Submitted URL: https://blog.aquasec.com/fileless-malware-container-security
Effective URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Submission: On September 27 via api from IN — Scanned from DE

Summary

This website contacted 26 IPs in 4 countries across 19 domains to perform 102 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.aquasec.com.
TLS certificate: Issued by WE1 on September 5th 2024. Valid for: 3 months.
This is the only time www.aquasec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
1 43 141.193.213.21 209242 (CLOUDFLAR...)
3 54.77.7.148 16509 (AMAZON-02)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2620:1ec:33:3... 8075 (MICROSOFT...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:275... 16509 (AMAZON-02)
8 34.206.10.42 14618 (AMAZON-AES)
1 52.213.31.162 16509 (AMAZON-02)
1 13.35.58.58 16509 (AMAZON-02)
1 18.66.122.57 16509 (AMAZON-02)
3 65.9.66.11 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
102 26
Apex Domain
Subdomains
Transfer
45 aquasec.com
blog.aquasec.com
www.aquasec.com
info.aquasec.com
959 KB
13 trendemon.com
assets.trendemon.com — Cisco Umbrella Rank: 121620
trackingapi.trendemon.com — Cisco Umbrella Rank: 101835
pic.trendemon.com — Cisco Umbrella Rank: 309669
193 KB
9 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2952
tracking.crazyegg.com — Cisco Umbrella Rank: 5026
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 5963
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 6025
83 KB
7 cdn-cookieyes.com
cdn-cookieyes.com — Cisco Umbrella Rank: 7775
47 KB
5 hubspot.com
js.hubspot.com — Cisco Umbrella Rank: 4150
api.hubspot.com — Cisco Umbrella Rank: 5645
track.hubspot.com — Cisco Umbrella Rank: 2877
app.hubspot.com — Cisco Umbrella Rank: 6391
28 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 358
px4.ads.linkedin.com — Cisco Umbrella Rank: 6989
2 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 378
15 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
305 KB
3 cookieyes.com
log.cookieyes.com — Cisco Umbrella Rank: 8663
directory.cookieyes.com — Cisco Umbrella Rank: 12800
768 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3391
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 7797
156 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2752
25 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 5683
26 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2719
19 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 9833
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 152
545 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4111
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2991
1 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 906
14 KB
102 19
Domain Requested by
43 www.aquasec.com 1 redirects www.aquasec.com
8 trackingapi.trendemon.com assets.trendemon.com
7 cdn-cookieyes.com www.aquasec.com
cdn-cookieyes.com
6 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
4 bat.bing.com www.googletagmanager.com
bat.bing.com
3 pic.trendemon.com
3 px.ads.linkedin.com 1 redirects snap.licdn.com
3 www.googletagmanager.com www.aquasec.com
www.googletagmanager.com
2 assets.trendemon.com www.aquasec.com
assets.trendemon.com
2 api.hubspot.com js.usemessages.com
2 log.cookieyes.com www.aquasec.com
1 region1.google-analytics.com www.googletagmanager.com
1 js.hsforms.net assets.trendemon.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 tracking.crazyegg.com script.crazyegg.com
1 app.hubspot.com js.usemessages.com
1 track.hubspot.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hubspot.com js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 directory.cookieyes.com cdn-cookieyes.com
1 px4.ads.linkedin.com
1 info.aquasec.com www.aquasec.com
1 js.hs-scripts.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 blog.aquasec.com 1 redirects
102 31
Subject Issuer Validity Valid
www.aquasec.com
WE1
2024-09-05 -
2024-12-04
3 months crt.sh
log.cookieyes.com
Amazon RSA 2048 M02
2024-03-26 -
2025-04-25
a year crt.sh
cdn-cookieyes.com
WE1
2024-09-22 -
2024-12-21
3 months crt.sh
*.google-analytics.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03
2024-09-16 -
2025-03-15
6 months crt.sh
script.crazyegg.com
Cloudflare Inc ECC CA-3
2024-08-02 -
2024-12-31
5 months crt.sh
hs-scripts.com
WE1
2024-09-26 -
2024-12-25
3 months crt.sh
info.aquasec.com
WE1
2024-09-09 -
2024-12-08
3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-09-11 -
2025-03-11
6 months crt.sh
directory.cookieyes.com
Amazon RSA 2048 M03
2024-02-02 -
2025-03-03
a year crt.sh
*.g.doubleclick.net
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.google.de
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
hs-banner.com
WE1
2024-09-24 -
2024-12-23
3 months crt.sh
hubspot.com
E5
2024-09-18 -
2024-12-17
3 months crt.sh
usemessages.com
WE1
2024-08-08 -
2024-11-06
3 months crt.sh
hs-analytics.net
WE1
2024-08-09 -
2024-11-07
3 months crt.sh
*.trendemon.com
SSL.com RSA SSL subCA
2024-06-18 -
2025-06-18
a year crt.sh
crazyegg.com
Amazon RSA 2048 M03
2024-05-24 -
2025-06-23
a year crt.sh
hsforms.net
WE1
2024-08-11 -
2024-11-09
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.aquasec.com/blog/fileless-malware-container-security/
Frame ID: F4FCABEB60B708C5325BC230515FEE41
Requests: 98 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/1665891/threads/utk/203a309de52944cb878563d5f26a292f?uuid=34d13dfe22c643af9536205f52940161&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=aquasec.com&inApp53=false&messagesUtk=203a309de52944cb878563d5f26a292f&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false
Frame ID: C27C7CF428A675BFC34CFEE046E420E7
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Fileless Malware Executing in Containers - Aqua

Page URL History Show full URLs

  1. https://blog.aquasec.com/fileless-malware-container-security HTTP 301
    https://www.aquasec.com/blog/fileless-malware-container-security HTTP 301
    https://www.aquasec.com/blog/fileless-malware-container-security/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

102
Requests

97 %
HTTPS

68 %
IPv6

19
Domains

31
Subdomains

26
IPs

4
Countries

1875 kB
Transfer

4345 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://blog.aquasec.com/fileless-malware-container-security HTTP 301
    https://www.aquasec.com/blog/fileless-malware-container-security HTTP 301
    https://www.aquasec.com/blog/fileless-malware-container-security/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1727420464263&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1727420464263&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F&e_ipv6=AQJurJBYl-kTIgAAAZIySHzVTDTXeaJyPD1hcGT7qV6Ukq57wQLCL85a2g1zHZYXeJ84DmlPI_4x9Sa7BgRpb4c6JO4G

102 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.aquasec.com/blog/fileless-malware-container-security/
Redirect Chain
  • https://blog.aquasec.com/fileless-malware-container-security
  • https://www.aquasec.com/blog/fileless-malware-container-security
  • https://www.aquasec.com/blog/fileless-malware-container-security/
103 KB
23 KB
Document
General
Full URL
https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
232578c4d68409746e0d0d20d5665ad15019876086d05f3e77c567d0f3417908
Security Headers
Name Value
Content-Security-Policy img-src data: *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8c999ec94bb0d344-FRA
content-encoding
br
content-security-policy
img-src data: *;
content-type
text/html; charset=UTF-8
date
Fri, 27 Sep 2024 07:01:03 GMT
permissions-policy
midi=()
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
MISS
x-cache-group
normal
x-cacheable
SHORT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8c999ec64bc3d344-FRA
content-security-policy
img-src data: *;
content-type
text/html; charset=UTF-8
date
Fri, 27 Sep 2024 07:01:03 GMT
location
https://www.aquasec.com/blog/fileless-malware-container-security/
permissions-policy
midi=()
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
MISS
x-cache-group
normal
x-cacheable
non200
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-redirect-by
WordPress
x-xss-protection
1; mode=block
script.js
www.aquasec.com/wp-content/cache/min/1/client_data/5bcdbce45953e61e74b8da56/
101 KB
35 KB
Script
General
Full URL
https://www.aquasec.com/wp-content/cache/min/1/client_data/5bcdbce45953e61e74b8da56/script.js?ver=1727085361
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a1c44182f60ff7cc44f3579359308a4ee76aa768d74fc8e01c1150e83a48cfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"66f13b31-19206"
age
335054
cf-ray
8c999ecbab47d344-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:03 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 23 Sep 2024 09:56:01 GMT
No-Title-Fileless-Attack-Blog-Image.jpg
www.aquasec.com/wp-content/uploads/2020/12/
104 KB
104 KB
Image
General
Full URL
https://www.aquasec.com/wp-content/uploads/2020/12/No-Title-Fileless-Attack-Blog-Image.jpg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6143b270c1666b3b59c148c6996a031c953a63fa7d593f91878f9554b4d81cb0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=31536000
cf-cache-status
HIT
etag
"65be4079-1a060"
age
396816
cf-ray
8c999ecbab49d344-FRA
expires
Sat, 20 Sep 2025 21:10:22 GMT
accept-ranges
bytes
content-length
106592
date
Fri, 27 Sep 2024 07:01:03 GMT
content-type
image/webp
last-modified
Sat, 03 Feb 2024 13:32:41 GMT
vary
Accept, Accept-Encoding
server
cloudflare
aqua3.min.css
www.aquasec.com/wp-content/themes/aqua3/css/
509 KB
68 KB
Stylesheet
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8edf154666b97ea6bb1c70e115974bae168a148ad81a747456c1d86f667790d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"66f1371f-7f4f5"
age
335975
cf-ray
8c999ecbab45d344-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:03 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 23 Sep 2024 09:38:39 GMT
aqua3.min.js
www.aquasec.com/wp-content/themes/aqua3/js/
167 KB
54 KB
Script
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/js/aqua3.min.js?ver=1.0.682
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
76a63095bd0c61faa8c6a82907bb7744caabfd3e523c979b48f08c80b6de037b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"66c1c2be-29b11"
age
335975
cf-ray
8c999ecbab4bd344-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:03 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Sun, 18 Aug 2024 09:45:34 GMT
Horizontal-Dark-Abyss.svg
www.aquasec.com/wp-content/uploads/2019/08/
4 KB
2 KB
Image
General
Full URL
https://www.aquasec.com/wp-content/uploads/2019/08/Horizontal-Dark-Abyss.svg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
18587626fe3db3b6adcfcc0d1280f65b56c5208d4894fafc5c0b590a5b68df70

