URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Submission: On August 11 via api from GB

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 42 HTTP transactions. The main IP is 143.244.165.121, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is blueteam.news.
TLS certificate: Issued by R3 on July 11th 2021. Valid for: 3 months.
This is the only time blueteam.news was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
32 blueteam.news blueteam.news
6 fonts.gstatic.com fonts.googleapis.com
1 www.google-analytics.com www.googletagmanager.com
1 contextual.media.net blueteam.news
1 www.googletagmanager.com blueteam.news
1 fonts.googleapis.com blueteam.news
42 6

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
reddit.com
unit42.paloaltonetworks.com
go.nordvpn.net
Subject Issuer Validity Valid
blueteam.news
R3
2021-07-11 -
2021-10-09
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2021-04-12 -
2022-04-20
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh

This page contains 1 frames:

Primary Page: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Frame ID: F5685F51A20FAEBEE0620CB84C4573BF
Requests: 42 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

42
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

2348 kB
Transfer

3543 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
418 KB
56 KB
Document
General
Full URL
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b41f169c9893b8caae93d524c45bdf90ea476b6031462d0e8c6b08c555b8bbd

Request headers

Host
blueteam.news
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:08 GMT
Server
Apache/2.4.41 (Ubuntu)
Link
<https://blueteam.news/wp-json/>; rel="https://api.w.org/" <https://blueteam.news/wp-json/wp/v2/posts/1565>; rel="alternate"; type="application/json" <https://blueteam.news/?p=1565>; rel=shortlink
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
style.min.css
blueteam.news/wp-includes/css/dist/block-library/
53 KB
8 KB
Stylesheet
General
Full URL
https://blueteam.news/wp-includes/css/dist/block-library/style.min.css?ver=5.5.5
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Aug 2020 18:00:38 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"d293-5addfb6b23d80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
7907
email-subscribers-public.css
blueteam.news/wp-content/plugins/email-subscribers/lite/public/css/
2 KB
1007 B
Stylesheet
General
Full URL
https://blueteam.news/wp-content/plugins/email-subscribers/lite/public/css/email-subscribers-public.css?ver=4.7.6
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5803ac00778699dfa69a5f4fed086bf5c29164864bdb5b2f36fe0e3cc98736fb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:09 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Jul 2021 01:58:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"71e-5c75c29857ea8-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
671
style.css
blueteam.news/wp-content/plugins/td-newsletter/
6 KB
2 KB
Stylesheet
General
Full URL
https://blueteam.news/wp-content/plugins/td-newsletter/style.css?ver=11
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4f9568d3aef0133feef6736a0be7a2bad332429d685a584e1c5b85e5a7fd60c9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:09 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Jul 2021 02:49:36 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"16c7-5c6d00e221714-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1476
style.css
blueteam.news/wp-content/plugins/td-composer/td-multi-purpose/
36 KB
5 KB
Stylesheet
General
Full URL
https://blueteam.news/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=978887166a39c57c36d5cf4a5ec10289
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:09 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Jul 2021 02:42:38 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"91a4-5c6cff53884e3-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4797
css
fonts.googleapis.com/
17 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C900%2C500%2C700%2C300&display=swap&ver=11
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1a46233ca1af9caf624bb7d62119ac1cd6197ffc21c25926f917a1bc5bfe8912
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blueteam.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 05:18:09 GMT
server
ESF
date
Wed, 11 Aug 2021 05:18:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 Aug 2021 05:18:09 GMT
td-multipurpose.css
blueteam.news/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/
12 KB
2 KB
Stylesheet
General
Full URL
https://blueteam.news/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=978887166a39c57c36d5cf4a5ec10289
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
485301e24ee204cd089ec16df7e66702b3a3dc906f5ea5ffcc414c303d647e1e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:09 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Jul 2021 02:42:38 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2ee1-5c6cff539cd02-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2042
style.css
blueteam.news/wp-content/themes/Newspaper/
146 KB
25 KB
Stylesheet
General
Full URL
https://blueteam.news/wp-content/themes/Newspaper/style.css?ver=11
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
312460f32193ff9910d720cc337941abd9c749e9f3c7c0e3bf707d90a51ca897

