www.intezer.com Open in urlscan Pro
52.166.220.150 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
Submission: On June 03 via api (June 3rd 2019, 10:24:52 pm UTC) from CH

Summary HTTP 73 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 19 domains to perform 73 HTTP transactions. The main IP is 52.166.220.150, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is www.intezer.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 22nd 2018. Valid for: 2 years.

This is the only time www.intezer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 44	52.166.220.150 52.166.220.150	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	52.77.15.192 52.77.15.192	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
3	2606:4700:10:... 2606:4700:10::6814:6e27	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:293::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.36.157 151.101.36.157	54113 (FASTLY) (FASTLY - Fastly)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2 3	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2620:109:c002... 2620:109:c002::6cae:a0a	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
73	21

44 52.166.220.150 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

www.intezer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.77.15.192 (Singapore, Singapore)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-77-15-192.ap-southeast-1.compute.amazonaws.com

web.mxradon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:6e27 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:293::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.36.157 (Amsterdam, Netherlands)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:f500:10:101::b93f:9105 (Ireland) 2 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:109:c002::6cae:a0a (United States) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	intezer.com 1 redirects www.intezer.com	2 MB
5	gstatic.com fonts.gstatic.com	45 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	addtoany.com static.addtoany.com	58 KB
3	facebook.net connect.facebook.net	78 KB
3	google-analytics.com www.google-analytics.com ssl.google-analytics.com	34 KB
2	facebook.com www.facebook.com	250 B
2	mxradon.com web.mxradon.com	4 KB
1	google.de www.google.de	109 B
1	google.com www.google.com	118 B
1	twitter.com analytics.twitter.com	266 B
1	doubleclick.net googleads.g.doubleclick.net	1 KB
1	licdn.com snap.licdn.com	5 KB
1	t.co t.co	170 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	bizographics.com sjs.bizographics.com	5 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	googletagmanager.com www.googletagmanager.com	21 KB
1	googleapis.com fonts.googleapis.com	1 KB
73	19

	Domain	Requested by
44	www.intezer.com	1 redirects www.intezer.com
5	fonts.gstatic.com	www.intezer.com
3	px.ads.linkedin.com	2 redirects www.intezer.com
3	static.addtoany.com	www.intezer.com static.addtoany.com
3	connect.facebook.net	www.intezer.com connect.facebook.net
2	www.facebook.com	www.intezer.com connect.facebook.net
2	www.google-analytics.com	www.intezer.com
2	web.mxradon.com	www.intezer.com web.mxradon.com
1	www.google.de	www.intezer.com
1	www.google.com	www.intezer.com
1	analytics.twitter.com	static.ads-twitter.com
1	www.linkedin.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	snap.licdn.com	www.intezer.com
1	ssl.google-analytics.com	www.intezer.com
1	t.co	www.intezer.com
1	static.ads-twitter.com	www.googletagmanager.com
1	sjs.bizographics.com	www.googletagmanager.com
1	www.googleadservices.com	www.intezer.com
1	www.googletagmanager.com	www.intezer.com
1	fonts.googleapis.com	www.intezer.com
73	21

This site contains links to these domains. Also see Links.

Domain
analyze.intezer.com
twitter.com
il.linkedin.com
unit42.paloaltonetworks.com
blog.talosintelligence.com
www.reddit.com
confluence.atlassian.com
community.atlassian.com
github.com
imgur.com
www.facebook.com
www.linkedin.com
www.addtoany.com

Subject Issuer	Validity	Valid
*.intezer.com Go Daddy Secure Certificate Authority - G2	`2018-12-22` - `2021-02-20`	2 years	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
*.mxradon.com Amazon	`2019-04-29` - `2020-05-29`	a year	crt.sh
www.googleadservices.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-04-22` - `2019-07-21`	3 months	crt.sh
ssl472428.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-01-22` - `2019-07-31`	6 months	crt.sh
*.google.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2018-04-13` - `2020-04-17`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2018-08-16` - `2019-08-21`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-03-07` - `2020-03-07`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-28` - `2020-01-28`	a year	crt.sh
www.google.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
Frame ID: 977FF7EEDCBC88181181AFB72E5913BF
Requests: 72 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.21.html
Frame ID: 33AE39E6AD2D59528E70BB3F1A895FB5
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 871B3BBEE018C9088D2F092C41AC59C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud HTTP 301
https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast/i

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /addtoany\.com\/menu\/page\.js/i
env /^a2apage_init$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^twemoji$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

73
Requests

100 %
HTTPS

71 %
IPv6

19
Domains

21
Subdomains

21
IPs

6
Countries

2755 kB
Transfer

3694 kB
Size

8
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://analyze.intezer.com/
Title: Try it Now