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"63cd67bd-108e"
age
2676251
cf-ray
8c999ecbab4fd344-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:03 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Sun, 22 Jan 2023 16:43:41 GMT
Fileless-attack-diagram.jpg
www.aquasec.com/wp-content/uploads/2024/01/
62 KB
62 KB
Image
General
Full URL
https://www.aquasec.com/wp-content/uploads/2024/01/Fileless-attack-diagram.jpg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
308b85c5855f899a40a1e18296c5d68e3c495104622d35fc36e80c499424845c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=31536000
cf-cache-status
HIT
etag
"65be3bfa-f864"
cf-ray
8c999ecbab4ed344-FRA
expires
Sun, 24 Aug 2025 05:11:33 GMT
accept-ranges
bytes
content-length
63588
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/webp
last-modified
Sat, 03 Feb 2024 13:13:30 GMT
vary
Accept, Accept-Encoding
server
cloudflare
Threat-report-2023-Horizontal-CTA.jpg
www.aquasec.com/wp-content/uploads/2024/01/
249 KB
249 KB
Image
General
Full URL
https://www.aquasec.com/wp-content/uploads/2024/01/Threat-report-2023-Horizontal-CTA.jpg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4388b02bc25098e040a6c4705239709f56be0bced296b82975179ab3179df43f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"65b7de3f-424a8"
age
396816
cf-cache-status
HIT
cf-ray
8c999ecbab50d344-FRA
expires
Mon, 18 Aug 2025 21:41:38 GMT
accept-ranges
bytes
cf-polished
origSize=271528, status=vary_header_present
content-length
254895
date
Fri, 27 Sep 2024 07:01:03 GMT
content-type
image/jpeg
last-modified
Mon, 29 Jan 2024 17:19:59 GMT
vary
Accept, Accept-Encoding
server
cloudflare
image-2-4.jpg
www.aquasec.com/wp-content/uploads/2024/01/
198 KB
198 KB
Image
General
Full URL
https://www.aquasec.com/wp-content/uploads/2024/01/image-2-4.jpg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4626ccf50c9df8c4d4dd37a5777bfe69d702e26755952ef44d5207cbf079501b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"65b680c3-3fbe7"
age
396817
cf-cache-status
HIT
cf-ray
8c999ecbfc82d344-FRA
expires
Mon, 18 Aug 2025 21:41:38 GMT
accept-ranges
bytes
cf-polished
origSize=261095, status=vary_header_present
content-length
202318
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/jpeg
last-modified
Sun, 28 Jan 2024 16:28:51 GMT
vary
Accept, Accept-Encoding
server
cloudflare
mitre-table-2.png
www.aquasec.com/wp-content/uploads/2024/01/
17 KB
17 KB
Image
General
Full URL
https://www.aquasec.com/wp-content/uploads/2024/01/mitre-table-2.png
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b9c768a7094b81999098052623e903668f7f76ed285960bf876d1b034b8c53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"65b680c4-9eb7"
age
170008
cf-cache-status
HIT
cf-ray
8c999ecc3d83d344-FRA
expires
Mon, 18 Aug 2025 21:41:38 GMT
accept-ranges
bytes
cf-polished
origSize=40631, status=vary_header_present
content-length
17639
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/png
last-modified
Sun, 28 Jan 2024 16:28:52 GMT
vary
Accept, Accept-Encoding
server
cloudflare
lazyload.min.js
www.aquasec.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/
9 KB
3 KB
Script
General
Full URL
https://www.aquasec.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"66c1a1b5-22bc"
age
611010
cf-ray
8c999ecc3d86d344-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Sun, 18 Aug 2024 07:24:37 GMT
wpr-beacon.min.js
www.aquasec.com/wp-content/plugins/wp-rocket/assets/js/
6 KB
2 KB
Script
General
Full URL
https://www.aquasec.com/wp-content/plugins/wp-rocket/assets/js/wpr-beacon.min.js
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
095cc7bdd28ae30c93f1ac6251b137e9578b09e0c6bc97b6d4b161b7c3ec559a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"66c1a1b5-19ac"
age
654100
cf-ray
8c999ecc3d87d344-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Sun, 18 Aug 2024 07:24:37 GMT
log
log.cookieyes.com/api/v1/
2 B
219 B
Ping
General
Full URL
https://log.cookieyes.com/api/v1/log
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/cache/min/1/client_data/5bcdbce45953e61e74b8da56/script.js?ver=1727085361
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.7.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-7-148.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryWYEG3IfDYxZDWilB
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

x-robots-tag
noindex, nofollow
link
<https://www.cookieyes.com>; rel="canonical"
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-origin
*
content-length
2
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
text/plain; charset=utf-8
x-powered-by
Express
banner.js
cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/
101 KB
33 KB
Script
General
Full URL
https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/banner.js
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/cache/min/1/client_data/5bcdbce45953e61e74b8da56/script.js?ver=1727085361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a3102f6130c0eea8ab63bc81ba3d2e15e80a194da1b83aad5e1ea318465c8dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
"1953b-622a420c8f167-gzip"
age
480681
access-control-allow-methods
GET, OPTIONS
cf-ray
8c999ecc5d194d40-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
33855
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
application/javascript
last-modified
Sat, 21 Sep 2024 17:03:00 GMT
vary
Accept-Encoding
server
cloudflare
gtm.js
www.googletagmanager.com/
322 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6248603e3427743ef19f2f043c937dc25574b428286ffbc21746694b2f4b72d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 27 Sep 2024 07:01:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 27 Sep 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109138
x-xss-protection
0
server
Google Tag Manager
icon_alert_02.svg
www.aquasec.com/wp-content/themes/aqua3/images/
1000 B
681 B
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/icon_alert_02.svg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
021dc691a8ac476a01b5c5738e2652610b950ecc2d9c745c929b2a30548eb1f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"64843c41-3e8"
age
2760273
cf-ray
8c999ecc6e38d344-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Sat, 10 Jun 2023 09:02:57 GMT
logo_aqua.svg
www.aquasec.com/wp-content/themes/aqua3/images/
2 KB
933 B
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/logo_aqua.svg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8eb8a7898d7f65f3407008af621d906d14d1f0d0ff3f03a70da78cc1e471ea0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"628d2e1d-936"
age
3429505
cf-ray
8c999ecc6e3cd344-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Tue, 24 May 2022 19:12:29 GMT
logo_aqua_white.svg
www.aquasec.com/wp-content/themes/aqua3/images/
2 KB
909 B
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/logo_aqua_white.svg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a068fef04a1b0f7601f0d566dd7356d960d79a0c255e1228e9e057249fc1139

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"628d2e1b-89f"
age
3053650
cf-ray
8c999ecc6e3dd344-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Tue, 24 May 2022 19:12:27 GMT
logomark_small.png
www.aquasec.com/wp-content/themes/aqua3/images/
370 B
504 B
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/logomark_small.png
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5a16ab4cec4edc93fb95a251904368b4ffb61c1886daf14d0e667e7ef5de2e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
max-age=31536000
cf-cache-status
HIT
etag
"638cb249-172"
age
3426144
cf-ray
8c999ecc6e40d344-FRA
expires
Mon, 18 Aug 2025 14:11:33 GMT
accept-ranges
bytes
content-length
370
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/webp
last-modified
Sun, 04 Dec 2022 14:44:25 GMT
vary
Accept, Accept-Encoding
server
cloudflare
icons_opensource_sprite_03.png
www.aquasec.com/wp-content/themes/aqua3/images/
3 KB
3 KB
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/icons_opensource_sprite_03.png
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d62307128d2ce171e5c693cc6c2d87b5cb3a8b120deaefd791269d6352908677

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
max-age=31536000
cf-cache-status
HIT
etag
"63ad92cb-a12"
age
3426144
cf-ray
8c999ecc6e42d344-FRA
expires
Mon, 18 Aug 2025 14:11:33 GMT
accept-ranges
bytes
content-length
2578
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/webp
last-modified
Thu, 29 Dec 2022 13:14:51 GMT
vary
Accept, Accept-Encoding
server
cloudflare
logomark_wiki_blue_small.png
www.aquasec.com/wp-content/themes/aqua3/images/
388 B
500 B
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/logomark_wiki_blue_small.png
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f21885521706b7ae0638ce79ea884c4e3a582073ecdc478b851d43ceb98adfe8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
max-age=31536000
cf-cache-status
HIT
etag
"63e02c3f-184"
age
3426144
cf-ray
8c999ecc7e52d344-FRA
expires
Mon, 18 Aug 2025 14:11:33 GMT
accept-ranges
bytes
content-length
388
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/webp
last-modified
Sun, 05 Feb 2023 22:22:55 GMT
vary
Accept, Accept-Encoding
server
cloudflare
icons_social_sprite_02.png
www.aquasec.com/wp-content/themes/aqua3/images/
1 KB
1 KB
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/icons_social_sprite_02.png
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cbb0f1ee7e0c16e7792b41c8bc635bbfd80eaa15c2246727ecb09d9ae5a31f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
max-age=31536000
cf-cache-status
HIT
etag
"6516a5e5-42c"
age
3426144
cf-ray
8c999ecc7e53d344-FRA
expires
Mon, 18 Aug 2025 14:11:33 GMT
accept-ranges
bytes
content-length
1068
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/webp
last-modified
Fri, 29 Sep 2023 10:24:37 GMT
vary
Accept, Accept-Encoding
server
cloudflare
icon_search_sprite_03.png
www.aquasec.com/wp-content/themes/aqua3/images/
418 B
521 B
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/icon_search_sprite_03.png
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
13e9e30e321a29ea2fc897fe531dc79492758ed06fa246c4b824113430717afe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
max-age=31536000
cf-cache-status
HIT
etag
"638cb249-1a2"
age
3048910
cf-ray
8c999ecc7e54d344-FRA
expires
Mon, 18 Aug 2025 14:11:33 GMT
accept-ranges
bytes
content-length
418
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/webp
last-modified
Sun, 04 Dec 2022 14:44:25 GMT
vary
Accept, Accept-Encoding
server
cloudflare
idanRevivoLI-140x140.jpg
www.aquasec.com/wp-content/uploads/2024/01/
5 KB
5 KB
Image
General
Full URL
https://www.aquasec.com/wp-content/uploads/2024/01/idanRevivoLI-140x140.jpg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d328c0005c2883c88f04980c963032b8017bebc74f97e8de0d13e3d562d9a7c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=31536000
cf-cache-status
HIT
etag
"65ba6c32-152c"
age
396816
cf-ray
8c999ecc7e56d344-FRA
expires
Mon, 18 Aug 2025 14:17:35 GMT
accept-ranges
bytes
content-length
5420
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/webp
last-modified
Wed, 31 Jan 2024 15:50:10 GMT
vary
Accept, Accept-Encoding
server
cloudflare
Assaf-M-180-140x140.jpg
www.aquasec.com/wp-content/uploads/2024/01/
6 KB
6 KB
Image
General
Full URL
https://www.aquasec.com/wp-content/uploads/2024/01/Assaf-M-180-140x140.jpg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6301c9c42c19c029aeeabbdd5f3d18467f2176f6542b62e0a085a8b982bd7ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=31536000
cf-cache-status
HIT
etag
"65b61e3b-171e"
age
2749048
cf-ray
8c999ecc7e57d344-FRA
expires
Mon, 18 Aug 2025 14:18:21 GMT
accept-ranges
bytes
content-length
5918
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/webp
last-modified
Sun, 28 Jan 2024 09:28:27 GMT
vary
Accept, Accept-Encoding
server
cloudflare
social_icon_bg_blue.png
www.aquasec.com/wp-content/themes/aqua3/images/
2 KB
3 KB
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/social_icon_bg_blue.png
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca1cc2931d9b9d251ab7167845855887ed3ade46391a6af2b3f2cbd4a1ced08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
max-age=31536000
cf-cache-status
HIT
etag
"6429f0a0-9f8"
age
2762416
cf-ray
8c999ecc7e5ad344-FRA
expires
Mon, 18 Aug 2025 14:09:08 GMT
accept-ranges
bytes
content-length
2552
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/webp
last-modified
Sun, 02 Apr 2023 21:16:16 GMT
vary
Accept, Accept-Encoding
server
cloudflare
ico_linkedin_white.svg
www.aquasec.com/wp-content/themes/aqua3/images/icons/social/
500 B
428 B
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ico_linkedin_white.svg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef613831627e1b66cfc1a63db65f2556fd82862d5984a407fa9a3bc12d15a08d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"5f144230-1f4"
age
2677367
cf-ray
8c999ecc7e5cd344-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Sun, 19 Jul 2020 12:53:04 GMT
mesh_25_footer_full.svg
www.aquasec.com/wp-content/themes/aqua3/images/mesh/
14 KB
2 KB
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/mesh/mesh_25_footer_full.svg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2682c47932a575492f1eba19f0061bbbf0936fbd969b108213e0474e14931e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"64843c52-3927"
age
3426140
cf-ray
8c999ecc7e5dd344-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Sat, 10 Jun 2023 09:03:14 GMT
mesh_25_footer2_right.svg
www.aquasec.com/wp-content/themes/aqua3/images/mesh/
878 B
708 B
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/mesh/mesh_25_footer2_right.svg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7606e84b34c394b34c596b002da5aaa0f301406ad2066bb6d9b93381505183fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"64843c51-36e"
age
3426140
cf-ray
8c999ecc7e60d344-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Sat, 10 Jun 2023 09:03:13 GMT
logo_aqua_dark.svg
www.aquasec.com/wp-content/themes/aqua3/images/
2 KB
880 B
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/logo_aqua_dark.svg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
32046089ccace81843cbfbf1e80ec224e591a3a6441753dd62e0bcf4cf33c6d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"628d2e1d-936"
age
3430268
cf-ray
8c999ecc7e65d344-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Tue, 24 May 2022 19:12:29 GMT
ico_instagram_white.svg
www.aquasec.com/wp-content/themes/aqua3/images/icons/social/
2 KB
892 B
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ico_instagram_white.svg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
87d3036c2207d4cb8b2ab6ed65edde4aa2e351b50030e3515b664b5bd2117c13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"61f023d6-74d"
age
3426140
cf-ray
8c999ecc7e67d344-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Tue, 25 Jan 2022 16:22:46 GMT
ico_youtube_white.svg
www.aquasec.com/wp-content/themes/aqua3/images/icons/social/
449 B
361 B
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ico_youtube_white.svg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
29cecc5902de526c5b23f00d84e72ae7d29db58d2e3e8d11928ee5dea1169231