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:09 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Jul 2021 02:42:11 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"24641-5c6cff39cc78c-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
24864
td_legacy_main.css
blueteam.news/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/
155 KB
23 KB
Stylesheet
General
Full URL
https://blueteam.news/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b689f2267305a97c30f5bda1a0e18993c4bed294007df78eafd6829a4408cb1e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:10 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Jul 2021 02:42:38 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"26c08-5c6cff5381783-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
23389
jquery.js
blueteam.news/wp-includes/js/jquery/
95 KB
33 KB
Script
General
Full URL
https://blueteam.news/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 May 2019 04:25:54 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"17a69-5890dc7401880-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
33776
email-subscribers-public.js
blueteam.news/wp-content/plugins/email-subscribers/lite/public/js/
4 KB
2 KB
Script
General
Full URL
https://blueteam.news/wp-content/plugins/email-subscribers/lite/public/js/email-subscribers-public.js?ver=4.7.6
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
12f7b276d0357e226f9440732a4151cc26daade05efc15b0255d542625c9eefe

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:10 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Jul 2021 01:58:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"e46-5c75c29857ea8-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1512
wp-emoji-release.min.js
blueteam.news/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://blueteam.news/wp-includes/js/wp-emoji-release.min.js?ver=5.5.5
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:10 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Jul 2021 02:24:45 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3795-5c6cfb54c8e44-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4662
js
www.googletagmanager.com/gtag/
128 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BX7H8ZCEPW
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f61eebb454f1e33bcf0a9dbee078b1a4a21916beabcac4e3464e89e9cc55821c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://blueteam.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 05:18:10 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51168
x-xss-protection
0
expires
Wed, 11 Aug 2021 05:18:10 GMT
dmedianet.js
contextual.media.net/
136 KB
46 KB
Script
General
Full URL
https://contextual.media.net/dmedianet.js?cid=8CUAP4R50
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2b7d6e47518334bac621174b0565c6bfce37482efdef5fd4a36744ccd11c0238
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://blueteam.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
10-15
content-encoding
gzip
server
Apache
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag
"92d8df72fa744065e00707ed4b53d96f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Wed, 11 Aug 2021 05:18:10 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-32
expires
Wed, 11 Aug 2021 05:23:10 GMT
sample-158-1068x572.png
blueteam.news/wp-content/uploads/2021/07/
601 KB
601 KB
Image
General
Full URL
https://blueteam.news/wp-content/uploads/2021/07/sample-158-1068x572.png
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
820b3e33f0c6479e1a99e76e0497e04342c2c40693a05a417c3c4c34f21d943e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:10 GMT
Last-Modified
Fri, 30 Jul 2021 02:18:37 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"9636b-5c84dd6527f71"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
615275
NordVPN_banner1.png
blueteam.news/wp-content/uploads/2021/07/
70 KB
70 KB
Image
General
Full URL
https://blueteam.news/wp-content/uploads/2021/07/NordVPN_banner1.png
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6c94b3c2387350ddc9578983080b818e496f9314507a7313679cb7483527cfa9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:10 GMT
Last-Modified
Tue, 20 Jul 2021 19:56:01 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"117aa-5c79371815064"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
71594
NordVPN_banner4.png
blueteam.news/wp-content/uploads/2021/07/
24 KB
25 KB
Image
General
Full URL
https://blueteam.news/wp-content/uploads/2021/07/NordVPN_banner4.png
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1587b92d1f889f890ab0022caf2b5b80f1bf364f4dd02ae1fa6d459bc2bec2ef

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:10 GMT
Last-Modified
Wed, 21 Jul 2021 12:47:27 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"6106-5c7a192a27f1d"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
24838
spinner.gif
blueteam.news/wp-content/plugins/email-subscribers/lite/public/images/
3 KB
3 KB
Image
General
Full URL
https://blueteam.news/wp-content/plugins/email-subscribers/lite/public/images/spinner.gif
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7837e876f1eef549b3250b78380ec2df00ad6da4da6c27667424b1636854df3c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:10 GMT
Last-Modified
Sun, 18 Jul 2021 01:58:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"c88-5c75c29856f08"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3208
NordVPN_banner3.png
blueteam.news/wp-content/uploads/2021/07/
679 KB
679 KB
Image
General
Full URL
https://blueteam.news/wp-content/uploads/2021/07/NordVPN_banner3.png
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e5c433c04943a091ea547f7c258631561a01c68f01d94bf07ecf1c3f8f45ed30

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:10 GMT
Last-Modified
Tue, 20 Jul 2021 20:36:18 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"a9a00-5c79401846a5b"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
694784
underscore.min.js
blueteam.news/wp-includes/js/
16 KB
6 KB
Script
General
Full URL
https://blueteam.news/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:10 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Jul 2021 02:24:45 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3ead-5c6cfb54c4024-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
5663
js_posts_autoload.min.js
blueteam.news/wp-content/plugins/td-cloud-library/assets/js/
5 KB
2 KB
Script
General
Full URL
https://blueteam.news/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=45456ad3a6d583e9cee0a9fe2cdd86cb
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:10 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Jul 2021 02:42:41 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1428-5c6cff56476ca-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1981
tagdiv_theme.min.js
blueteam.news/wp-content/plugins/td-composer/legacy/Newspaper/js/
257 KB
60 KB
Script
General
Full URL
https://blueteam.news/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2d036346b18bf4c27bc91f0416f8b59427e32bfc6c2724a27e6fe2e5a7b58574