Search URL Search Domain Scan URL

URL: https://twitter.com/ulexec

Search URL Search Domain Scan URL

URL: https://il.linkedin.com/in/ignacio-sanmillan-1aa244b8

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/malware-used-by-rocke-group-evolves-to-evade-detection-by-cloud-security-products/
Title: Rocke Group

Search URL Search Domain Scan URL

URL: https://analyze.intezer.com/#/analyses/0bfb39d2-7666-4ea0-91ca-dbd958e33bc2/sub/db9f0ffb-b009-4d2b-ab23-f8adffb56fe0

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2018/08/rocke-champion-of-monero-miners.html
Title: Cisco Talos

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/linuxquestions/comments/bknurg/is_is_exploit_or_what/
Title: implants

Search URL Search Domain Scan URL

URL: https://confluence.atlassian.com/doc/confluence-security-advisory-2019-03-20-966660264.html?_ga=2.116436864.700072651.1557244235-1322709726.1557244235
Title: Atlassian vulnerability

Search URL Search Domain Scan URL

URL: https://community.atlassian.com/t5/Confluence-questions/How-come-my-confluence-installation-was-hacked-by-Kerberods/qaq-p/1054605#M141274
Title: abused

Search URL Search Domain Scan URL

URL: https://github.com/gianlucaborello/libprocesshider
Title: GitHub

Search URL Search Domain Scan URL

URL: https://analyze.intezer.com/#/analyses/5df114f0-1776-4209-bd7d-3ba0661a3570

Search URL Search Domain Scan URL

URL: https://imgur.com/a/H7YuWuj
Title: has used

Search URL Search Domain Scan URL

URL: https://github.com/intezer/yara-rules/blob/master/GreedyAntd.yar
Title: YARA rule

Search URL Search Domain Scan URL

URL: https://www.facebook.com/IntezerLabs/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/intezer-labs

Search URL Search Domain Scan URL

URL: https://twitter.com/intezerlabs

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud HTTP 301
https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://px.ads.linkedin.com/collect/?time=1559600676545&pid=67980%2C67980&url=https%3A%2F%2Fwww.intezer.com%2Fblog-technical-analysis-cryptocurrency-mining-war-on-the-cloud%2F&fmt=js&s=1 HTTP 302
https://px.ads.linkedin.com/collect/?time=1559600676545&pid=67980%2C67980&url=https%3A%2F%2Fwww.intezer.com%2Fblog-technical-analysis-cryptocurrency-mining-war-on-the-cloud%2F&fmt=js&s=1&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1559600676545%26pid%3D67980%252C67980%26url%3Dhttps%253A%252F%252Fwww.intezer.com%252Fblog-technical-analysis-cryptocurrency-mining-war-on-the-cloud%252F%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect/?time=1559600676545&pid=67980%2C67980&url=https%3A%2F%2Fwww.intezer.com%2Fblog-technical-analysis-cryptocurrency-mining-war-on-the-cloud%2F&fmt=js&s=1&cookiesTest=true&liSync=true

73 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
Redirect Chain

https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud
https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

68 KB
18 KB

337ms
336ms

Document
text/html

52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache / PHP/5.6.27

Resource Hash

9eec546112f0148b34ad110b00ce98834a150551c6ff7330cba4d8994327aeec

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.intezer.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:32 GMT
Server: Apache
X-Powered-By: PHP/5.6.27
X-Pingback: https://www.intezer.com/xmlrpc.php
Link: <https://www.intezer.com/wp-json/>; rel="https://api.w.org/", <https://www.intezer.com/?p=4198>; rel=shortlink
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17595
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Mon, 03 Jun 2019 22:05:32 GMT
Server: Apache
X-Powered-By: PHP/5.6.27
X-Pingback: https://www.intezer.com/xmlrpc.php
X-Frame-Options: SAMEORIGIN
Location: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 24 KB
1 KB 18ms
16ms Stylesheet
text/css 2a00:1450:4001:819::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

ce2dc45c0adef73039fafb13f6147ac6d4e9c27f5e2839126500fa3eef483c34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 03 Jun 2019 22:24:35 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 03 Jun 2019 22:24:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 03 Jun 2019 22:24:35 GMT

GET
H/1.1 200
OK styles.css
www.intezer.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
999 B 23ms
15ms Stylesheet
text/css 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Jan 2019 08:50:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "695-580bd1f23d197-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 651