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"5f144230-1c1"
age
3430268
cf-ray
8c999ecc7e69d344-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Sun, 19 Jul 2020 12:53:04 GMT
ico_twitterx_white.svg
www.aquasec.com/wp-content/themes/aqua3/images/icons/social/
347 B
357 B
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ico_twitterx_white.svg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ecb1528ceb06e950fa027e7429321c91ea926dbc890e4fb34f07acf70b8c9f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6516a533-15b"
age
3426140
cf-ray
8c999ecc7e6bd344-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 29 Sep 2023 10:21:39 GMT
ico_git_white.svg
www.aquasec.com/wp-content/themes/aqua3/images/icons/social/
2 KB
1 KB
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ico_git_white.svg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2e21c78744fd7ea0ace3cf3f78e8b46008ea982199c7df225dc4498b16703a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"5f144230-794"
age
3430268
cf-ray
8c999ecc7e6dd344-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Sun, 19 Jul 2020 12:53:04 GMT
ico_facebook_white.svg
www.aquasec.com/wp-content/themes/aqua3/images/icons/social/
286 B
283 B
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/icons/social/ico_facebook_white.svg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce021d2a1a40ee29c16dd821b7fd9e661a98d77b89433bd5a5569a563e2129a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"5f144230-11e"
age
2679965
cf-ray
8c999ecc7e71d344-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Sun, 19 Jul 2020 12:53:04 GMT
icon_accessibility.png
www.aquasec.com/wp-content/themes/aqua3/images/
198 B
335 B
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/icon_accessibility.png
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f77564e29b03c97c7ecb155d1c974ff89de12cc0a4874724b6c259e9d9071d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
max-age=31536000
cf-cache-status
HIT
etag
"6332be3a-c6"
age
2677367
cf-ray
8c999ecc7e72d344-FRA
expires
Mon, 18 Aug 2025 14:09:11 GMT
accept-ranges
bytes
content-length
198
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/webp
last-modified
Tue, 27 Sep 2022 09:11:22 GMT
vary
Accept, Accept-Encoding
server
cloudflare
inter-v7-latin-regular.woff2
www.aquasec.com/wp-content/themes/aqua3/fonts/
16 KB
16 KB
Font
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/fonts/inter-v7-latin-regular.woff2
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2069ee225073a115f31dcfbfc8e645967697bcf1d9b8f56d56b0aed8943d9f93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.aquasec.com
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
public, max-age=31536000
cf-cache-status
HIT
etag
"61bf0c29-410c"
age
3429174
cf-ray
8c999eccdf63d344-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
16652
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
font/woff2
last-modified
Sun, 19 Dec 2021 10:40:41 GMT
vary
Accept-Encoding
server
cloudflare
inter-v7-latin-700.woff2
www.aquasec.com/wp-content/themes/aqua3/fonts/
17 KB
17 KB
Font
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/fonts/inter-v7-latin-700.woff2
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2be4f770c150289ae7c966dba6508266866f02223f41c6b9088699338ae99e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.aquasec.com
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
public, max-age=31536000
cf-cache-status
HIT
etag
"61bf0c26-44c4"
age
2688383
cf-ray
8c999eccdf68d344-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
17604
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
font/woff2
last-modified
Sun, 19 Dec 2021 10:40:38 GMT
vary
Accept-Encoding
server
cloudflare
inter-v7-latin-600.woff2
www.aquasec.com/wp-content/themes/aqua3/fonts/
17 KB
17 KB
Font
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/fonts/inter-v7-latin-600.woff2
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f36b7ce29c7f51e6f99ffb230a4de3c58fb413c096963906fe52b7df5723526

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.aquasec.com
Referer
https://www.aquasec.com/wp-content/themes/aqua3/css/aqua3.min.css?ver=1.0.682

Response headers

cache-control
public, max-age=31536000
cf-cache-status
HIT
etag
"61bf0c22-4460"
age
2762416
cf-ray
8c999eccdf6bd344-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
17504
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
font/woff2
last-modified
Sun, 19 Dec 2021 10:40:34 GMT
vary
Accept-Encoding
server
cloudflare
Gartner-CNAPP-2024-thumb-2.jpg
www.aquasec.com/wp-content/uploads/2024/04/
28 KB
28 KB
Image
General
Full URL
https://www.aquasec.com/wp-content/uploads/2024/04/Gartner-CNAPP-2024-thumb-2.jpg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea48a58a9bc2b46b598e380703bd07f9e0e4ffbc4e3139c7e14eb6bce5771512

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=31536000
cf-cache-status
HIT
etag
"66b334e2-708a"
age
3427993
cf-ray
8c999eccdf6fd344-FRA
expires
Mon, 18 Aug 2025 14:13:06 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
28810
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/webp
last-modified
Wed, 07 Aug 2024 08:48:34 GMT
vary
Accept, Accept-Encoding
server
cloudflare
15-misfigs-Resources-thumbnail-1.jpg
www.aquasec.com/wp-content/uploads/2021/01/
23 KB
23 KB
Image
General
Full URL
https://www.aquasec.com/wp-content/uploads/2021/01/15-misfigs-Resources-thumbnail-1.jpg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b118d300f94d3de6d9c6c51ef8f6936f76dad17371bf24450bfcdd7056522948

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=31536000
cf-cache-status
HIT
etag
"6657108f-5ac2"
age
3426145
cf-ray
8c999eccdf74d344-FRA
expires
Mon, 18 Aug 2025 14:13:06 GMT
accept-ranges
bytes
content-length
23234
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/webp
last-modified
Wed, 29 May 2024 11:25:03 GMT
vary
Accept, Accept-Encoding
server
cloudflare
aqua_default_140x140.png
www.aquasec.com/wp-content/themes/aqua3/images/
1 KB
2 KB
Image
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/images/aqua_default_140x140.png
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a82beac313447af7db1dfa7b9aed48f9663af8ba0f9214075537de060b853a05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=31536000
cf-cache-status
HIT
etag
"628e5493-582"
age
570699
cf-ray
8c999eccdf78d344-FRA
expires
Mon, 18 Aug 2025 14:13:07 GMT
accept-ranges
bytes
content-length
1410
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/webp
last-modified
Wed, 25 May 2022 16:08:51 GMT
vary
Accept, Accept-Encoding
server
cloudflare
Newsroom-logos-CSO-140x140.jpg
www.aquasec.com/wp-content/uploads/2023/09/
2 KB
2 KB
Image
General
Full URL
https://www.aquasec.com/wp-content/uploads/2023/09/Newsroom-logos-CSO-140x140.jpg
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e03b8bd947128738542565721d9b092ca77457303340fc3baf308244b76aa56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=31536000
cf-cache-status
HIT
etag
"64f8ab13-658"
age
2481581
cf-ray
8c999eccdf7bd344-FRA
expires
Mon, 18 Aug 2025 16:14:12 GMT
accept-ranges
bytes
content-length
1624
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/webp
last-modified
Wed, 06 Sep 2023 16:38:43 GMT
vary
Accept, Accept-Encoding
server
cloudflare
jNa0-mV6.json
cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/
738 B
434 B
Fetch
General
Full URL
https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/jNa0-mV6.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5debdbe26fb25ed30b4b6c05be6d235da7033863045f5694fb6ea8fcb8c7adb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
W/"2e2-622a420c8f167"
age
458484
access-control-allow-methods
GET, OPTIONS
cf-ray
8c999ecd7d191e6c-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
last-modified
Sat, 21 Sep 2024 17:03:00 GMT
js
www.googletagmanager.com/gtag/
307 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D2G99SQ9HG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9d7ec7fb6bdbba8caffe2e3ff9d4a79a1d08db53abcafd148bb4bfba023b7e39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Sep 2024 07:01:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105796
x-xss-protection
0
server
Google Tag Manager
insight.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=16880
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Fri, 27 Sep 2024 07:01:04 GMT
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
bat.js
bat.bing.com/
49 KB
15 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"803483b3aaadb1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0DBDD66CFF504840A7FF8DCF68339E6A Ref B: LON212050701007 Ref C: 2024-09-27T07:01:04Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14402
date
Fri, 27 Sep 2024 07:01:03 GMT
content-type
application/javascript
last-modified
Thu, 19 Sep 2024 15:43:41 GMT
vary
Accept-Encoding
destination
www.googletagmanager.com/gtag/
274 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-881756472&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6504f819e717608fd9b50bf172d8f2dfbd4e4c853ff6ac9a0c0d94308d59581e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 27 Sep 2024 07:01:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 27 Sep 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96036
x-xss-protection
0
server
Google Tag Manager
9110.js
script.crazyegg.com/pages/scripts/0082/
7 KB
3 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0082/9110.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11f7be60970826757d2b8c3769fe8632989260841816c5f603c68757fb02a5e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
content-encoding
gzip
cf-cache-status
MISS
cf-ray
8c999ecd9a4835fa-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2481
date
Fri, 27 Sep 2024 07:01:04 GMT
ce-version
11.5.286
content-type
text/javascript
last-modified
Fri, 27 Sep 2024 07:01:04 GMT
vary
Accept-Encoding
server
cloudflare
1665891.js
js.hs-scripts.com/
2 KB
1 KB
Script
General
Full URL
https://js.hs-scripts.com/1665891.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f73ec74b8bdc4ff4bd7fcbce327443d932811f3dad3f55d37a5cf6183702c93
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

access-control-max-age
3600
x-request-id
9d8ec5a0-9606-441f-8cbb-2608eb54bd96
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
90
x-content-type-options
nosniff
expires
Fri, 27 Sep 2024 07:02:34 GMT
cf-polished
origSize=1949
x-evy-trace-listener
listener_https
date
Fri, 27 Sep 2024 07:01:04 GMT
x-hubspot-correlation-id
9d8ec5a0-9606-441f-8cbb-2608eb54bd96
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
last-modified
Fri, 27 Sep 2024 06:59:34 GMT
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-7b8c5dd88-9gsgz
cache-control
public, max-age=90
x-envoy-upstream-service-time
6
access-control-allow-credentials
true
cf-ray
8c999ecd9dde1c38-FRA
access-control-allow-origin
https://trivy.dev
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
data-layer-events.js
info.aquasec.com/hubfs/
11 KB
4 KB
Script
General
Full URL
https://info.aquasec.com/hubfs/data-layer-events.js?v=1727421064226
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
396f95fe76847ae1beacf9c523d2b852b3fc31ce9beedbde4df6b7f8ba6901ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

