs/2021/10/cobalt-strike-beacon-1200px-banner.jpg

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

f30733e0e39f5044034df46d3d8c20feaa22cf680bc21398b2359f3555ff5364

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher1uswest2-28570889
strict-transport-security: max-age=63072000; includeSubdomains;
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
x-content-type-options: nosniff
date: Mon, 16 Sep 2024 06:35:39 GMT
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1803
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 188464
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Oct 2021 03:01:17 GMT
server: Apache
etag: "2e030-5ce474ad49940"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: lm0TnreZLZxYUs6weKaawt5AFYxSdLph1n2MKDbaX9bbh9xDzexOdA==

GET
H2 200 blackberry-logo-square.jpg
blogs.blackberry.com/content/dam/blogs-blackberry-com/images/authors/ 3 KB
3 KB 81ms
80ms Image
image/jpeg 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.blackberry.com/content/dam/blogs-blackberry-com/images/authors/blackberry-logo-square.jpg

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

7b5dbd37fcc639258ef21f839e379c044a86f7ca588cda61532446bc021f6e04

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher2uswest2-28586372
strict-transport-security: max-age=63072000; includeSubdomains;
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
x-content-type-options: nosniff
date: Mon, 16 Sep 2024 06:35:39 GMT
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1803
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 2701
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Jul 2020 17:55:25 GMT
server: Apache
etag: "a8d-5a9f1cff97d40"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: u_uFQsCL2pbLqpWYc5Eb8MtNUtvDMF-Jn6YvvXvSgSD4HPqTJ5kinA==

GET
H2 200 jquery.min.96704cdeb2f89f0504fd10b631047e4f.js Show response
blogs.blackberry.com/etc.clientlibs/shared/clientlibs/ 90 KB
33 KB 39ms
38ms Script
application/javascript 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.blackberry.com/etc.clientlibs/shared/clientlibs/jquery.min.96704cdeb2f89f0504fd10b631047e4f.js

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

2c8fe9899a239a897bed8236e08a655a77f4092886c29d9bb417879396abe721

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher4uswest2-28586372
strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
date: Mon, 16 Sep 2024 02:08:08 GMT
x-amz-cf-pop: FRA56-P3
age: 17854
x-vhost: publish
x-cache: Hit from cloudfront
content-length: 33322
x-xss-protection: 1; mode=block
last-modified: Tue, 02 May 2023 16:44:09 GMT
server: Apache
etag: "1692f-5fab8a5f86840-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: O2WmfFCg4jF9fPm9uuuF2VzehnErVFSJ8Xud36IqE9G8lms_gU0f2w==

GET
H2 200 clientlib-dependencies.min.d41d8cd98f00b204e9800998ecf8427e.js Show response
blogs.blackberry.com/etc.clientlibs/blogs-bbcom/clientlibs/ 0
544 B 43ms
40ms Script
application/javascript 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.blackberry.com/etc.clientlibs/blogs-bbcom/clientlibs/clientlib-dependencies.min.d41d8cd98f00b204e9800998ecf8427e.js

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher2uswest2-28586372
strict-transport-security: max-age=63072000; includeSubdomains;
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
x-content-type-options: nosniff
date: Sun, 15 Sep 2024 19:00:09 GMT
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 43533
x-vhost: publish
x-cache: Hit from cloudfront
content-length: 0
x-xss-protection: 1; mode=block
last-modified: Wed, 19 Aug 2020 17:23:02 GMT
server: Apache
etag: "0-5ad3e417f6980"
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: QB2wopgQ7yAfmJUFZc7qnVi-G_OopglPm8QeqYTE-IoruTJCFcRGiQ==

GET
H2 200 clientlib-site.min.a47cb3e62e4ccd60ab52395ad5dd97d8.js Show response
blogs.blackberry.com/etc.clientlibs/blogs-bbcom/clientlibs/ 83 KB
25 KB 44ms
41ms Script
application/javascript 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.blackberry.com/etc.clientlibs/blogs-bbcom/clientlibs/clientlib-site.min.a47cb3e62e4ccd60ab52395ad5dd97d8.js

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

84b49327933d0d884dab87e031e8b5245a0277b744bc771d94f652975cd5168d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher3uswest2-28586372
date: Sun, 15 Sep 2024 19:00:09 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
content-encoding: gzip
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-vhost: publish
x-cache: Hit from cloudfront
age: 43533
content-length: 24946
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Sep 2024 19:41:20 GMT
server: Apache
etag: "14a8d-621c90ec1f800-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
x-amz-cf-id: v2dViZapQqjIAqTuMoulcxsTe3cgtGskR7wj57RJABE8LiznJbTHdA==