GET
H/1.1 200
OK style.css
www.intezer.com/wp-content/plugins/cf7-conditional-fields/ 164 B
503 B 39ms
15ms Stylesheet
text/css 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/plugins/cf7-conditional-fields/style.css?ver=1.4.1

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

9f17cf26a55985023264156466226988cd6ddaf467252499809f7a260c69ac0e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Jan 2019 11:27:50 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a4-580bf510fafb7-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 156

GET
H/1.1 200
OK bootstrap.css
www.intezer.com/wp-content/themes/intezer-v2/css/ 187 KB
22 KB 68ms
29ms Stylesheet
text/css 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/css/bootstrap.css?ver=4.9.10

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

c40a0cdd5ab5dcc4da78066f70839808bb4ee8fb2f3360dec64fde438770b099

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 06:15:00 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2ed15-568d7827c6100-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 22402

GET
H/1.1 200
OK font-awesome.min.css
www.intezer.com/wp-content/themes/intezer-v2/css/ 30 KB
7 KB 95ms
25ms Stylesheet
text/css 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/css/font-awesome.min.css?ver=4.9.10

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 06:15:00 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "7918-568d7827c6100-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7053

GET
H/1.1 200
OK style.css
www.intezer.com/wp-content/themes/intezer-v2/ 123 KB
21 KB 110ms
39ms Stylesheet
text/css 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/style.css?ver=1559599532

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

d65871bdadc4044d6a5c618d75a0bae0d2385089e91ab7d3d70d66eb6ab4234c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Apr 2019 10:08:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1edab-58743e28072b7-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 21046

GET
H/1.1 200
OK app.css
www.intezer.com/wp-content/plugins/simple-lightbox/client/css/ 232 B
461 B 93ms
22ms Stylesheet
text/css 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.7.0

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

570a4964629f982285ef5282d47767738b4ef2f75cb8bad8ccfc206683ee1d0d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Content-Encoding: gzip
Last-Modified: Sat, 15 Dec 2018 18:42:57 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "e8-57d13ea953bf7-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 113

GET
H/1.1 200
OK addtoany.min.css
www.intezer.com/wp-content/plugins/add-to-any/ 1 KB
811 B 89ms
18ms Stylesheet
text/css 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

a94558535ca72995a47883885d6fdfdee113dcbb8e937e88196f25cb181c72b2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Apr 2019 09:30:27 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "5b7-58588c9981b77-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 462

GET
H/1.1 200
OK jquery-3.2.1.min.js Show response
www.intezer.com/wp-content/themes/intezer-v2/js/ 85 KB
30 KB 112ms
41ms Script
application/javascript 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/js/jquery-3.2.1.min.js?ver=4.9.10

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 06:15:00 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "15283-568d7827c6100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 30138

GET
H/1.1 200
OK addtoany.min.js Show response
www.intezer.com/wp-content/plugins/add-to-any/ 129 B
487 B 98ms
15ms Script
application/javascript 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Apr 2019 09:30:27 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "81-58588c997ec97-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 126

GET
H/1.1 200
OK search-ico.png
www.intezer.com/wp-content/themes/intezer-v2/images/ 507 B
804 B 15ms
15ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/images/search-ico.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

452d513b1ef9c6cb1afbe50a84b02c065daf5f3f459c556fbbbd6daa7fe15bbc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Mon, 02 Apr 2018 06:15:00 GMT
Server: Apache
ETag: "1fb-568d7827c6100"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 507

GET
H/1.1 200
OK logo.png
www.intezer.com/wp-content/uploads/2017/07/ 2 KB
2 KB 16ms
15ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/uploads/2017/07/logo.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

9c34e5932894ad07481094fafa8fdea528094f589cb53bc13fbc5f45cf24a9ff

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Wed, 26 Jul 2017 11:29:08 GMT
Server: Apache
ETag: "6bb-55536c1a3c32f"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1723

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 59 KB
21 KB 57ms
53ms Script
application/javascript 2a00:1450:4001:81f::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TX79DHS

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

e1ec5764822301872f720b77be27439a7eb119ac6d2a7b03c917f73e3e7d3b98

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 22:24:35 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 21200
x-xss-protection: 0
expires: Mon, 03 Jun 2019 22:24:35 GMT

GET
H/1.1 200
OK chess-2730034_960_720-960x475.jpg
www.intezer.com/wp-content/uploads/2019/05/ 42 KB
42 KB 26ms
23ms Image
image/jpeg 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/uploads/2019/05/chess-2730034_960_720-960x475.jpg

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

de2d97842c12a08a1916e1f31bc112123609ecad85eb38240728fcc969b47e01

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Thu, 09 May 2019 13:43:03 GMT
Server: Apache
ETag: "a64e-58874a1174fb7"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 42574