x-robots-tag
all
content-encoding
br
cf-cache-status
MISS
etag
W/"b492d523ec97a31b53add8896e2baeca"
x-amz-version-id
XcRlKoDF..T4fG.0Cjjm9Tr4D9UFP3Rp
cache-tag
F-77926488921,P-1665891,FLS-ALL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B0XUnAtVzwDVPk%2FKas6cwEDJr2QFoECrw46Jxa7TtAoY7oSLHXNU61LtEzwtICc6nYHbZPSYqrcCmtZODiJks%2Bs3XVN2jdgAznEvmuyfRbbDK6mAGWSzzQVZ4vtQTvkujv2%2BHjHMrbV3WNALYBc%3D"}],"group":"cf-nel","max_age":604800}
x-cache
Miss from cloudfront
x-amz-cf-id
LpRzyiiB5WPXuWy3d2rJAQQv0d--3HQEiyTn9THY7BVx7aVCfXsS8w==
content-type
application/javascript
last-modified
Thu, 30 Jun 2022 10:11:10 GMT
x-amz-meta-index-tag
all
x-amz-replication-status
COMPLETED
edge-cache-tag
F-77926488921,P-1665891,FLS-ALL
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id
YAZB0MY71PGCW0F9
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag
F-77926488921,P-1665891,FLS-ALL
x-hs-alternate-content-type
text/plain
server
cloudflare
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET
x-amz-storage-class
INTELLIGENT_TIERING
date
Fri, 27 Sep 2024 07:01:05 GMT
vary
Accept-Encoding
x-amz-id-2
Hviy2NP43it8ZNd0JzLkagUutikyEZOggta7iZs7P4yk/sXtB9pxDH93tqjd2zps/U7dYCfY3W0UHmcAE6LLO7Hrr2uoaZv4itTIDjcEcUU=
strict-transport-security
max-age=31536000
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
d8fk70yj6xfhx.cloudfront.net
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
cf-ray
8c999ecdad586ace-FRA
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P7
x-amz-meta-created-unix-time-millis
1656583869290
favicon.ico
www.aquasec.com/wp-content/themes/aqua3/
15 KB
1 KB
Other
General
Full URL
https://www.aquasec.com/wp-content/themes/aqua3/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
89de0c24e64daab3fd78e61c512bc6e5ebcd4f771e6d7d81d4e678b259f3f92a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"628d312e-3aee"
age
3429672
cf-ray
8c999ecd797030e4-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/x-icon
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Tue, 24 May 2022 19:25:34 GMT
attribution_trigger
px.ads.linkedin.com/
2 B
812 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=45226&time=1727420464263&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

x-li-pop
afd-prod-ltx1-x
content-encoding
gzip
x-fs-uuid
000623146b2815eee1ab82c87b5b09de
x-msedge-ref
Ref A: 1E301934FA87438B84DA18B445BDB00A Ref B: DUS30EDGE0418 Ref C: 2024-09-27T07:01:04Z
x-li-fabric
prod-ltx1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYjFGsoFe7hq4LIe1sJ3g==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Fri, 27 Sep 2024 07:01:03 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1727420464263&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1727420464263&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F&e_ipv6=AQJurJBYl-kTIgAAAZIySHzVTDTXeaJ...
0
265 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1727420464263&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F&e_ipv6=AQJurJBYl-kTIgAAAZIySHzVTDTXeaJyPD1hcGT7qV6Ukq57wQLCL85a2g1zHZYXeJ84DmlPI_4x9Sa7BgRpb4c6JO4G
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 650B523A4BA94BD68484CCA69FA4D5C4 Ref B: FRAEDGE1822 Ref C: 2024-09-27T07:01:04Z
x-li-fabric
prod-lva1
x-li-uuid
AAYjFGspquh4GYjJlysrBg==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1727420464263&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F&e_ipv6=AQJurJBYl-kTIgAAAZIySHzVTDTXeaJyPD1hcGT7qV6Ukq57wQLCL85a2g1zHZYXeJ84DmlPI_4x9Sa7BgRpb4c6JO4G
x-msedge-ref
Ref A: 30853DB970F64AE39D4D1452CAFEA53D Ref B: FRAEDGE1920 Ref C: 2024-09-27T07:01:04Z
x-li-fabric
prod-lva1
x-li-uuid
AAYjFGsng966dcXcpVI0sw==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Fri, 27 Sep 2024 07:01:03 GMT
ip
directory.cookieyes.com/api/v1/
112 B
331 B
Fetch
General
Full URL
https://directory.cookieyes.com/api/v1/ip
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.7.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-7-148.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
18cba674a74915ad102692a39d6121ad703b67853bbe8ac50c96a2fff6c4d1be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

x-robots-tag
noindex, nofollow
link
<https://www.cookieyes.com>; rel="canonical"
etag
W/"70-c5AQbbkCWmyiRiICiYrH8V+pghA"
access-control-allow-origin
*
content-length
112
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
text/html; charset=utf-8
x-powered-by
Express
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-D2G99SQ9HG&gtm=45je49p0v875778671z871822536za200zb71822536&_p=1727420464025&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686684~101747727&cid=1884147169.1727420464&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1727420464&sct=1&seg=0&dl=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F&dt=Fileless%20Malware%20Executing%20in%20Containers%20-%20Aqua&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Blog%20new&tfd=1554
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D2G99SQ9HG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.aquasec.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
545 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D2G99SQ9HG&cid=1884147169.1727420464&gtm=45je49p0v875778671z871822536za200zb71822536&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101671035~101686684~101747727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D2G99SQ9HG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.aquasec.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D2G99SQ9HG&cid=1884147169.1727420464&gtm=45je49p0v875778671z871822536za200zb71822536&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101671035~101686684~101747727&tag_exp=101671035~101686684~101747727&z=1650841686
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 27 Sep 2024 07:01:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
1665891.js
js.hs-banner.com/
63 KB
19 KB
Script
General
Full URL
https://js.hs-banner.com/1665891.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1665891.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eae6577f5d40e9c221f9490f2384d6afaf58f9660850a82f50e4d816e7394ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

x-evy-trace-virtual-host
all
access-control-max-age
604800
x-request-id
38a165ee-b0bd-4d77-9413-7530d159c578
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding
gzip
cf-cache-status
HIT
etag
W/"b498b42de17db7512538316a7894d7ae"
x-amz-version-id
Ya49LhJrKGAIP6Qw89TAuKeSk1sdxOSw
age
90
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires
Fri, 27 Sep 2024 07:04:34 GMT
x-evy-trace-listener
listener_https
date
Fri, 27 Sep 2024 07:01:04 GMT
x-hubspot-correlation-id
38a165ee-b0bd-4d77-9413-7530d159c578
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 20 Aug 2024 13:33:07 GMT
vary
origin, Accept-Encoding
x-amz-id-2
WX9AG8cWAWGzLYv5AK/snAN/A098pBBkJco7Cy1wzglxDmao0V4YHqgfnJiYS4q8f9a8RTB4Xoc=
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
timing-allow-origin
*
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-gfff7
x-envoy-upstream-service-time
33
access-control-allow-credentials
true
x-amz-request-id
KXNX0HJFQ571WJXB
cf-ray
8c999eceabcf9237-FRA
access-control-allow-origin
https://trivy.dev
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-amz-server-side-encryption
AES256
web-interactives-embed.js
js.hubspot.com/
83 KB
25 KB
Script
General
Full URL
https://js.hubspot.com/web-interactives-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1665891.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
059b77025c02623999e7524b737287072bd2dbb42c1652f70a4020338b1e5f21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.aquasec.com
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

x-request-id
a743358b-df1f-44ba-87cc-39eedeb47c97
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
7DwgQA9YoOwDB6Raj9_RIwKNzf1Sd5R0
etag
W/"edf91c1320ba2916398ed791b63187bc"
age
561
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FO42Eq%2BR2x0xDAXlUtbHp9l2Xyo3l7DCasJb7f72LmmSPY%2FvQgGFqZQA2XnQ9Uj8CgMwa8SPd%2FA6iMN%2FoO55Xgk7z7HgbU%2FAfKmvnjGZ3nJyZphkYW8qPIO7iORXmT6SQVC%2BuRbXSBEYaySa"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
ImdIMnUE4iftd2nvw7pMsc6Vs1MPoCYn0idN8J_Ib0--q11JuHfMHg==
x-hubspot-correlation-id
a743358b-df1f-44ba-87cc-39eedeb47c97
content-type
application/javascript; charset=utf-8
last-modified
Wed, 28 Aug 2024 20:01:26 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-6c6dd6864-2cd9q
x-envoy-upstream-service-time
9
x-hs-target-asset
web-interactives-embed/static-2.1426/bundles/project.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET
x-hs-cache-status
MISS
date
Fri, 27 Sep 2024 07:01:04 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1426/bundles/project.js&cfRay=8c99911c18609927-FRA
via
1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
cf-ray
8c999eceae73d294-FRA
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD12-P3
conversations-embed.js
js.usemessages.com/
89 KB
26 KB
Script
General
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1665891.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c1a897ff5cd65689bc00765a26509b5815873afbe32ce7be33f80cfcba35fcb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

x-evy-trace-virtual-host
all
x-request-id
f26cfd4f-0dfb-4912-bfae-85810484aa67
content-encoding
gzip
cf-cache-status
HIT
etag
W/"e12fd1a05aa7be2b2e4c8ff50e7cb56d"
x-amz-version-id
KEYEKh3SOKh2r8pezHQCyJb9PWnhzti.
age
328
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-hs-cache-status
HIT
x-amz-cf-id
7e6rF21rfPI2jKCJX78RNYbFjGX-SnhVWSrDAnmE0UTMiiS_zbYv3Q==
date
Fri, 27 Sep 2024 07:01:04 GMT
x-hubspot-correlation-id
f26cfd4f-0dfb-4912-bfae-85810484aa67
content-type
application/javascript; charset=utf-8
last-modified
Wed, 18 Sep 2024 20:04:50 UTC
vary
Accept-Encoding
x-evy-trace-listener
listener_https
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-6c6dd6864-5xwsz
x-envoy-upstream-service-time
2
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18050/bundles/project.js&cfRay=8c9996caabd34d44-FRA
via
1.1 24eb88cb96b9676eb6757c142361d0e2.cloudfront.net (CloudFront)
cf-ray
8c999ecebe853a88-FRA
x-evy-trace-route-configuration
listener_https/all
x-hs-target-asset
conversations-embed/static-1.18050/bundles/project.js
x-amz-cf-pop
IAD55-P7
server
cloudflare
x-amz-server-side-encryption
AES256
1665891.js
js.hs-analytics.net/analytics/1727420100000/
73 KB
25 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1727420100000/1665891.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1665891.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157354e94547e6316ceb08ddc0a7c96bab2787cb59d2b03554debd7ecfc137b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

x-amz-server-side-encryption
AES256
x-request-id
37f9ff78-d8dc-497b-b438-96552ae3b700
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"2afede1c4bb19715acbeb67233c91296"
x-amz-version-id
null
expires
Fri, 27 Sep 2024 07:06:04 GMT
x-evy-trace-listener
listener_https
date
Fri, 27 Sep 2024 07:01:04 GMT
x-hubspot-correlation-id
37f9ff78-d8dc-497b-b438-96552ae3b700
content-type
text/javascript
last-modified
Tue, 24 Sep 2024 15:13:34 GMT
vary
origin, Accept-Encoding
x-amz-id-2
l1b99a48DBb1YmcvD4Sxv0D9UFWMq8FcG6O98K3yjViG7HkdOswvYnrhih9dfLyUOCCJKDvEVIs=
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-75d7846cb8-sxg68
x-envoy-upstream-service-time
29
access-control-allow-credentials
false
x-amz-request-id
A687E28JGVM7688D
cf-ray
8c999ecea9a2d260-FRA
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
25111106.js
bat.bing.com/p/action/
369 B
425 B
Script
General
Full URL
https://bat.bing.com/p/action/25111106.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1436939ed29c528098b948903ff835b1f1066a45afc277c43053a25964d1761c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2EAA9E2E166342788341D1ACF62646C1 Ref B: LON212050701007 Ref C: 2024-09-27T07:01:04Z
x-cache
CONFIG_NOCACHE
date
Fri, 27 Sep 2024 07:01:03 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
0
bat.bing.com/action/
0
288 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=25111106&tm=gtm002&Ver=2&mid=bd0f9d96-71ce-40db-afe7-02256de03f93&sid=431913407c9e11efbdba8709b586fddf&vid=431914607c9e11ef892f87fb8b2977ec&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Fileless%20Malware%20Executing%20in%20Containers%20-%20Aqua&p=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F&r=&lt=1440&evt=pageLoad&sv=1&cdb=AQcT&rn=767312
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2AEAA1E6AD554BEE9BD5E79168DCAD3A Ref B: LON212050701007 Ref C: 2024-09-27T07:01:04Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Fri, 27 Sep 2024 07:01:03 GMT
CFLE0qwg.json
cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/config/
33 KB
6 KB
Fetch
General
Full URL
https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/config/CFLE0qwg.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9af783cfb871f60af5a9d73aea069176cb0454673ffd3710db7b395dd1c0745