GET
H2 200 6373c986-7725-4c54-9731-2a91bdd43107.json Show response
cdn.cookielaw.org/consent/6373c986-7725-4c54-9731-2a91bdd43107/ 4 KB
2 KB 156ms
77ms XHR
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6373c986-7725-4c54-9731-2a91bdd43107/6373c986-7725-4c54-9731-2a91bdd43107.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d9b4b18afd07d61da40d745f3e3cad7640d50d04f65ad72d3e92477bfbd7ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Sep 2024 07:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 38988
content-md5: MmqR1NiayowGMFCIhYzUwg==
content-length: 1692
x-ms-lease-status: unlocked
last-modified: Wed, 27 Mar 2024 15:14:30 GMT
server: cloudflare
etag: 0x8DC4E7099A869D4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7713d92d-301e-0069-0b59-8000cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8c3f0276efae920e-FRA
expires: Tue, 17 Sep 2024 07:05:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 156ms
59ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,900&display=swap

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/etc.clientlibs/blogs-bbcom/clientlibs/clientlib-site.min.54dd5587820b16101b4a5bc26ae87194.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

649d98ea82ac9214aea5d6e18ec9497e6ec40bb0d323c4d702703747d9326943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Sep 2024 07:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Sep 2024 07:05:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Sep 2024 07:05:42 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 155ms
59ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 07:05:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8c3f0277ff731d90-FRA
access-control-allow-headers: Content-Type

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 508 KB
136 KB 225ms
140ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TXGFP23

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60d4c4c0c88c376f4b7805ce560b6c7ba2d1c6aef18393a6b9581286d4228916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 07:05:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138709
x-xss-protection: 0
last-modified: Mon, 16 Sep 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 Sep 2024 07:05:42 GMT

GET
H2 200 bnr-blue-gradient-crop.jpg
blogs.blackberry.com/content/dam/blackberry-com/Images/support/bgs/ 48 KB
49 KB 77ms
76ms Image
image/jpeg 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.blackberry.com/content/dam/blackberry-com/Images/support/bgs/bnr-blue-gradient-crop.jpg

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

d104b74bae6e524bb21bfede62a270ff318122d005772d94e6d7cebbc53017fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher4uswest2-28586372
strict-transport-security: max-age=63072000; includeSubdomains;
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
x-content-type-options: nosniff
date: Mon, 16 Sep 2024 06:35:39 GMT
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 16089
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 49272
x-xss-protection: 1; mode=block
last-modified: Fri, 02 Nov 2018 16:55:27 GMT
server: Apache
etag: "c078-579b166f41dc0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: VsYfvr8t-o-X3j-h81mDOE9ZzNovIMNwm8NK_aY9eJyUy7jPVWty5A==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 131ms
38ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blogs.blackberry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:51:39 GMT
x-content-type-options: nosniff
age: 501243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Sep 2025 11:51:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 177ms
85ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blogs.blackberry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 11:08:18 GMT
x-content-type-options: nosniff
age: 158244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18436
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Sep 2025 11:08:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 143ms
51ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blogs.blackberry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 13:08:31 GMT
x-content-type-options: nosniff
age: 151031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18492
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Sep 2025 13:08:31 GMT

GET
H2 200 jquery.touchSwipe.min.js Show response
blogs.blackberry.com/etc.clientlibs/bbcom/clientlibs/clientlib-etc-legacy/resources/bbcom-aem-project/scripts/plugins/touchswipe/ 20 KB
6 KB 40ms
40ms XHR
application/javascript 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.blackberry.com/etc.clientlibs/bbcom/clientlibs/clientlib-etc-legacy/resources/bbcom-aem-project/scripts/plugins/touchswipe/jquery.touchSwipe.min.js?_=1726470342338