GET
H/1.1 200
OK facebook.png
www.intezer.com/wp-content/themes/intezer-v2/images/social/ 510 B
807 B 23ms
19ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/images/social/facebook.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

65a52f6e516f0c632596218b193336646905690934acda722c840c621d7e56d4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Mon, 02 Apr 2018 06:15:00 GMT
Server: Apache
ETag: "1fe-568d7827c6100"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 510

GET
H/1.1 200
OK twitter.png
www.intezer.com/wp-content/themes/intezer-v2/images/social/ 428 B
725 B 21ms
21ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/images/social/twitter.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

161dab58676b279f43addcbc3f800ac11276f20f15866ba7f7b5c60bc01b065b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Mon, 02 Apr 2018 06:15:00 GMT
Server: Apache
ETag: "1ac-568d7827c6100"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 428

GET
H/1.1 200
OK linkedin.png
www.intezer.com/wp-content/themes/intezer-v2/images/social/ 576 B
873 B 16ms
15ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/images/social/linkedin.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

534708b43bc02cb8910f2c21a92047c6590f02ff62fee2f2b328fbb3839e7e6b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Mon, 02 Apr 2018 06:15:00 GMT
Server: Apache
ETag: "240-568d7827c6100"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 576

GET
H/1.1 200
OK Screen-Shot-2019-05-09-at-11.22.42-AM.png
www.intezer.com/wp-content/uploads/2019/05/ 425 KB
426 KB 17ms
16ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/uploads/2019/05/Screen-Shot-2019-05-09-at-11.22.42-AM.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

6b99a864ac2ef80cb95cb43b7df0196e8837ccbb6abe9f168bc429a1cf47bb60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Thu, 09 May 2019 15:05:40 GMT
Server: Apache
ETag: "6a5db-58875c88b4c37"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 435675

GET
H/1.1 200
OK Screen-Shot-2019-05-09-at-11.13.48-AM.png
www.intezer.com/wp-content/uploads/2019/05/ 74 KB
74 KB 16ms
16ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/uploads/2019/05/Screen-Shot-2019-05-09-at-11.13.48-AM.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

f3772f3817e8ebf1b37ec026e21a7551670aad19dd4b34f7b1660a1d44e788f1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Thu, 09 May 2019 14:56:42 GMT
Server: Apache
ETag: "127fd-58875a8735af7"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 75773

GET
H/1.1 200
OK Screen-Shot-2019-05-09-at-11.19.16-AM.png
www.intezer.com/wp-content/uploads/2019/05/ 122 KB
122 KB 17ms
15ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/uploads/2019/05/Screen-Shot-2019-05-09-at-11.19.16-AM.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

63fbb5dc09c9952428e590dc16fa329e108b4d73ee4e2f384ac2056764b08030

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Thu, 09 May 2019 15:02:18 GMT
Server: Apache
ETag: "1e85d-58875bc7fdcd7"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 125021

GET
H/1.1 200
OK Screen-Shot-2019-05-09-at-11.24.51-AM.png
www.intezer.com/wp-content/uploads/2019/05/ 39 KB
39 KB 17ms
15ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/uploads/2019/05/Screen-Shot-2019-05-09-at-11.24.51-AM.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

cac4692b542fc5889d75e28e224bb32f19b950de4f9bff65957d8ac9d950cc1f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Thu, 09 May 2019 15:11:42 GMT
Server: Apache
ETag: "9a61-58875de1ab4f7"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 39521

GET
H/1.1 200
OK Screen-Shot-2019-05-09-at-11.25.03-AM.png
www.intezer.com/wp-content/uploads/2019/05/ 80 KB
80 KB 17ms
16ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/uploads/2019/05/Screen-Shot-2019-05-09-at-11.25.03-AM.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

b8afc445eb4f92feb1c5f82a276d3af530add32580dbacaa680ace6ec1242597

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Thu, 09 May 2019 15:14:26 GMT
Server: Apache
ETag: "13e3a-58875e7e5c977"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 81466

GET
H/1.1 200
OK Screen-Shot-2019-05-09-at-11.33.33-AM-1024x482.png
www.intezer.com/wp-content/uploads/2019/05/ 371 KB
371 KB 17ms
16ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/uploads/2019/05/Screen-Shot-2019-05-09-at-11.33.33-AM-1024x482.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

8750f6b8f2666990efa3048e2f8e07a2f455b2b4880ea2b9dab1515c87325b14

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Thu, 09 May 2019 15:16:21 GMT
Server: Apache
ETag: "5caa5-58875eebb8af7"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 379557