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:10 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Jul 2021 02:42:37 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"4029c-5c6cff531fd07-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
comment-reply.min.js
blueteam.news/wp-includes/js/
3 KB
2 KB
Script
General
Full URL
https://blueteam.news/wp-includes/js/comment-reply.min.js?ver=5.5.5
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:10 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Jul 2021 02:24:45 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"ba8-5c6cfb54c8e44-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1346
js_files_for_front.min.js
blueteam.news/wp-content/plugins/td-cloud-library/assets/js/
36 KB
9 KB
Script
General
Full URL
https://blueteam.news/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=45456ad3a6d583e9cee0a9fe2cdd86cb
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
15c510fe49c3ec5fd57ac7ead341655699156a63fe10195347dfeae1dc53f909

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:10 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Jul 2021 02:42:41 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"9176-5c6cff56476ca-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
8430
wp-embed.min.js
blueteam.news/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://blueteam.news/wp-includes/js/wp-embed.min.js?ver=5.5.5
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:10 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Jul 2021 02:24:45 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"592-5c6cfb54c9de4-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
765
newspaper.woff
blueteam.news/wp-content/themes/Newspaper/images/icons/
24 KB
25 KB
Font
General
Full URL
https://blueteam.news/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by
Host: blueteam.news
URL: https://blueteam.news/wp-content/themes/Newspaper/style.css?ver=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://blueteam.news
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://blueteam.news/wp-content/themes/Newspaper/style.css?ver=11
Connection
keep-alive
Origin
https://blueteam.news
Referer
https://blueteam.news/wp-content/themes/Newspaper/style.css?ver=11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:10 GMT
Last-Modified
Sun, 11 Jul 2021 02:42:11 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"6120-5c6cff39cc78c"
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
24864
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C900%2C500%2C700%2C300&display=swap&ver=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blueteam.news
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 12:00:01 GMT
x-content-type-options
nosniff
age
62289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 12:00:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C900%2C500%2C700%2C300&display=swap&ver=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blueteam.news
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 18:26:24 GMT
x-content-type-options
nosniff
age
125506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Aug 2022 18:26:24 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C900%2C500%2C700%2C300&display=swap&ver=11
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blueteam.news
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 12:36:34 GMT
x-content-type-options
nosniff
age
60096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 12:36:34 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C900%2C500%2C700%2C300&display=swap&ver=11
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blueteam.news
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 17:17:27 GMT
x-content-type-options
nosniff
age
43243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 17:17:27 GMT
td-multipurpose.ttf
blueteam.news/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/
127 KB
127 KB
Font
General
Full URL
https://blueteam.news/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.ttf
Requested by
Host: blueteam.news
URL: https://blueteam.news/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=978887166a39c57c36d5cf4a5ec10289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
95c06a3e6c28a512b08155b23f867f4699ce33d79ef8ef7a229ee6a33a6c83f6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://blueteam.news
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://blueteam.news/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=978887166a39c57c36d5cf4a5ec10289
Connection
keep-alive
Origin
https://blueteam.news
Referer
https://blueteam.news/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=978887166a39c57c36d5cf4a5ec10289
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:10 GMT
Last-Modified
Sun, 11 Jul 2021 02:42:38 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1fa3c-5c6cff539cd02"
Content-Type
font/ttf
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
129596
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C900%2C500%2C700%2C300&display=swap&ver=11
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blueteam.news
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:29:17 GMT
x-content-type-options
nosniff
age
103733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:29:17 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C900%2C500%2C700%2C300&display=swap&ver=11
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blueteam.news
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:32:27 GMT
x-content-type-options
nosniff
age
103543
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:34 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:32:27 GMT
collect
www.google-analytics.com/g/
0
63 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BX7H8ZCEPW&gtm=2oe891&_p=1522192638&sr=1600x1200&ul=en-us&cid=522007651.1628659091&_s=1&dl=https%3A%2F%2Fblueteam.news%2Fsiloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments%2F&dt=Siloscape%3A%20First%20Known%20Malware%20Targeting%20Windows%20Containers%20to%20Compromise%20Cloud%20Environments%20%7C%20Blue%20Team%20News&sid=1628659090&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BX7H8ZCEPW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blueteam.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 05:18:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blueteam.news
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sample-58-485x360.png
blueteam.news/wp-content/uploads/2021/08/
161 KB
161 KB
Image
General
Full URL
https://blueteam.news/wp-content/uploads/2021/08/sample-58-485x360.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
74e98912bfaef7eb5b71a2dd7953a46c8d1143af34ec9578513595ab5d9311d2