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
W/"84dd-622a420c8f167"
age
458484
access-control-allow-methods
GET, OPTIONS
cf-ray
8c999ecefeeb1e6c-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
last-modified
Sat, 21 Sep 2024 17:03:00 GMT
public
api.hubspot.com/livechat-public/v1/message/
3 KB
3 KB
XHR
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=1665891&conversations-embed=static-1.18050&mobile=false&messagesUtk=203a309de52944cb878563d5f26a292f&traceId=203a309de52944cb878563d5f26a292f
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d69ee198ad4832a4a2068ec2cbc2077e2b98c3ac5e944b626f73447f49ea574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
X-HubSpot-Messages-Uri
https://www.aquasec.com/blog/fileless-malware-container-security/
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

x-request-id
6066d014-fefa-42d3-8883-0a35c020cc22
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2B4UmfrK6FHpzuwVy08hUolZn7xqFcOAp0XUqtWsMfcts%2BixPYuRjkpnA31DpetYAcVKsA0Gu2FNJ0J2bh5oIZRl5Q%2FVsjaukwUeCuSMKkt3sk2Lkum7OM1t%2Bf776Br2bsK6dFvB9guNB5jO4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
date
Fri, 27 Sep 2024 07:01:04 GMT
x-hubspot-correlation-id
6066d014-fefa-42d3-8883-0a35c020cc22
content-type
application/json;charset=utf-8
vary
origin, Accept-Encoding
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-7b8c5dd88-k2cwl
x-envoy-upstream-service-time
211
access-control-allow-credentials
false
cf-ray
8c999ed00a29d294-FRA
access-control-allow-origin
https://www.aquasec.com
x-evy-trace-route-configuration
listener_https/all
content-length
1689
server
cloudflare
x-evy-trace-virtual-host
all
public
api.hubspot.com/livechat-public/v1/message/ Frame
0
0
Preflight
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=1665891&conversations-embed=static-1.18050&mobile=false&messagesUtk=203a309de52944cb878563d5f26a292f&traceId=203a309de52944cb878563d5f26a292f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://www.aquasec.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.aquasec.com
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8c999ecf2fa2d294-FRA
content-length
18
content-type
text/plain; charset=utf-8
date
Fri, 27 Sep 2024 07:01:04 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PpoEBl7NREA%2BvuBxzbrpg2VwZxEDHtwA91D0nNDPLbCe1X0W2AtUNive7vKyIluwNP6gzhlJ6xyVUF7cM3Cku%2FIZK%2BKF7ldXSUaEpBuSBYHO5kT3FSldfomf2uUTa2izkWYBkHASNMsL44bvlA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
6
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-7b8c5dd88-clsjm
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
e9a8c130-0a95-4ab6-9970-cc20f6721036
x-request-id
e9a8c130-0a95-4ab6-9970-cc20f6721036
dJF91OAF.json
cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/translations/
2 KB
856 B
Fetch
General
Full URL
https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/translations/dJF91OAF.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52bd0f23fdf9fec10087ec823dab8717d7e0205f1056a6cbb91ab1ed92f73b1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
W/"73c-622a420c8f167"
age
458484
access-control-allow-methods
GET, OPTIONS
cf-ray
8c999ecf1f191e6c-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
last-modified
Sat, 21 Sep 2024 17:03:00 GMT
xw9bYCs6.json
cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/audit-table/
17 KB
5 KB
Fetch
General
Full URL
https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/audit-table/xw9bYCs6.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/5bcdbce45953e61e74b8da56/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60af6b329a6c839f095957a4eb22fdd9f25cab299091dd19e3c7a7f9d377e61c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
W/"4577-622a420c8e1c7"
age
458484
access-control-allow-methods
GET, OPTIONS
cf-ray
8c999ecf5f5f1e6c-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
last-modified
Sat, 21 Sep 2024 17:03:00 GMT
/
px.ads.linkedin.com/wa/
0
195 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.aquasec.com/blog/fileless-malware-container-security/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B0A7D2337A7845D6AD4CF95B694B47A4 Ref B: FRAEDGE1920 Ref C: 2024-09-27T07:01:04Z
x-li-fabric
prod-lva1
access-control-allow-credentials
true
x-li-uuid
AAYjFGsra+qlnhzIVY6o2Q==
x-li-proto
http/2
access-control-allow-origin
https://www.aquasec.com
x-cache
CONFIG_NOCACHE
date
Fri, 27 Sep 2024 07:01:03 GMT
vary
Origin
close.svg
cdn-cookieyes.com/assets/images/
1 KB
773 B
Image
General
Full URL
https://cdn-cookieyes.com/assets/images/close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=0, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
W/"541-5da3a66c769d4"
age
334158
cf-ray
8c999ecf78084d40-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
last-modified
Tue, 15 Mar 2022 04:40:50 GMT
poweredbtcky.svg
cdn-cookieyes.com/assets/images/
4 KB
2 KB
Image
General
Full URL
https://cdn-cookieyes.com/assets/images/poweredbtcky.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
max-age=0, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
W/"eb2-5da3a68c50d09"
age
334157
cf-ray
8c999ecf78094d40-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
last-modified
Tue, 15 Mar 2022 04:41:24 GMT
log
log.cookieyes.com/api/v1/
2 B
218 B
Ping
General
Full URL
https://log.cookieyes.com/api/v1/log
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/cache/min/1/client_data/5bcdbce45953e61e74b8da56/script.js?ver=1727085361
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.7.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-7-148.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryKjEL3g2IpBpfBlBA
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

x-robots-tag
noindex, nofollow
link
<https://www.cookieyes.com>; rel="canonical"
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-origin
*
content-length
2
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
text/plain; charset=utf-8
x-powered-by
Express
0
bat.bing.com/actionp/
0
237 B
Ping
General
Full URL
https://bat.bing.com/actionp/0?ti=25111106&tm=gtm002&Ver=2&mid=bd0f9d96-71ce-40db-afe7-02256de03f93&sid=431913407c9e11efbdba8709b586fddf&vid=431914607c9e11ef892f87fb8b2977ec&vids=1&msclkid=N&evt=gtmConsent&gasc=D
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 175B1832256F428E9B36427F4F8075F5 Ref B: LON212050701007 Ref C: 2024-09-27T07:01:04Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Fri, 27 Sep 2024 07:01:03 GMT
admin-ajax.php
www.aquasec.com/wp-admin/
300 B
548 B
Fetch
General
Full URL
https://www.aquasec.com/wp-admin/admin-ajax.php
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/wp-content/plugins/wp-rocket/assets/js/wpr-beacon.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
92edb05c5de4b052658546b833f7c8a72a6f8a8bc8cb5b53d0056c644663e3f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

wpr-saas-no-intercept
true
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryBsjGXaxtHVTygmCp

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
date
Fri, 27 Sep 2024 07:01:04 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c999ed06c5630e4-FRA
access-control-allow-origin
https://www.aquasec.com
x-powered-by
WP Engine
server
cloudflare
trends.min.js
assets.trendemon.com/tag/
301 KB
60 KB
Script
General
Full URL
https://assets.trendemon.com/tag/trends.min.js
Requested by
Host: www.aquasec.com
URL: https://www.aquasec.com/blog/fileless-malware-container-security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:4600:2:7dc7:8f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2408c002d9aa33f835f3d468e5ace993a1c12f6a0c09b4023b633387d5d7fff3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
"7226ef628fcaea5dad96b32f975afb3a"
age
65043
via
1.1 cce339e34372cea758a4181fcf4e7c14.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
61290
x-amz-cf-id
zjUiD8wRbV_JEY24eGC2z6YgYxBcU8ecaZq4WesU3aQEVaRzytzRcA==
date
Thu, 26 Sep 2024 13:10:19 GMT
content-type
application/javascript
last-modified
Mon, 23 Sep 2024 13:58:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
x-amz-server-side-encryption
AES256
__ptq.gif
track.hubspot.com/
45 B
1 KB
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=90950173&v=1.1&a=1665891&rcu=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F&pu=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F&t=Fileless+Malware+Executing+in+Containers+-+Aqua&cts=1727420464742&vi=0dd7dd24813202de840cfaed97bdd7af&nc=true&u=207889101.0dd7dd24813202de840cfaed97bdd7af.1727420464740.1727420464740.1727420464740.1&b=207889101.1.1727420464740&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

x-robots-tag
none
x-request-id
cd459663-f301-440b-864c-b9780a08efb9
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vh6MYmVOfnPnlD3zwA1NtjWMvmFKaN1vO6v%2FeVMWVnKwGBCAJDZYrM4U09NXL%2FWdJz%2FMdg6ncZovp6svYtgiIvnrEI7unoNvrYe%2BGAugb46pCxP1ausaQrTZV6NKx%2BT%2FZCPU9bh1DXLZ9Gfgr6D5"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Fri, 27 Sep 2024 07:01:04 GMT
x-hubspot-correlation-id
cd459663-f301-440b-864c-b9780a08efb9
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-689db97f95-d7nqs
x-envoy-upstream-service-time
6
access-control-allow-credentials
false
cf-ray
8c999ed0d9b09f29-FRA
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
1810
trackingapi.trendemon.com/api/settings/
758 B
897 B
Script
General
Full URL
https://trackingapi.trendemon.com/api/settings/1810?callback=jsonp65855&vid=
Requested by
Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.206.10.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-10-42.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
a4839ed644aab7e03d85db49c604276afdedceab6bafe6ca10215ea675a54ae8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
no-store,no-cache
content-length
758
date
Fri, 27 Sep 2024 07:01:05 GMT
pragma
no-cache
content-type
application/x-javascript; charset=UTF-8
server
Kestrel
203a309de52944cb878563d5f26a292f
app.hubspot.com/conversations-visitor/1665891/threads/utk/ Frame C27C
0
0
Document
General
Full URL
https://app.hubspot.com/conversations-visitor/1665891/threads/utk/203a309de52944cb878563d5f26a292f?uuid=34d13dfe22c643af9536205f52940161&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=aquasec.com&inApp53=false&messagesUtk=203a309de52944cb878563d5f26a292f&url=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