GET
H/1.1 200
OK Screen-Shot-2019-05-09-at-11.25.49-AM.png
www.intezer.com/wp-content/uploads/2019/05/ 89 KB
89 KB 17ms
16ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/uploads/2019/05/Screen-Shot-2019-05-09-at-11.25.49-AM.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

ad6380694828771732547d84e4db61445b050e99f94295b981baf1319219b263

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Thu, 09 May 2019 15:18:16 GMT
Server: Apache
ETag: "163f3-58875f596cab7"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 91123

GET
H/1.1 200
OK Screen-Shot-2019-05-09-at-11.26.11-AM.png
www.intezer.com/wp-content/uploads/2019/05/ 130 KB
131 KB 17ms
16ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/uploads/2019/05/Screen-Shot-2019-05-09-at-11.26.11-AM.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

296896f3eef0e70b18e1cb66462d2cd6845b77617187b3c64e9584d30ec9c9db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Thu, 09 May 2019 15:19:27 GMT
Server: Apache
ETag: "20917-58875f9cf1d37"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 133399

GET
H/1.1 200
OK Screen-Shot-2019-05-09-at-11.26.24-AM.png
www.intezer.com/wp-content/uploads/2019/05/ 150 KB
150 KB 19ms
17ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/uploads/2019/05/Screen-Shot-2019-05-09-at-11.26.24-AM.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

42d8dd637938367579ce936df334ff5857b62c58e5d1713a14722b16233a0ad6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Thu, 09 May 2019 15:20:54 GMT
Server: Apache
ETag: "25856-58875fefbe1d7"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 153686

GET
H/1.1 200
OK Screen-Shot-2019-05-09-at-11.26.37-AM.png
www.intezer.com/wp-content/uploads/2019/05/ 140 KB
140 KB 19ms
18ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/uploads/2019/05/Screen-Shot-2019-05-09-at-11.26.37-AM.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

f9f59f81ab10e1d0236f0c81c59c05e76eb79f04b722559ba4aa7cf2684f8018

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Thu, 09 May 2019 15:21:57 GMT
Server: Apache
ETag: "22fe8-5887602c7ce57"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 143336

GET
H/1.1 200
OK Screen-Shot-2019-05-09-at-11.26.48-AM.png
www.intezer.com/wp-content/uploads/2019/05/ 222 KB
223 KB 20ms
18ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/uploads/2019/05/Screen-Shot-2019-05-09-at-11.26.48-AM.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

dab0b354da78a8aba670d58e6484ba4eb31bdd2dd76e06efef32e991062f91b4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Thu, 09 May 2019 15:22:47 GMT
Server: Apache
ETag: "379d4-5887605c2de17"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 227796

GET
H/1.1 200
OK Screen-Shot-2019-05-09-at-11.27.02-AM.png
www.intezer.com/wp-content/uploads/2019/05/ 159 KB
159 KB 18ms
17ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/uploads/2019/05/Screen-Shot-2019-05-09-at-11.27.02-AM.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

8199d7b0010918b2ee1d1beb58a25d895474de7807639cd9da688ade50394498

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Thu, 09 May 2019 15:23:38 GMT
Server: Apache
ETag: "27aa3-5887608c763b7"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 162467

GET
H/1.1 200
OK Screen-Shot-2019-05-09-at-11.27.21-AM.png
www.intezer.com/wp-content/uploads/2019/05/ 73 KB
73 KB 16ms
15ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/uploads/2019/05/Screen-Shot-2019-05-09-at-11.27.21-AM.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

0cdd3ca4479c39d36ed01073c77695920fdece801d10da701e47d59f8c1c8fc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Thu, 09 May 2019 15:24:21 GMT
Server: Apache
ETag: "123d7-588760b5f2597"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 74711

GET
H/1.1 200
OK chess-2730034_960_720-65x65.jpg
www.intezer.com/wp-content/uploads/2019/05/ 2 KB
2 KB 17ms
17ms Image
image/jpeg 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/uploads/2019/05/chess-2730034_960_720-65x65.jpg

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

1bb334d1bb1e2942438198efcc2afa71970301a40cbf63b8305ea400fd95127a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Thu, 09 May 2019 13:43:03 GMT
Server: Apache
ETag: "683-58874a117ccb7"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1667

GET
H/1.1 200
OK shutterstock_116599765-65x65.jpg
www.intezer.com/wp-content/uploads/2019/05/ 3 KB
3 KB 17ms
17ms Image
image/jpeg 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/uploads/2019/05/shutterstock_116599765-65x65.jpg

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

4fe88b624d3221a1009b92f21e5ee2944454e05a777a87b94ec11c7fa61e659d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Thu, 23 May 2019 18:39:03 GMT
Server: Apache
ETag: "b63-5899265733457"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2915