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Cookie
_ga_BX7H8ZCEPW=GS1.1.1628659090.1.0.1628659090.0; _ga=GA1.1.522007651.1628659091
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:11 GMT
Last-Modified
Tue, 10 Aug 2021 13:32:37 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"284b2-5c93489006652"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
165042
sample-68-218x150.png
blueteam.news/wp-content/uploads/2021/08/
12 KB
12 KB
Image
General
Full URL
https://blueteam.news/wp-content/uploads/2021/08/sample-68-218x150.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
fe6aabc65a7e90e1d5132f2fcc8c1f94d9efb13a4ba35892a660d09623aad0b8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Cookie
_ga_BX7H8ZCEPW=GS1.1.1628659090.1.0.1628659090.0; _ga=GA1.1.522007651.1628659091
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:11 GMT
Last-Modified
Tue, 10 Aug 2021 13:35:27 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3008-5c934931b8387"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
12296
sample-17-218x150.jpg
blueteam.news/wp-content/uploads/2021/08/
11 KB
11 KB
Image
General
Full URL
https://blueteam.news/wp-content/uploads/2021/08/sample-17-218x150.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
eb5faa2dea523ddbfa281e47526153a880edd1fb8c6fd230611ee2c2fe56c442

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Cookie
_ga_BX7H8ZCEPW=GS1.1.1628659090.1.0.1628659090.0; _ga=GA1.1.522007651.1628659091
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:11 GMT
Last-Modified
Tue, 10 Aug 2021 13:35:06 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2b60-5c93491da2b4f"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
11104
sample-6-218x150.jpg
blueteam.news/wp-content/uploads/2021/08/
10 KB
10 KB
Image
General
Full URL
https://blueteam.news/wp-content/uploads/2021/08/sample-6-218x150.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9163108bd6237049f06d19670270bb0579255c5c9735899a24f450bf5fcb8a00

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Cookie
_ga_BX7H8ZCEPW=GS1.1.1628659090.1.0.1628659090.0; _ga=GA1.1.522007651.1628659091
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:11 GMT
Last-Modified
Sat, 07 Aug 2021 01:01:10 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2760-5c8edb01c3eb6"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
10080
sample-58-485x360.png
blueteam.news/wp-content/uploads/2021/08/
161 KB
161 KB
Image
General
Full URL
https://blueteam.news/wp-content/uploads/2021/08/sample-58-485x360.png
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
74e98912bfaef7eb5b71a2dd7953a46c8d1143af34ec9578513595ab5d9311d2

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Cookie
_ga_BX7H8ZCEPW=GS1.1.1628659090.1.0.1628659090.0; _ga=GA1.1.522007651.1628659091
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:11 GMT
Last-Modified
Tue, 10 Aug 2021 13:32:37 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"284b2-5c93489006652"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
165042
sample-68-218x150.png
blueteam.news/wp-content/uploads/2021/08/
12 KB
12 KB
Image
General
Full URL
https://blueteam.news/wp-content/uploads/2021/08/sample-68-218x150.png
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
fe6aabc65a7e90e1d5132f2fcc8c1f94d9efb13a4ba35892a660d09623aad0b8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Cookie
_ga_BX7H8ZCEPW=GS1.1.1628659090.1.0.1628659090.0; _ga=GA1.1.522007651.1628659091
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:11 GMT
Last-Modified
Tue, 10 Aug 2021 13:35:27 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3008-5c934931b8387"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
12296
sample-17-218x150.jpg
blueteam.news/wp-content/uploads/2021/08/
11 KB
11 KB
Image
General
Full URL
https://blueteam.news/wp-content/uploads/2021/08/sample-17-218x150.jpg
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
eb5faa2dea523ddbfa281e47526153a880edd1fb8c6fd230611ee2c2fe56c442

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Cookie
_ga_BX7H8ZCEPW=GS1.1.1628659090.1.0.1628659090.0; _ga=GA1.1.522007651.1628659091
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:11 GMT
Last-Modified
Tue, 10 Aug 2021 13:35:06 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2b60-5c93491da2b4f"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
11104
sample-6-218x150.jpg
blueteam.news/wp-content/uploads/2021/08/
10 KB
10 KB
Image
General
Full URL
https://blueteam.news/wp-content/uploads/2021/08/sample-6-218x150.jpg
Requested by
Host: blueteam.news
URL: https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.244.165.121 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9163108bd6237049f06d19670270bb0579255c5c9735899a24f450bf5fcb8a00