Referer
https://www.aquasec.com/blog/fileless-malware-container-security/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
age
587
cache-control
max-age=600
cache-tag
staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status
DYNAMIC
cf-ray
8c999ed2fb49366c-FRA
content-encoding
gzip
content-security-policy-report-only
script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.20499/html/index.html&cfRay=8c999ed2fb49366c&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F1665891%2Fthreads%2Futk%2F203a309de52944cb878563d5f26a292f%3Fuuid%3D34d13dfe22c643af9536205f52940161%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Daquasec.com%26inApp53%3Dfalse%26messagesUtk%3D203a309de52944cb878563d5f26a292f%26url%3Dhttps%253A%252F%252Fwww.aquasec.com%252Fblog%252Ffileless-malware-container-security%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue%26isIOSMobile%3Dfalse&referrer=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F&cfenv=prod&pdt=2024-09-27&csp=ro
content-type
text/html; charset=utf-8
date
Fri, 27 Sep 2024 07:01:05 GMT
etag
W/"e967228bf90279ca3cb035c7603091be"
last-modified
Wed, 18 Sep 2024 20:04:50 UTC
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=8c999ed2fb49366c&resource=conversations-visitor-ui/static-1.20499/html/index.html"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
via
1.1 5afe13d9a6dd513ea0054947fa28dc18.cloudfront.net (CloudFront)
x-amz-cf-id
PBzEDExwUY_a27WzWn3vKXjCoa45_LOOsWbV8t1rupQGzAan4j2HDA==
x-amz-cf-pop
IAD55-P7
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
jiqWcZdhD11PqOiXKimMrLDqZXUZ0zkG
x-cache
Hit from cloudfront
x-content-type-options
no-sniff
x-envoy-upstream-service-time
8
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-6c6dd6864-xnv54
x-evy-trace-virtual-host
all
x-hs-cache-status
MISS
x-hs-target-asset
conversations-visitor-ui/static-1.20499/html/index.html
x-hs-worker-debug-mode
false
x-hubspot-correlation-id
bf03f715-42ca-42cb-a7e0-6eba3b2d042c
x-request-id
bf03f715-42ca-42cb-a7e0-6eba3b2d042c
www.aquasec.com.json
script.crazyegg.com/pages/data-scripts/0082/9110/site/
23 KB
5 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0082/9110/site/www.aquasec.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0082/9110.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6ba9121147fce7e25f6f6d346c01b85213415bd030e1f9ae9c26ffb77594b33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
content-encoding
gzip
cf-cache-status
MISS
cf-ray
8c999ed26d548ec7-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
4628
date
Fri, 27 Sep 2024 07:01:05 GMT
ce-version
11.5.286
content-type
application/json
last-modified
Fri, 27 Sep 2024 07:01:05 GMT
vary
Accept-Encoding
server
cloudflare
identity.min.js
assets.trendemon.com/global/
18 KB
6 KB
Script
General
Full URL
https://assets.trendemon.com/global/identity.min.js
Requested by
Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:4600:2:7dc7:8f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1220bdf087a7b3b0f068e1dc2422c361ef11cf999ff8ea343573d9e5a7c19bdc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

x-amz-cf-pop
FRA60-P7
content-encoding
gzip
etag
W/"3f44b799c727cbac65d90f0779b8eb4e"
age
61280
via
1.1 cce339e34372cea758a4181fcf4e7c14.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
8jrTmxIfxlt5bV0BU4rP_nk1NgTHXjXqt2M0qzNrPDy9q6OeJFSihA==
date
Thu, 26 Sep 2024 14:03:37 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Mon, 23 Sep 2024 13:58:46 GMT
x-amz-server-side-encryption
AES256
me
trackingapi.trendemon.com/api/Identity/
94 B
507 B
Script
General
Full URL
https://trackingapi.trendemon.com/api/Identity/me?accountId=1810&DomainCookie=17274204652555314&fingerPrint=b305d10aa1c13e61623d3f6a78ee1f6f&callback=jsonp759107&vid=
Requested by
Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.206.10.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-10-42.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
4d9f646ea879210b27138b78cdf90440373fd6564ab5c4d4ec2f631283512cb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
no-store,no-cache
content-length
94
date
Fri, 27 Sep 2024 07:01:05 GMT
pragma
no-cache
content-type
application/x-javascript; charset=UTF-8
server
Kestrel
77e0e5b3eaafb9598d84738ee0f866ec.js
script.crazyegg.com/pages/versioned/common-scripts/
103 KB
35 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/77e0e5b3eaafb9598d84738ee0f866ec.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0082/9110.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc3175e277f0f116e9d83d1e6e34f21bc7712208dd1bd99bdba78db50f9c6182

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
content-encoding
gzip
cf-bgj
minify
cf-cache-status
HIT
age
50648
cf-ray
8c999ed55b9935fa-FRA
cf-polished
origSize=105436
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:05 GMT
content-type
text/javascript
last-modified
Mon, 23 Sep 2024 17:02:13 GMT
vary
Accept-Encoding
server
cloudflare
marketingautomation
trackingapi.trendemon.com/api/
94 B
231 B
Script
General
Full URL
https://trackingapi.trendemon.com/api/marketingautomation?AccountId=1810&ClientUrl=aHR0cHM6Ly93d3cuYXF1YXNlYy5jb20vYmxvZy9maWxlbGVzcy1tYWx3YXJlLWNvbnRhaW5lci1zZWN1cml0eS8%3D&CookieId=17274204652555314&MaCookie=MGRkN2RkMjQ4MTMyMDJkZTg0MGNmYWVkOTdiZGQ3YWY%3D&MaCookieName=aHVic3BvdHV0aw%3D%3D&MaName=hubspot&callback=jsonp476290&vid=1810:17274204652555314
Requested by
Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.206.10.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-10-42.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
d2901282a1308024e794b50a1e59875e01718600ec140a5f3a6d4446f8fd1f0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
no-store,no-cache
content-length
94
date
Fri, 27 Sep 2024 07:01:05 GMT
pragma
no-cache
content-type
application/x-javascript; charset=UTF-8
server
Kestrel
ace-campaign
trackingapi.trendemon.com/api/experience/
17 B
116 B
Script
General
Full URL
https://trackingapi.trendemon.com/api/experience/ace-campaign?AccountId=1810&ClientUrl=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F&Referral=&callback=jsonp496451&vid=1810:17274204652555314
Requested by
Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.206.10.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-10-42.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
e4c6bf212dac691ff495578723546436b159ec86b0f69978eb481420189aaa6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

content-length
17
date
Fri, 27 Sep 2024 07:01:05 GMT
content-type
application/x-javascript; charset=UTF-8
server
Kestrel
www.aquasec.com.json
script.crazyegg.com/pages/data-scripts/0082/9110/sampling/
158 B
339 B
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0082/9110/sampling/www.aquasec.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/77e0e5b3eaafb9598d84738ee0f866ec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55305fdddb7fd64a877ea127788ddf30285d6a7add63ea7394f8df2f85ff4c19

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
content-encoding
gzip
cf-cache-status
MISS
cf-ray
8c999ed5c9a68ec7-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
149
date
Fri, 27 Sep 2024 07:01:05 GMT
ce-version
11.5.286
content-type
application/json
last-modified
Fri, 27 Sep 2024 07:01:05 GMT
vary
Accept-Encoding
server
cloudflare
pageview
trackingapi.trendemon.com/api/events/
43 B
234 B
Image
General
Full URL
https://trackingapi.trendemon.com/api/events/pageview?accountId=1810&url=aHR0cHM6Ly93d3cuYXF1YXNlYy5jb20vYmxvZy9maWxlbGVzcy1tYWx3YXJlLWNvbnRhaW5lci1zZWN1cml0eS8%3D&cookie=17274204652555314&referral=&variant=&otwId=&otwItemId=&streamId=&streamContentId=&vid=1810:17274204652555314&r=1727420465633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.206.10.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-10-42.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
age
1691358
expires
Mon, 01 Jan 1990 00:00:00 GMT
content-length
43
date
Fri, 27 Sep 2024 07:01:05 GMT
content-type
image/gif
server
Kestrel
clock
tracking.crazyegg.com/
40 B
147 B
XHR
General
Full URL
https://tracking.crazyegg.com/clock?t=1&tk=7275d2dfbee8b83b8cd904fd3328187b&u=829110&s=328806&p=%2Fblog%2Ffileless-malware-container-security%2F&v=4d9b5f081e5fdb58c3058182f0d4bc449d53ad49&f=aquasec.com%2Fblog%2Ffileless-malware-container-security&ul=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/77e0e5b3eaafb9598d84738ee0f866ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.31.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-31-162.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
7c47a53595d995144b4371a10cc21a1f1edde7e7b042e364a0b3bc87672b0478

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
no-store
access-control-allow-origin
*
content-length
40
date
Fri, 27 Sep 2024 07:01:06 GMT
content-type
text/plain
server
awselb/2.0
healthcheck
pagestates-tracking.crazyegg.com/
19 B
462 B
XHR
General
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/77e0e5b3eaafb9598d84738ee0f866ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

access-control-max-age
31536000
access-control-expose-headers
Access-Control-Allow-Origin
etag
"d06f04fccf68d0b228a5923187ce1afd"
age
710259
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
6w0eBS2EMLagYH51hsfMN0CyO3vvPNR6VAVjJ1OZMnN5yvvZAYBQPA==
date
Thu, 19 Sep 2024 01:43:28 GMT
content-type
application/json
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
via
1.1 ab85f05f60638addab7913cfb252c99a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
19
x-amz-cf-pop
FRA60-P10
server
AmazonS3
healthcheck
assets-tracking.crazyegg.com/
19 B
461 B
XHR
General
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/77e0e5b3eaafb9598d84738ee0f866ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

access-control-max-age
31536000
access-control-expose-headers
Access-Control-Allow-Origin
etag
"d06f04fccf68d0b228a5923187ce1afd"
age
24385058
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
GgeiX11j78HT8myvcN_qnEpH_DM4W-eKIAv_27Bfuf5SmUCc0KG6lQ==
date
Wed, 20 Dec 2023 01:23:29 GMT
content-type
application/json
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
19
x-amz-cf-pop
FRA60-P2
server
AmazonS3
personal
trackingapi.trendemon.com/api/experience/
4 KB
4 KB
Script
General
Full URL
https://trackingapi.trendemon.com/api/experience/personal?AccountId=1810&ClientUrl=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F&MarketingAutomationCookie=0dd7dd24813202de840cfaed97bdd7af&ExcludeUnitsJson=%5B%5D&streamId=&callback=jsonp659166&vid=1810:17274204652555314
Requested by
Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.206.10.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-10-42.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
dad92db2eba4b5cc8fb9988d055dfb862d9417a3902f7b3c35b78e91eb082d13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

content-length
3684
date
Fri, 27 Sep 2024 07:01:06 GMT
content-type
application/x-javascript; charset=UTF-8
server
Kestrel
a7ca6002-4a9a-4a5a-aba0-7291e54d21a0
https://www.aquasec.com/ Frame
0
0

closex.png
pic.trendemon.com/images/
386 B
848 B
Image
General
Full URL
https://pic.trendemon.com/images/closex.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3a58e45ccfffece1df8e470fd853a81321e4f78f6af8d22e78310da1380f7d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

ETag
"7da2ae17c3b671047838f7b78687a56f"
Age
21305
Connection
keep-alive
Via
1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
386
X-Amz-Cf-Id
YjlXM6EZkT0d1Sy4wtIwitzSeoeY3ZJaCyfPnMKZD2AypO121DEiCA==
Date
Fri, 27 Sep 2024 01:10:15 GMT
Content-Type
image/png
Last-Modified
Tue, 16 Apr 2019 23:23:30 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C1
48fb5567ff6cef94f4758f0f1e02fa79.jpg
pic.trendemon.com/tasks_logo/1810/
73 KB
74 KB
Image
General
Full URL
https://pic.trendemon.com/tasks_logo/1810/48fb5567ff6cef94f4758f0f1e02fa79.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b21db0f6133f034b0e4ba0dd19681dcd261d8da3cd7e5ad9466b4bcf92fd6f8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