GET
H/1.1 200
OK logo-footer.png
www.intezer.com/wp-content/themes/intezer-v2/images/ 4 KB
4 KB 18ms
15ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/images/logo-footer.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

e61f27d2a303886ba4466f8d59679d28b463fa30e903f7825b720f00f4c51b00

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Mon, 02 Apr 2018 06:15:00 GMT
Server: Apache
ETag: "e46-568d7827c6100"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 3654

GET
H/1.1 200
OK Tracker.js Show response
web.mxradon.com/t/ 11 KB
3 KB 673ms
158ms Script
application/javascript 52.77.15.192
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://web.mxradon.com/t/Tracker.js
Requested by: Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.15.192 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-77-15-192.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e0a11c37993e7e3b3a9ae20ae787493a61727399209fb0d61f83865ad4bd86af

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:24:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 May 2019 01:57:05 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "80ee6854f89d51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3165

GET
H/1.1 200
OK scripts.js Show response
www.intezer.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 17ms
16ms Script
application/javascript 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Jan 2019 08:50:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "3868-580bd1f23d197-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3993

GET
H/1.1 200
OK tether.min.js Show response
www.intezer.com/wp-content/themes/intezer-v2/js/ 24 KB
8 KB 18ms
17ms Script
application/javascript 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/js/tether.min.js?ver=4.9.10

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 06:15:00 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "619d-568d7827c6100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7519

GET
H/1.1 200
OK bootstrap.min.js Show response
www.intezer.com/wp-content/themes/intezer-v2/js/ 46 KB
12 KB 27ms
23ms Script
application/javascript 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/js/bootstrap.min.js?ver=4.9.10

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 06:15:00 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "b63d-568d7827c6100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 12031

GET
H/1.1 200
OK main.js Show response
www.intezer.com/wp-content/themes/intezer-v2/js/ 8 KB
3 KB 26ms
22ms Script
application/javascript 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/js/main.js?ver=4.9.10

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

c9e11177a2e1adfe9a85400d30eab10132cf967f7a723c8e96cc5a242bdef82b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 May 2019 19:35:01 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1e88-5883d3246ec37-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2202

GET
H/1.1 200
OK scripts.js Show response
www.intezer.com/wp-content/plugins/cf7-conditional-fields/js/ 18 KB
4 KB 24ms
21ms Script
application/javascript 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=1.4.1

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

51440076db17da8561165834c49d160ea7cead58a7abe456befc64350a915ba8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Jan 2019 11:27:50 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "46a7-580bf510fafb7-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3396

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 24 KB
9 KB 20ms
16ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1448d19eebf777a4b07f5f9a70629878cf9fd04c305247d95103da42cdd502bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 22:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 9306
x-xss-protection: 0
server: cafe
etag: 11690690496941220196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Jun 2019 22:24:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 3120
date: Mon, 03 Jun 2019 21:32:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Mon, 03 Jun 2019 23:32:35 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 54 KB
16 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

76ea9ffb498d4afa3e7499fe8663594985fbe902bab9d01db87e94e976738b4f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 16245
x-xss-protection: 0
pragma: public
x-fb-debug: OqpvEc3v+j+ZVlxwJja7HBgqcxgESROBwLkUznlfOjqYnHz/YhCRUuYCs16nzJHCcCDiaVh/ZgMLtovZwRZmAw==
date: Mon, 03 Jun 2019 22:24:35 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.intezer.com/wp-includes/js/ 12 KB
5 KB 18ms
17ms Script
application/javascript 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.10

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Aug 2018 00:37:19 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2efa-5727d216062f7-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 4382

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 79 KB
26 KB 17ms
16ms Script
application/javascript 2606:4700:10::6814:6e27
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:6e27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc71dde0fa1f3434b18e014866b9484f577bc34c8ea80155e0039fe041419fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 22:24:35 GMT
via: e5s
x-content-type-options: nosniff
cf-cache-status: HIT
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
last-modified: Wed, 22 May 2019 06:26:38 GMT
server: cloudflare
etag: W/"13c2c-589740c42abc9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-ray: 4e15140069972736-FRA
expires: Wed, 05 Jun 2019 22:24:35 GMT

GET
H/1.1 200
OK search-ico-black.png
www.intezer.com/wp-content/themes/intezer-v2/images/ 508 B
805 B 24ms
16ms Image
image/png 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/images/search-ico-black.png