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blueteam.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
Cookie
_ga_BX7H8ZCEPW=GS1.1.1628659090.1.0.1628659090.0; _ga=GA1.1.522007651.1628659091
Connection
keep-alive
Referer
https://blueteam.news/siloscape-first-known-malware-targeting-windows-containers-to-compromise-cloud-environments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 05:18:11 GMT
Last-Modified
Sat, 07 Aug 2021 01:01:10 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2760-5c8edb01c3eb6"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
10080

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| es_data object| jQuery1124033682516513122773 object| tdb_globals object| tdwGlobal object| tdaGlobal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tds_general_modal_image string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target function| gtag object| dataLayer object| _mNHandle string| medianet_versionId string| tdb_login_sing_in_shortcode object| block_tdi_45 object| block_tdi_104 object| block_tdi_105 object| google_tag_manager object| block_tdi_130 object| google_tag_data object| gaGlobal object| twemoji object| wp object| _mN object| _mNSrv function| setup string| _mN_Idf undefined| _mN_ctr string| _mN_ctrM object| mnjs object| _mNDetails function| _cmL1Require function| _cmL1Define undefined| _mNE object| block_tdi_134 function| _ object| tdbAutoload object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdStickyRow object| tdScrollToClass object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr object| tdConfirm function| $f function| onYouTubeIframeAPIReady object| addComment undefined| eventHub object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdcPostSettings function| tdbGetMobileTemplates

2 Cookies

Domain/Path Name / Value
.blueteam.news/ Name: _ga
Value: GA1.1.522007651.1628659091
.blueteam.news/ Name: _ga_BX7H8ZCEPW
Value: GS1.1.1628659090.1.0.1628659090.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blueteam.news
contextual.media.net
fonts.googleapis.com
fonts.gstatic.com
www.google-analytics.com
www.googletagmanager.com
143.244.165.121
2.18.235.93
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:828::2008
2a00:1450:4001:831::200a
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
12f7b276d0357e226f9440732a4151cc26daade05efc15b0255d542625c9eefe
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1587b92d1f889f890ab0022caf2b5b80f1bf364f4dd02ae1fa6d459bc2bec2ef
15c510fe49c3ec5fd57ac7ead341655699156a63fe10195347dfeae1dc53f909
1a46233ca1af9caf624bb7d62119ac1cd6197ffc21c25926f917a1bc5bfe8912
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2b7d6e47518334bac621174b0565c6bfce37482efdef5fd4a36744ccd11c0238
2d036346b18bf4c27bc91f0416f8b59427e32bfc6c2724a27e6fe2e5a7b58574
312460f32193ff9910d720cc337941abd9c749e9f3c7c0e3bf707d90a51ca897
3b41f169c9893b8caae93d524c45bdf90ea476b6031462d0e8c6b08c555b8bbd
485301e24ee204cd089ec16df7e66702b3a3dc906f5ea5ffcc414c303d647e1e
4f9568d3aef0133feef6736a0be7a2bad332429d685a584e1c5b85e5a7fd60c9
5803ac00778699dfa69a5f4fed086bf5c29164864bdb5b2f36fe0e3cc98736fb
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
6c94b3c2387350ddc9578983080b818e496f9314507a7313679cb7483527cfa9
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
74e98912bfaef7eb5b71a2dd7953a46c8d1143af34ec9578513595ab5d9311d2
7837e876f1eef549b3250b78380ec2df00ad6da4da6c27667424b1636854df3c
820b3e33f0c6479e1a99e76e0497e04342c2c40693a05a417c3c4c34f21d943e
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
9163108bd6237049f06d19670270bb0579255c5c9735899a24f450bf5fcb8a00
95c06a3e6c28a512b08155b23f867f4699ce33d79ef8ef7a229ee6a33a6c83f6
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
b689f2267305a97c30f5bda1a0e18993c4bed294007df78eafd6829a4408cb1e
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c433c04943a091ea547f7c258631561a01c68f01d94bf07ecf1c3f8f45ed30
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
eb5faa2dea523ddbfa281e47526153a880edd1fb8c6fd230611ee2c2fe56c442
f61eebb454f1e33bcf0a9dbee078b1a4a21916beabcac4e3464e89e9cc55821c
fe6aabc65a7e90e1d5132f2fcc8c1f94d9efb13a4ba35892a660d09623aad0b8