ETag
"d73787d74e9842e5e76b2e411e450f23"
Age
5352
Connection
keep-alive
Via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
75258
X-Amz-Cf-Id
v22V0nVdRMmh4yaJX3gP40TkyOtQboz9-myiPqlnKlCHIKALi3Px8A==
Date
Fri, 27 Sep 2024 06:33:19 GMT
Content-Type
image/jpeg
Last-Modified
Sun, 18 Sep 2022 10:31:25 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C1
x-amz-server-side-encryption
AES256
personal-embedded
trackingapi.trendemon.com/api/experience/
4 KB
4 KB
Script
General
Full URL
https://trackingapi.trendemon.com/api/experience/personal-embedded?AccountId=1810&ClientUrl=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F&MarketingAutomationCookie=0dd7dd24813202de840cfaed97bdd7af&Ids=%5B%22ac25252f-46f9-4952-bdc4-33b23e371131%22%2C%22c1b5dcad-43be-4cfe-ba26-4b44aca4d54f%22%5D&Groups=%5B%5D&StreamId=&callback=jsonp881760&vid=1810:17274204652555314
Requested by
Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.206.10.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-10-42.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
880ded3caa66b5ed11ba25dad123702d18e1da63a74df5fde46b720fe15b44b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

content-length
3854
date
Fri, 27 Sep 2024 07:01:06 GMT
content-type
application/x-javascript; charset=UTF-8
server
Kestrel
e18546a0-7b05-4687-b1c7-39839f701d71
https://www.aquasec.com/ Frame
0
0

ca6be1649b2c6bd5aa79ebaa229fa676.js
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/
20 KB
8 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ca6be1649b2c6bd5aa79ebaa229fa676.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0082/9110.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7701282ea59743a1d336ee5ede4e6805ca9572c28ad013fa956fb39f18de0d69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
content-encoding
gzip
cf-bgj
minify
cf-cache-status
HIT
age
50652
cf-ray
8c999eda48b135fa-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:06 GMT
content-type
text/javascript
last-modified
Wed, 25 Sep 2024 18:34:31 GMT
vary
Accept-Encoding
server
cloudflare
v2.js
js.hsforms.net/forms/
483 KB
156 KB
Script
General
Full URL
https://js.hsforms.net/forms/v2.js
Requested by
Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:8e77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f9f19bd433b1317c2e2adf4b0d99a7655e6d878b35a970a5311227c6ad0a04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

x-request-id
c22bd25c-713f-4b96-b371-3d8b54688f24
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6baa082bb753a0d6d6e8a595ed1a8003"
x-amz-version-id
AFaf8mWb39Qooe1K5qzICbDOfESNQB7s
age
440
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B7WzM%2BfrNGUMjoi0qPyLpioKOlHApuIs3fqyGQjP46SPbZqD%2Bsr72h8jNexIXGQCMy5OeIvEZjsJQ9PYKKorFsKHjfrIybGSkxBTvWT5q3dtrTrPWb%2BdWf5NbnKcjxGb8ZfRuOUDgX7c93Hz"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
87KxgTg_f1kFBYt_AQOSJg5R-U4zLsJCo8W7znIy0fGK-RWLbFoWUg==
x-hubspot-correlation-id
c22bd25c-713f-4b96-b371-3d8b54688f24
content-type
application/javascript; charset=utf-8
last-modified
Tue, 03 Sep 2024 14:36:36 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-6c6dd6864-rhwxs
x-envoy-upstream-service-time
2
x-hs-target-asset
forms-embed/static-1.5999/bundles/project-v2.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
x-hs-cache-status
HIT
date
Fri, 27 Sep 2024 07:01:06 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5999/bundles/project-v2.js&cfRay=8c99941d0d139b3a-FRA
via
1.1 7375f2360b80ec8c602f04aa2cc7a57c.cloudfront.net (CloudFront)
cf-ray
8c999edadf289753-FRA
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD12-P3
267f47b5bca6bd04d265b1d5a12616e9.jpg
pic.trendemon.com/tasks_logo/1810/
42 KB
42 KB
Image
General
Full URL
https://pic.trendemon.com/tasks_logo/1810/267f47b5bca6bd04d265b1d5a12616e9.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d80634ff7b299a4822da649b251cb016fff11be494a512d88d105f94da2b9657

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

ETag
"f3aedf5521f5f14daef08144bd2e1f13"
Age
253
Connection
keep-alive
Via
1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
42917
X-Amz-Cf-Id
-i19icf7jaw-6OZ9QeJSTtxeBSyIFK58-NkNGhY9R89-O_ldABF8PA==
Date
Fri, 27 Sep 2024 07:01:06 GMT
Content-Type
image/jpeg
Last-Modified
Thu, 18 Jan 2024 13:09:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C1
x-amz-server-side-encryption
AES256
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D2G99SQ9HG&gtm=45je49p0v875778671z871822536za200zb71822536&_p=1727420464025&gcs=G100&gcd=13m3mPm2m5l1&npa=1&dma_cps=-&dma=1&tag_exp=101671035~101686684~101747727&gdid=dY2Q2ZW&cid=1140940653.1727420466&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=2&sid=1727420466&sct=1&seg=0&dl=https%3A%2F%2Fwww.aquasec.com%2Fblog%2Ffileless-malware-container-security%2F&dt=Fileless%20Malware%20Executing%20in%20Containers%20-%20Aqua&en=trendemon_load&_fv=1&_nsi=1&_ss=1&ep.content_group=Blog%20new&ep.unitName=Aqua%20CNAPP%20representative%20Gartner%20Report&tfd=3553
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D2G99SQ9HG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.aquasec.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 07:01:06 GMT
content-type
text/plain
server
Golfe2
uplift
trackingapi.trendemon.com/api/events/
43 B
234 B
Image
General
Full URL
https://trackingapi.trendemon.com/api/events/uplift?AccountId=1810&Cookie=17274204652555314&Url=aHR0cHM6Ly93d3cuYXF1YXNlYy5jb20vYmxvZy9maWxlbGVzcy1tYWx3YXJlLWNvbnRhaW5lci1zZWN1cml0eS8%3D&EventType=GENERIC_UNIT_LOAD&CtaId=117420&Widget=true&InAbTest=false&UnitTypeId=0&StreamId=&vid=1810:17274204652555314&r=1727420466316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.206.10.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-10-42.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
age
1691358
expires
Mon, 01 Jan 1990 00:00:00 GMT
content-length
43
date
Fri, 27 Sep 2024 07:01:06 GMT
content-type
image/gif
server
Kestrel
65ff539103e871b8b1321dad37bcb0ea.js
script.crazyegg.com/pages/versioned/tracking-scripts/
95 KB
31 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/tracking-scripts/65ff539103e871b8b1321dad37bcb0ea.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0082/9110.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
270ae4a1e48f8511fca03917a94c938b0833268f80d193690025cb9e91975f3c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.aquasec.com/blog/fileless-malware-container-security/

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
content-encoding
gzip
cf-bgj
minify
cf-cache-status
HIT
age
50653
cf-ray
8c999edab92135fa-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 07:01:06 GMT
content-type
text/javascript
last-modified
Fri, 20 Sep 2024 21:52:44 GMT
vary
Accept-Encoding
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.aquasec.com
URL
blob:https://www.aquasec.com/a7ca6002-4a9a-4a5a-aba0-7291e54d21a0
Domain
www.aquasec.com
URL
blob:https://www.aquasec.com/e18546a0-7b05-4687-b1c7-39839f701d71

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| cookieyes function| jQuery function| ScrollMagic object| dataLayer function| $jnv1 function| $j_st_social function| $jdl1 object| lazyLoadOptions object| rocket_beacon_data boolean| $search_first_load boolean| $wiki_search_first_load string| tooltip_title function| LazyLoad object| regeneratorRuntime function| revisitCkyConsent function| performBannerAction function| getCkyConsent object| google_tag_manager object| google_tag_data string| _linkedin_data_partner_id number| TRD_ACC_ID object| images boolean| is_image object| iframes object| rocket_lazy function| lintrk boolean| _already_called_lintrk function| onYouTubeIframeAPIReady object| gaGlobal object| _hsp function| UET function| UET_init function| UET_push object| ueto_8baa43a9dc object| uetq object| _hsq object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| hsCallsToActionsReady object| __hsWebInteractiveInstance boolean| _hspb_ran boolean| _hspb_loaded boolean| hubspot_live_messages_running object| HubSpotConversations object| ORIBILI function| sanitizeKey boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hstc_loaded function| $Trd_Base64 function| $Trd_i18n function| __awaiter function| __generator function| $Trd_Utils function| $Trd_Tools function| RecordsService function| __extends function| $Trd_UserPageHistory_Cook object| enRenderModes object| $Trd_InternalEventsTypes object| $Trd_TriggersEventsTypes function| mapBackendTriggers function| $Trd_Context function| $Trd_EnvironmentSettings function| $Trd_ClientCookie function| $Trd_CtaClientCookie function| $Trd_ButtonSelector object| Frequency object| UnitVisibiltyType object| UnitTypeId object| AceVariantType object| AceElementAction object| AceElementAddPosition object| AceElementAddType object| ElementReplaceType object| AceImageReplaceMode object| AceImageObjectFit object| CssSizeUnits object| AceTextAlign object| AcePosition object| AceElementDisplay object| AceBackgroundImageFit object| StreamContentType object| StreamContentDesktopPosition object| StreamContentThumbnailType object| StreamLayoutAutoLoadTrigger function| $Trd_Logger object| COOKIE_NAMES function| $Trd_Visitor string| LOCAL_STORAGE_ITEM_NAME function| $Trd_FormListener function| $Trd_UrlGrabber function| $Trd_Events function| $Trd_Pageview string| $TRD_MA_COOKIE_NAME object| $TRD_MA_COOKIE_NAME_MAP function| $Trd_MarketingAutomation function| $TRD_CtaComponent function| $TRD_CtaContentComponent function| $TRD_GenericLayoutComponent function| $TRD_FormLayoutComponent function| $TRD_RecommendationLayoutComponent function| $TRD_RecommendCarouselLayoutComponent function| $TRD_GenericScriptComponent function| $TRD_FastTextLayoutComponent function| __assign function| __spreadArray function| $Trd_StreamManager function| $TRD_SurveyLayoutComponent number| COOLOFF_DAYS_AFTER_CLOSE number| COOLOFF_MS_AFTER_CLOSE function| $Trd_ExperienceManager function| $TRD_ClientAppFactory function| $TRD_ClientApp function| $TRD_ClientAppDrift function| $TRD_ClientAppSixSense object| trdContext function| $Trd_AceManager string| TRD_HIDER_STYLE_ID function| $Trd_NApi object| TrendemonContext object| $trd_Context object| trd_api boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| IdentityConfig function| $Trd_Identity string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| CE_API object| hubspot object| HubSpotForms object| hbspt object| hsFormsOnReady

30 Cookies

Domain/Path Name / Value
.blog.aquasec.com/ Name: __cf_bm
Value: lNh62iBx61lOwEooCbmCZWpJwEuu56dl3RyzdbLhd6E-1727420462-1.0.1.1-J2zdReoH0ZmS5MN7xvZ3o_QG6WSkcqoSCoJ0AVVw8lCMrGeYded8BGavjl7XGSjn9cYb0HL3Xa3rxlZnKpF1Sw
.blog.aquasec.com/ Name: __cfruid
Value: 3a59258ebb2df86e791a2b524dbcda2db9cc2877-1727420462
.linkedin.com/ Name: bcookie
Value: "v=2&6ff87860-967c-4dcf-8f6b-7e8650830de1"
.linkedin.com/ Name: li_gc
Value: MTswOzE3Mjc0MjA0NjQ7MjswMjFfU2/VZ7iTKffnfUQhzvMNq6WQKhkGBiesP5AzsXQQOA==
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=3359:u=1:x=1:i=1727420464:t=1727506864:v=2:sig=AQGS1jAalnfarM__N2fiBjFWpuZrtzu3"
.bing.com/ Name: MUID
Value: 1A74DBB2B7BD69FA011ECEB5B6BB6861
.www.aquasec.com/ Name: cookieyes-consent
Value: consentid:UzR1V1UwREhYbWhEZlF5Q2J6WFFuUzJVODJZdnJlSVc,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no,other:no
.bing.com/ Name: MSPTC
Value: _LWd4Tgod2DrhWZPPMskqzT4JNH_Ip6VC-ke2PTEmZg
.aquasec.com/ Name: __hstc
Value: 207889101.0dd7dd24813202de840cfaed97bdd7af.1727420464740.1727420464740.1727420464740.1
.aquasec.com/ Name: hubspotutk
Value: 0dd7dd24813202de840cfaed97bdd7af
.aquasec.com/ Name: __hssrc
Value: 1
.aquasec.com/ Name: __hssc
Value: 207889101.1.1727420464740
.info.aquasec.com/ Name: __cf_bm
Value: jpc_DnXZ51sw7QMEWy6F1F5wZs2nR_4GSL3fFHh8Unc-1727420465-1.0.1.1-kLO.v_tkNQGhwXqkkCpO8Eny8gRtAJh4qRhLL3SPxAk4ix5MzdKqgSYcARSPdVxWKWjZE.uNztqnTUvy6.YFww
.info.aquasec.com/ Name: __cfruid
Value: 3fe1d658e9d3412a06447d24b93dfd4e1a5ad542-1727420465
.aquasec.com/ Name: trd_cid
Value: 17274204652555314
trackingapi.trendemon.com/ Name: trd_gavid_1810
Value: 17274204652555314
trackingapi.trendemon.com/ Name: trd_gvid
Value: 17274204652555314
trackingapi.trendemon.com/ Name: trd_vid_1810
Value: 1810%3A17274204652555314
.aquasec.com/ Name: trd_vid_l
Value: 1810%3A17274204652555314
.aquasec.com/ Name: trd_vuid_l
Value: 5825840114327363864
.aquasec.com/ Name: trd_ma_cookie
Value: MGRkN2RkMjQ4MTMyMDJkZTg0MGNmYWVkOTdiZGQ3YWY%3D
.aquasec.com/ Name: cebs
Value: 1
.aquasec.com/ Name: _ce.clock_event
Value: 1
.aquasec.com/ Name: messagesUtk
Value: 203a309de52944cb878563d5f26a292f
.aquasec.com/ Name: _ce.clock_data
Value: 24%2C138.199.38.133%2C1%2Ccd70ceeb4a1768030b1882c90242a428%2CChrome%2CDE
.aquasec.com/ Name: cebsp_
Value: 1
.hubspot.com/ Name: __cf_bm
Value: E52SHEr84NR5w3NsxWQ10iahcMxc_bLJyKXe8UEgF4I-1727420466-1.0.1.1-mpo0dV5xywjDo_OeVtKHN2W1UOkItdwL2v.8TQ2JbOCgZhh8XcHLIGdKdVVZEKD3YRGMsEfY1rv2xWoMEWBZ5Q
.hubspot.com/ Name: _cfuvid
Value: 1uUH0kFlpLFc18K44eYK0MPmAQJiL7ZC9TuJXvwXYXg-1727420466215-0.0.1.1-604800000
.aquasec.com/ Name: _ce.s
Value: v~4d9b5f081e5fdb58c3058182f0d4bc449d53ad49~lcw~1727420466272~vir~new~lva~1727420465973~vpv~0~v11.fhb~1727420466257~v11.lhb~1727420466258~v11.cs~328806~v11.s~44331490-7c9e-11ef-8eee-0f666a552649~lcw~1727420466276
.hsforms.net/ Name: __cf_bm
Value: sscyNEWkCxUnACTs7THJdYfG7D3jDTceVo9puyqaP9s-1727420466-1.0.1.1-JkX_7dfYUv9_vuaIUwYtNo5wDxcW_wRa3puyWRh8f8YAYfQGLKSJUtzwDeTiuc.AnOCaSqWmoRH9WtmyPY3Rog