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/etc.clientlibs/shared/clientlibs/jquery.min.96704cdeb2f89f0504fd10b631047e4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher4uswest2-28586372
strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
date: Mon, 16 Sep 2024 00:41:26 GMT
x-amz-cf-pop: FRA56-P3
age: 23056
x-vhost: publish
x-cache: Hit from cloudfront
content-length: 5051
x-xss-protection: 1; mode=block
last-modified: Wed, 19 Aug 2020 17:22:50 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: ACG1PvULbQ7PoYy6wo4FL5jtfIEW2TDTzoOyQ1xL_pv839FO4-ttvw==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/ 442 KB
107 KB 52ms
52ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d1137d21f3ba78b8a882dbf77f7c88712ad02a3f5efdce5ff996a67c15a6bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Sep 2024 07:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: kUodklFyKXDEOUEPkRF3YA==
age: 7094
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 109667
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 21:39:19 GMT
server: cloudflare
etag: 0x8DCA5DFBFFA9F82
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0edf8d45-001e-008f-6dc9-d7ddd6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8c3f027859474d4a-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6373c986-7725-4c54-9731-2a91bdd43107/9e208558-f566-473d-a508-55094f18fb7b/ 61 KB
15 KB 58ms
57ms Fetch
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6373c986-7725-4c54-9731-2a91bdd43107/9e208558-f566-473d-a508-55094f18fb7b/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8024354650d113450ed53ddc61ba90afc651aa78e9d4cede6fd60d4198a656bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Sep 2024 07:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 43533
content-md5: GziNDv8n0lfXzlWb+o3MQQ==
content-length: 14975
x-ms-lease-status: unlocked
last-modified: Wed, 27 Mar 2024 15:14:30 GMT
server: cloudflare
etag: 0x8DC4E709A2DD9D2
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8f925347-601e-0076-5549-acc5d5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8c3f0279392b920e-FRA
expires: Tue, 17 Sep 2024 07:05:42 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 140ms
39ms Script
application/javascript 2a02:26f0:3500:10::210:a99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXGFP23

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 07:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=33828
accept-ranges: bytes
content-length: 14628

GET
H2 200 gxxdrnmwti55.js Show response
js.driftt.com/include/1726470600000/ 221 KB
62 KB 263ms
179ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1726470600000/gxxdrnmwti55.js

Requested by

Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a9c06804242819b18af434dfa96d939ba88510b3982da0e1691a23c48db42a7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: a4k69WVWquQ1jW2_kBtTfxPdsnon1ibv
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 16 Sep 2024 07:05:42 GMT
via: 1.1 a84e87b6b82308dbc0e331c3e28c23c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Tue, 10 Sep 2024 16:08:07 GMT
server: istio-envoy
etag: W/"7cbd84669081c065085f24294606507a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gpfLd8oJOXAItMIgYBHIPM7k8vcOKw_oFyN3bf1RPtWopQEvAOmbDQ==

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 13 KB
3 KB 48ms
47ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Sep 2024 07:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: gWbZdVb/GsEUTnv/p/InTg==
age: 36851
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3041
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 21:39:12 GMT
server: cloudflare
etag: 0x8DCA5DFBBC2C661
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0db07250-301e-004b-0f7d-d8a210000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8c3f0279a96d920e-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 5 KB
2 KB 52ms
52ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Sep 2024 07:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: yb3U5LP1G8IlMRT4O3b4PA==
age: 237
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1738
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 21:39:14 GMT
server: cloudflare
etag: 0x8DCA5DFBCCCC97D
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d12b2599-501e-003d-64e7-d726ac000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8c3f0279a96e920e-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 24 KB
4 KB 53ms
52ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Sep 2024 07:05:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 4ErYmXXFNbMLrnc9DrDTsg==
age: 36851
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 21:39:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 788f0754-401e-00e5-76d0-d7817d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8c3f0279a96f920e-FRA

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
813 B 297ms
191ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=5079393&time=1726470342768&url=https%3A%2F%2Fblogs.blackberry.com%2Fen%2F2022%2F03%2Fthreat-thursday-cryptbot-infostealer
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 07:05:42 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F215A760AE8E48018A71C1AF6D81CAEB Ref B: DUS30EDGE0316 Ref C: 2024-09-16T07:05:42Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYiNzOBzc12s2OEy3dd+A==
x-fs-uuid: 000622373381cdcd76b36384cb775df8

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5079393&time=1726470342768&url=https%3A%2F%2Fblogs.blackberry.com%2Fen%2F2022%2F03%2Fthreat-thursday-cryptbot-infostealer
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5079393&time=1726470342768&url=https%3A%2F%2Fblogs.blackberry.com%2Fen%2F2022%2F03%2Fthreat-thursday-cryptbot-infostealer&e_ipv6=AQI0ZIGrM8qI_gAA...