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

993b54391ed7524e6f321326d0f7bd2ed8f92bcf4e08bb1efc988ca16546807c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/wp-content/themes/intezer-v2/style.css?ver=1559599532
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Mon, 02 Apr 2018 06:15:00 GMT
Server: Apache
ETag: "1fc-568d7827c6100"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 508

GET
H/1.1 200
OK blog-top.jpg
www.intezer.com/wp-content/themes/intezer-v2/images/ 37 KB
37 KB 24ms
16ms Image
image/jpeg 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/images/blog-top.jpg

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

a996a7e714479ac60287f7456d7f409f634c64aaf9e063c00ca241100d82e721

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.intezer.com/wp-content/themes/intezer-v2/style.css?ver=1559599532
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Mon, 02 Apr 2018 06:15:00 GMT
Server: Apache
ETag: "9307-568d7827c6100"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 37639

GET
H/1.1 200
OK museo-300-webfont.woff
www.intezer.com/wp-content/themes/intezer-v2/fonts/ 54 KB
54 KB 26ms
15ms Font
application/x-font-woff 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/fonts/museo-300-webfont.woff

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

c38df4a2300e1acd22e8547908f1c0815e4232522aed59fd2d45942480b56f4c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.intezer.com/wp-content/themes/intezer-v2/style.css?ver=1559599532
Origin: https://www.intezer.com

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Mon, 02 Apr 2018 06:15:00 GMT
Server: Apache
ETag: "d894-568d7827c6100"
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 55444

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Origin: https://www.intezer.com

Response headers

date: Sun, 02 Jun 2019 16:34:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:10:29 GMT
server: sffe
age: 107385
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Mon, 01 Jun 2020 16:34:50 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.intezer.com/wp-content/themes/intezer-v2/fonts/ 75 KB
76 KB 27ms
15ms Font
application/octet-stream 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.intezer.com/wp-content/themes/intezer-v2/css/font-awesome.min.css?ver=4.9.10
Origin: https://www.intezer.com

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Mon, 02 Apr 2018 06:15:00 GMT
Server: Apache
ETag: "12d68-568d7827c6100"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 77160

GET
H/1.1 200
OK museo-700-webfont.woff
www.intezer.com/wp-content/themes/intezer-v2/fonts/ 52 KB
52 KB 27ms
16ms Font
application/x-font-woff 52.166.220.150
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intezer.com/wp-content/themes/intezer-v2/fonts/museo-700-webfont.woff

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.220.150 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

6bebe6bf7abf43624ab1ed62cabc6a1e1d9d5f1cea38042e516439b5391c1621

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.intezer.com/wp-content/themes/intezer-v2/style.css?ver=1559599532
Origin: https://www.intezer.com

Response headers

Date: Mon, 03 Jun 2019 22:05:33 GMT
Last-Modified: Mon, 02 Apr 2018 06:15:00 GMT
Server: Apache
ETag: "d080-568d7827c6100"
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 53376

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Origin: https://www.intezer.com

Response headers

date: Mon, 03 Jun 2019 18:58:10 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:11:28 GMT
server: sffe
age: 12385
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9016
x-xss-protection: 0
expires: Tue, 02 Jun 2020 18:58:10 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Origin: https://www.intezer.com

Response headers

date: Mon, 03 Jun 2019 19:19:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:11:39 GMT
server: sffe
age: 11092
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9180
x-xss-protection: 0
expires: Tue, 02 Jun 2020 19:19:43 GMT

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v16/ 10 KB
10 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Origin: https://www.intezer.com

Response headers

date: Fri, 31 May 2019 04:41:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:11:49 GMT
server: sffe
age: 323009
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9728
x-xss-protection: 0
expires: Sat, 30 May 2020 04:41:06 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Origin: https://www.intezer.com

Response headers

date: Sun, 02 Jun 2019 12:26:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:12:28 GMT
server: sffe
age: 122267
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Mon, 01 Jun 2020 12:26:48 GMT

GET
H2 200 128260767783916 Show response
connect.facebook.net/signals/config/ 228 KB
61 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/128260767783916?v=2.8.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

7172cf395cc07326cfa91e051dd3e0cadc0f696270f207112ae6d3e699622a75

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp/reporting/
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 61414
x-xss-protection: 0
pragma: public
x-fb-debug: LvjFtCcBJyju4eLeyH3k7oZC2GywfjguD9J+YXsel12pMOLYkn/2u3IoU5m7sigkFM9Kb3gFUi3XEW6s6icHQw==
date: Mon, 03 Jun 2019 22:24:35 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp/reporting/
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
109 B 14ms
14ms Image
image/gif 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1679767554&t=pageview&_s=1&dl=https%3A%2F%2Fwww.intezer.com%2Fblog-technical-analysis-cryptocurrency-mining-war-on-the-cloud%2F&ul=en-us&de=UTF-8&dt=Intezer%20-%20Technical%20Analysis%3A%20Pacha%20Group%20Competing%20against%20Rocke%20Group%20for%20Cryptocurrency%20Mining%20Foothold%20on%20the%20Cloud&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1791809417&gjid=1051031904&cid=566514029.1559600676&tid=UA-97741055-1&_gid=1148824592.1559600676&_r=1&z=604432731