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy img-src data: *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.hubspot.com
assets-tracking.crazyegg.com
assets.trendemon.com
bat.bing.com
blog.aquasec.com
cdn-cookieyes.com
directory.cookieyes.com
info.aquasec.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
js.hubspot.com
js.usemessages.com
log.cookieyes.com
pagestates-tracking.crazyegg.com
pic.trendemon.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
script.crazyegg.com
snap.licdn.com
stats.g.doubleclick.net
track.hubspot.com
tracking.crazyegg.com
trackingapi.trendemon.com
www.aquasec.com
www.google.de
www.googletagmanager.com
www.aquasec.com
13.107.42.14
13.35.58.58
141.193.213.21
18.66.122.57
2001:4860:4802:32::36
2600:9000:275b:4600:2:7dc7:8f00:93a1
2606:2c40::c73c:67e4
2606:4700:10::6816:3b5b
2606:4700:4400::6812:28f0
2606:4700::6810:4e8e
2606:4700::6810:7674
2606:4700::6810:89d1
2606:4700::6810:a0a8
2606:4700::6812:8e77
2606:4700::6813:9408
2620:1ec:21::14
2620:1ec:33:3::10
2a00:1450:4001:80f::2008
2a00:1450:4001:82b::2003
2a00:1450:400c:c00::9d
2a02:26f0:3500:10::210:a9a
34.206.10.42
52.213.31.162
54.77.7.148
65.9.66.11
021dc691a8ac476a01b5c5738e2652610b950ecc2d9c745c929b2a30548eb1f6
059b77025c02623999e7524b737287072bd2dbb42c1652f70a4020338b1e5f21
095cc7bdd28ae30c93f1ac6251b137e9578b09e0c6bc97b6d4b161b7c3ec559a
0e03b8bd947128738542565721d9b092ca77457303340fc3baf308244b76aa56
11f7be60970826757d2b8c3769fe8632989260841816c5f603c68757fb02a5e7
1220bdf087a7b3b0f068e1dc2422c361ef11cf999ff8ea343573d9e5a7c19bdc
13e9e30e321a29ea2fc897fe531dc79492758ed06fa246c4b824113430717afe
1436939ed29c528098b948903ff835b1f1066a45afc277c43053a25964d1761c
157354e94547e6316ceb08ddc0a7c96bab2787cb59d2b03554debd7ecfc137b9
18587626fe3db3b6adcfcc0d1280f65b56c5208d4894fafc5c0b590a5b68df70
18cba674a74915ad102692a39d6121ad703b67853bbe8ac50c96a2fff6c4d1be
1a2e21c78744fd7ea0ace3cf3f78e8b46008ea982199c7df225dc4498b16703a
1cbb0f1ee7e0c16e7792b41c8bc635bbfd80eaa15c2246727ecb09d9ae5a31f5
2069ee225073a115f31dcfbfc8e645967697bcf1d9b8f56d56b0aed8943d9f93
232578c4d68409746e0d0d20d5665ad15019876086d05f3e77c567d0f3417908
2408c002d9aa33f835f3d468e5ace993a1c12f6a0c09b4023b633387d5d7fff3
270ae4a1e48f8511fca03917a94c938b0833268f80d193690025cb9e91975f3c
29cecc5902de526c5b23f00d84e72ae7d29db58d2e3e8d11928ee5dea1169231
2a1c44182f60ff7cc44f3579359308a4ee76aa768d74fc8e01c1150e83a48cfb
2c1a897ff5cd65689bc00765a26509b5815873afbe32ce7be33f80cfcba35fcb
308b85c5855f899a40a1e18296c5d68e3c495104622d35fc36e80c499424845c
32046089ccace81843cbfbf1e80ec224e591a3a6441753dd62e0bcf4cf33c6d6
396f95fe76847ae1beacf9c523d2b852b3fc31ce9beedbde4df6b7f8ba6901ec
4388b02bc25098e040a6c4705239709f56be0bced296b82975179ab3179df43f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4626ccf50c9df8c4d4dd37a5777bfe69d702e26755952ef44d5207cbf079501b
4d69ee198ad4832a4a2068ec2cbc2077e2b98c3ac5e944b626f73447f49ea574
4d9f646ea879210b27138b78cdf90440373fd6564ab5c4d4ec2f631283512cb3
4eae6577f5d40e9c221f9490f2384d6afaf58f9660850a82f50e4d816e7394ca
52bd0f23fdf9fec10087ec823dab8717d7e0205f1056a6cbb91ab1ed92f73b1f
55305fdddb7fd64a877ea127788ddf30285d6a7add63ea7394f8df2f85ff4c19
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a068fef04a1b0f7601f0d566dd7356d960d79a0c255e1228e9e057249fc1139
5debdbe26fb25ed30b4b6c05be6d235da7033863045f5694fb6ea8fcb8c7adb7
5f77564e29b03c97c7ecb155d1c974ff89de12cc0a4874724b6c259e9d9071d8
60af6b329a6c839f095957a4eb22fdd9f25cab299091dd19e3c7a7f9d377e61c
6143b270c1666b3b59c148c6996a031c953a63fa7d593f91878f9554b4d81cb0
6248603e3427743ef19f2f043c937dc25574b428286ffbc21746694b2f4b72d1
6504f819e717608fd9b50bf172d8f2dfbd4e4c853ff6ac9a0c0d94308d59581e
69f9f19bd433b1317c2e2adf4b0d99a7655e6d878b35a970a5311227c6ad0a04
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
7606e84b34c394b34c596b002da5aaa0f301406ad2066bb6d9b93381505183fc
76a63095bd0c61faa8c6a82907bb7744caabfd3e523c979b48f08c80b6de037b
7701282ea59743a1d336ee5ede4e6805ca9572c28ad013fa956fb39f18de0d69
7c47a53595d995144b4371a10cc21a1f1edde7e7b042e364a0b3bc87672b0478
7f36b7ce29c7f51e6f99ffb230a4de3c58fb413c096963906fe52b7df5723526
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
87d3036c2207d4cb8b2ab6ed65edde4aa2e351b50030e3515b664b5bd2117c13
880ded3caa66b5ed11ba25dad123702d18e1da63a74df5fde46b720fe15b44b1
89de0c24e64daab3fd78e61c512bc6e5ebcd4f771e6d7d81d4e678b259f3f92a
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8a3102f6130c0eea8ab63bc81ba3d2e15e80a194da1b83aad5e1ea318465c8dc
8ecb1528ceb06e950fa027e7429321c91ea926dbc890e4fb34f07acf70b8c9f4
8edf154666b97ea6bb1c70e115974bae168a148ad81a747456c1d86f667790d9
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
92edb05c5de4b052658546b833f7c8a72a6f8a8bc8cb5b53d0056c644663e3f6
9d328c0005c2883c88f04980c963032b8017bebc74f97e8de0d13e3d562d9a7c
9d7ec7fb6bdbba8caffe2e3ff9d4a79a1d08db53abcafd148bb4bfba023b7e39
9f73ec74b8bdc4ff4bd7fcbce327443d932811f3dad3f55d37a5cf6183702c93
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a4839ed644aab7e03d85db49c604276afdedceab6bafe6ca10215ea675a54ae8
a82beac313447af7db1dfa7b9aed48f9663af8ba0f9214075537de060b853a05
aca1cc2931d9b9d251ab7167845855887ed3ade46391a6af2b3f2cbd4a1ced08
b118d300f94d3de6d9c6c51ef8f6936f76dad17371bf24450bfcdd7056522948
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21db0f6133f034b0e4ba0dd19681dcd261d8da3cd7e5ad9466b4bcf92fd6f8a
b2be4f770c150289ae7c966dba6508266866f02223f41c6b9088699338ae99e7
b8eb8a7898d7f65f3407008af621d906d14d1f0d0ff3f03a70da78cc1e471ea0
bc3175e277f0f116e9d83d1e6e34f21bc7712208dd1bd99bdba78db50f9c6182
c3a58e45ccfffece1df8e470fd853a81321e4f78f6af8d22e78310da1380f7d5
ce021d2a1a40ee29c16dd821b7fd9e661a98d77b89433bd5a5569a563e2129a3
d2901282a1308024e794b50a1e59875e01718600ec140a5f3a6d4446f8fd1f0b
d62307128d2ce171e5c693cc6c2d87b5cb3a8b120deaefd791269d6352908677
d80634ff7b299a4822da649b251cb016fff11be494a512d88d105f94da2b9657
dad92db2eba4b5cc8fb9988d055dfb862d9417a3902f7b3c35b78e91eb082d13
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b9c768a7094b81999098052623e903668f7f76ed285960bf876d1b034b8c53
e4c6bf212dac691ff495578723546436b159ec86b0f69978eb481420189aaa6c
e5a16ab4cec4edc93fb95a251904368b4ffb61c1886daf14d0e667e7ef5de2e2
e6301c9c42c19c029aeeabbdd5f3d18467f2176f6542b62e0a085a8b982bd7ac
ea48a58a9bc2b46b598e380703bd07f9e0e4ffbc4e3139c7e14eb6bce5771512
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2682c47932a575492f1eba19f0061bbbf0936fbd969b108213e0474e14931e
ef613831627e1b66cfc1a63db65f2556fd82862d5984a407fa9a3bc12d15a08d
f21885521706b7ae0638ce79ea884c4e3a582073ecdc478b851d43ceb98adfe8
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f6ba9121147fce7e25f6f6d346c01b85213415bd030e1f9ae9c26ffb77594b33
f9af783cfb871f60af5a9d73aea069176cb0454673ffd3710db7b395dd1c0745