0
264 B

279ms
182ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5079393&time=1726470342768&url=https%3A%2F%2Fblogs.blackberry.com%2Fen%2F2022%2F03%2Fthreat-thursday-cryptbot-infostealer&e_ipv6=AQI0ZIGrM8qI_gAAAZH5pskzUAEQJky0O8cyUs7UyY0U2mjj-2RvQySwIz4NBTNSB6jCWh5i
Requested by: Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 07:05:42 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 65AA3B06E2214FAFB45B8E994753F96C Ref B: FRAEDGE1406 Ref C: 2024-09-16T07:05:43Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYiNzOGIyn61nbu9qAoIg==

Redirect headers

date: Mon, 16 Sep 2024 07:05:42 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: E3762517F5004DAE871EEEFBE4810C4C Ref B: DUS30EDGE0722 Ref C: 2024-09-16T07:05:42Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5079393&time=1726470342768&url=https%3A%2F%2Fblogs.blackberry.com%2Fen%2F2022%2F03%2Fthreat-thursday-cryptbot-infostealer&e_ipv6=AQI0ZIGrM8qI_gAAAZH5pskzUAEQJky0O8cyUs7UyY0U2mjj-2RvQySwIz4NBTNSB6jCWh5i
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYiNzOB0pGGl/0SewMf1Q==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
200 B 188ms
186ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 16 Sep 2024 07:05:43 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A4D07A67119844C19A0E03656E24D5FE Ref B: DUS30EDGE0722 Ref C: 2024-09-16T07:05:43Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://blogs.blackberry.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYiNzOJUMIXo+9gGAx19A==

GET
H2 200 core
js.driftt.com/ Frame EF00 0
0 421ms
347ms Document
text/html 18.245.86.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=gxxdrnmwti55&eId=gxxdrnmwti55&region=US&forceShow=false&skipCampaigns=false&sessionId=1ab69db7-f0ff-4b64-bfd1-ee46e9c23ef4&sessionStarted=1726470343.37&campaignRefreshToken=8c3177cd-1994-4d68-8a54-cac98bd69bd9&hideController=false&pageLoadStartTime=1726470341956&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.blackberry.com%2Fen%2F2022%2F03%2Fthreat-thursday-cryptbot-infostealer

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1726470600000/gxxdrnmwti55.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-87.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blogs.blackberry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 16 Sep 2024 07:05:43 GMT
etag: W/"7fa6273776a10e1cff36c7df5a64a35b"
last-modified: Tue, 10 Sep 2024 16:07:57 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
x-amz-cf-id: rvsvBnaMEYM5m2ZZIX35hl-T5brYYOM8cGPkutLWeR7Ltad9kRp9PQ==
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: Y5ufFSgiGhxIMl_WU.GqRDbmBkzut3.t
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 21

GET
H2 200 chat
js.driftt.com/core/ Frame D0A7 0
0 400ms
329ms Document
text/html 18.245.86.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1726470341956

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1726470600000/gxxdrnmwti55.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-87.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blogs.blackberry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 16 Sep 2024 07:05:43 GMT
etag: W/"7fa6273776a10e1cff36c7df5a64a35b"
last-modified: Tue, 10 Sep 2024 16:07:57 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
x-amz-cf-id: fYy7chM9EToY3nOGj5ale9IxQKkt-647fOcKIcMkorsAqcnZxR73MQ==
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: Y5ufFSgiGhxIMl_WU.GqRDbmBkzut3.t
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 23

GET
H2 200 favicon.ico
blogs.blackberry.com/etc.clientlibs/bbcom/clientlibs/clientlib-etc-legacy/resources/bbcom-aem-project/images/ 5 KB
2 KB 53ms
53ms Other
image/vnd.microsoft.icon 2600:9000:223d:7000:19:cd0a:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.blackberry.com/etc.clientlibs/bbcom/clientlibs/clientlib-etc-legacy/resources/bbcom-aem-project/images/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7000:19:cd0a:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

751fd9b76bb578dbafce1e6d416f2861b5b87d0f16fe84dc7705d9ad67bda0b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher3uswest2-28586372
date: Mon, 16 Sep 2024 02:37:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
content-encoding: gzip
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-vhost: publish
x-cache: Hit from cloudfront
age: 16090
content-length: 1183
x-xss-protection: 1; mode=block
last-modified: Wed, 19 Aug 2020 17:22:50 GMT
server: Apache
etag: "1536-5ad3e40c84e80-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
cache-control: max-age=86400, public
accept-ranges: bytes
x-amz-cf-id: __i-eqTEfuX9ALLXHlTXdkJlnNJ8liiRvDKMFco2DOiKhNCGaknnSw==

GET
H2 200 ip.json Show response
api.company-target.com/api/v3/ 4 KB
2 KB 188ms
91ms Fetch
application/json 18.66.102.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v3/ip.json?auth=2OwrhQcQTUj3DLXEdboWdpNQmQrvYHDIFiDhYjst&page=https%3A%2F%2Fblogs.blackberry.com%2Fen%2F2022%2F03%2Fthreat-thursday-cryptbot-infostealer&page_title=Threat%20Thursday%3A%20CryptBot%20Infostealer%20Masquerades%20as%20Cracked%20Software&referrer=
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/include/1726470600000/gxxdrnmwti55.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-127.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 2d30f43d585c65783b502ab057136f01afe815f027223cb8ce42864344865f93

Request headers

Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 07:05:44 GMT
content-encoding: gzip
identification-source: CACHE
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: b4f16abf-5bec-44ac-957b-58d600502dac
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blogs.blackberry.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v3
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: O0CwqInXKn-ajO3auxfzbYrHD0ivNCW95Iu0xFQvS-miqFI3aC9lPA==
expires: Sun, 15 Sep 2024 07:05:44 GMT

GET
H2 200 / Show response
geolocation-db.com/json/ 144 B
256 B 140ms
50ms XHR
text/html 159.89.102.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geolocation-db.com/json/
Requested by: Host: blogs.blackberry.com
URL: https://blogs.blackberry.com/en/2022/03/threat-thursday-cryptbot-infostealer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.102.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 73b0da8a840c64018227ed4fe926f61a8a2c26f8acf0af2b4c5fa34f03ef4483

Request headers

Referer: https://blogs.blackberry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 16 Sep 2024 07:05:45 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
content-type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.blackberry.com/	1970-01-21 01:44:06	Name: _gcl_au Value: 1.1.1061854261.1726470343
.blogs.blackberry.com/	1970-01-21 03:53:42	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Sep+16+2024+09%3A05%3A42+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202403.1.0&browserGpcFlag=0&isIABGlobal=false&landingPath=https%3A%2F%2Fblogs.blackberry.com%2Fen%2F2022%2F03%2Fthreat-thursday-cryptbot-infostealer&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0&hosts=H5%3A0%2CH124%3A0%2CH231%3A0%2CH197%3A0%2CH171%3A0%2CH360%3A0%2CH215%3A0%2CH6%3A0%2CH7%3A0%2CH15%3A0%2CH363%3A0%2CH434%3A0%2CH233%3A0%2CH364%3A0%2CH314%3A0%2CH326%3A0%2CH25%3A0%2CH435%3A0%2CH452%3A0%2CH31%3A0%2CH42%3A0%2CH283%3A0%2CH44%3A0%2CH458%3A0%2CH368%3A0%2CH47%3A0%2CH50%3A0%2CH52%3A0%2CH337%3A0%2CH60%3A0%2CH395%3A0%2CH375%3A0%2CH449%3A0%2CH69%3A0%2CH73%3A0%2CH463%3A0%2CH441%3A0&genVendors=
.linkedin.com/	1970-01-21 08:20:06	Name: bcookie Value: "v=2&5e2ab92d-eec3-4838-8f35-b283cff8907c"
.linkedin.com/	1970-01-21 03:53:42	Name: li_gc Value: MTswOzE3MjY0NzAzNDI7MjswMjEQklqGzeU1Z+s6L1MSEU28qOVLK+AljsTL1QTzTn7VUA==
.linkedin.com/	1970-01-20 23:35:56	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2939:u=1:x=1:i=1726470342:t=1726556742:v=2:sig=AQGk0tKpfRnm189xDuE8TStrGlt09wbU"
blogs.blackberry.com/	1970-01-20 23:34:32	Name: drift_campaign_refresh Value: 8c3177cd-1994-4d68-8a54-cac98bd69bd9
blogs.blackberry.com/	1970-01-21 09:10:30	Name: drift_aid Value: fa167c06-1589-48c6-861a-0a3e15c14fac
blogs.blackberry.com/	1970-01-21 09:10:30	Name: driftt_aid Value: fa167c06-1589-48c6-861a-0a3e15c14fac

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kit.fontawesome.com/3c243f8233.js Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self';upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.company-target.com
blogs.blackberry.com
cdn.cookielaw.org
fonts.googleapis.com
fonts.gstatic.com
geolocation-db.com
geolocation.onetrust.com
js.driftt.com
kit.fontawesome.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
www.googletagmanager.com
13.107.42.14
159.89.102.253
18.245.86.73
18.245.86.87
18.66.102.127
2600:9000:223d:7000:19:cd0a:2e00:93a1
2606:4700:4400::6812:2089
2606:4700:4400::6812:2844
2606:4700::6812:562a
2620:1ec:21::14
2a00:1450:4001:802::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82b::200a
2a02:26f0:3500:10::210:a99
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
0d6c1c4e26ad9b975c8d5a04e36ecc1ac6460ac414a880654c2810e2ce9f52c8
14b4829a35b8e60b8b06dbe0e8ab5e958e03a65dd54d4ca3012b008da1cbf0cc
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
1d9b4b18afd07d61da40d745f3e3cad7640d50d04f65ad72d3e92477bfbd7ab1
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
297b139c52792ae8b27e5531f91d2af35451bf5e8f95bbc1960cca6717a3f1d3
2c8fe9899a239a897bed8236e08a655a77f4092886c29d9bb417879396abe721
2d30f43d585c65783b502ab057136f01afe815f027223cb8ce42864344865f93
2ec54e382481140e39b389d235cc35451fd7f8e286840d8dea664a9454a5373f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46bdacc819263327f9840d86a4512111e8709e3830f18e706619c4378c5880df
488d4c3034f101f093e0120ef92c18a1e138d76c01ce0ef75de43febbef3183c
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
60d4c4c0c88c376f4b7805ce560b6c7ba2d1c6aef18393a6b9581286d4228916
649d98ea82ac9214aea5d6e18ec9497e6ec40bb0d323c4d702703747d9326943
6d1137d21f3ba78b8a882dbf77f7c88712ad02a3f5efdce5ff996a67c15a6bf6
71117fe4bf34368700623873c336e70291755a0dca74ceb5ebfef880bd4b717f
73b0da8a840c64018227ed4fe926f61a8a2c26f8acf0af2b4c5fa34f03ef4483
751fd9b76bb578dbafce1e6d416f2861b5b87d0f16fe84dc7705d9ad67bda0b1
7adf4e26debc21eca46d0b266703acf8fb132fc0a75382c1f879f27066f9e9aa
7b5dbd37fcc639258ef21f839e379c044a86f7ca588cda61532446bc021f6e04
8024354650d113450ed53ddc61ba90afc651aa78e9d4cede6fd60d4198a656bc
84b49327933d0d884dab87e031e8b5245a0277b744bc771d94f652975cd5168d
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17
91b0809d8b9dc57eaa09cb0e13c210b24edfaeadb94a8cff0fee02751c1b0b5f
a9c06804242819b18af434dfa96d939ba88510b3982da0e1691a23c48db42a7a
b212d247d6338572dae60c8b7b63d42639dfbac54d2e295b03e6684be1e5b302
bb1bcfc6318ec6edbf0ef31b945798d4f0c7e02536c9b9a5de6b0f68cca00b4e
cae5376e018c99723dbda3ee1ca8f3a9976abf31dadfe4507fd08cc8678b63a2
cd651cbad12e404ff39c334cfe63fffea31d90f502278190559d3f14f614e4f1
d104b74bae6e524bb21bfede62a270ff318122d005772d94e6d7cebbc53017fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68e061bfcd9da8ae5f45f6bb6ed6b8f7dc51a77bd12cb168281efda1a68a03a
f30733e0e39f5044034df46d3d8c20feaa22cf680bc21398b2359f3555ff5364
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
f8d8bbb5d080a816cf689ffc662b94c714238d3cc54f37f14f6162e8fa383193

blogs.blackberry.com Open in urlscan Pro 2600:9000:223d:7000:19:cd0a:2e00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

98 %HTTPS

64 %IPv6

12 Domains

13 Subdomains

14 IPs

2 Countries

3535 kBTransfer

5019 kBSize

8 Cookies

28 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blogs.blackberry.com Open in urlscan Pro
2600:9000:223d:7000:19:cd0a:2e00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

98 %
HTTPS

64 %
IPv6

12
Domains

13
Subdomains

14
IPs

2
Countries

3535 kB
Transfer

5019 kB
Size

8
Cookies

45 HTTP transactions
0 data transactions