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jun 2019 22:24:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sm.21.html
static.addtoany.com/menu/ Frame 33AE 0
0 12ms
12ms Document
text/html 2606:4700:10::6814:6e27
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.21.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:6e27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: static.addtoany.com
:scheme: https
:path: /menu/sm.21.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
accept-encoding: gzip, deflate, br
cookie: __cfduid=dc166d7c5d5ae47b546994bf7274a928f1559600675
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Response headers

status: 200
date: Mon, 03 Jun 2019 22:24:36 GMT
content-type: text/html; charset=utf-8
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
cache-control: public, max-age=315360000
vary: Accept-Encoding
via: e5s
cf-cache-status: HIT
expires: Thu, 31 May 2029 22:24:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4e1514015a102736-FRA
content-encoding: br

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 19ms
15ms Script
application/javascript 2606:4700:10::6814:6e27
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:6e27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 22:24:36 GMT
via: e5s
x-content-type-options: nosniff
cf-cache-status: HIT
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=315360000
cf-ray: 4e1514017a252736-FRA
expires: Thu, 31 May 2029 22:24:36 GMT

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 15 KB
5 KB 10ms
8ms Script
application/x-javascript 2a02:26f0:6c00:293::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX79DHS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:293::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:24:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Dec 2018 23:03:30 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=30656
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4571

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 15ms
14ms Script
application/javascript 151.101.36.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX79DHS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.36.157 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 22:24:36 GMT
content-encoding: gzip
age: 25269
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-ams21029-AMS
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1559600676.089869,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
936 B 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: 91SDuJBy5dmDVzFaAcVMfmY631Ki2v5wWQzF+v4jhxidt/vNQkBeos9FlF1bDZx7ytF+WAZtdcQ9rkoV5i6qvQ==
date: Mon, 03 Jun 2019 22:24:36 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
170 B 140ms
139ms Image
image/gif 104.244.42.5
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nzh93&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 22:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 119
pragma: no-cache
last-modified: Mon, 03 Jun 2019 22:24:36 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 378072a78d267ae54cf63cb5cbde6025
x-transaction: 00f3816e00abc836
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
250 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=128260767783916&ev=PageView&dl=https%3A%2F%2Fwww.intezer.com%2Fblog-technical-analysis-cryptocurrency-mining-war-on-the-cloud%2F&rl=&if=false&ts=1559600676137&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1559600676136.689957240&it=1559600675948&coo=false&rqm=GET

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 22:24:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 03 Jun 2019 22:24:36 GMT

GET
H/1.1 200
OK WebTracker.aspx Show response
web.mxradon.com/t/ 317 B
831 B 394ms
393ms Script
text/html 52.77.15.192
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://web.mxradon.com/t/WebTracker.aspx?p1=21155&p2=Intezer%20-%20Technical%20Analysis%3A%20Pacha%20Group%20Competing%20against%20Rocke%20Group%20for%20Cryptocurrency%20Mining%20Foothold%20on%20the%20Cloud&p3=-1&p4=&p5=1&p6=&p7=&p8=
Requested by: Host: web.mxradon.com
URL: https://web.mxradon.com/t/Tracker.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.15.192 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-77-15-192.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ceb3f22d2636e2442a18d861feaa39802be4cb3d3925fae1b93266c10e3a3abf

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:24:36 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Content-Length: 327

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 31ms
5ms Script
text/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/wp-content/themes/intezer-v2/js/main.js?ver=4.9.10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 606
date: Mon, 03 Jun 2019 22:14:30 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17168
expires: Tue, 04 Jun 2019 00:14:30 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 15 KB
5 KB 45ms
6ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 22:24:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Dec 2018 23:03:30 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=27336
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4571

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/842858921/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842858921/?random=1559600676535&cv=9&fst=1559600676535&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.intezer.com%2Fblog-technical-analysis-cryptocurrency-mining-war-on-the-cloud%2F&tiba=Intezer%20-%20Technical%20Analysis%3A%20Pacha%20Group%20Competing%20against%20Rocke%20Group%20for%20Cryptocurrency%20Mining%20Foothold%20on%20the%20Cloud&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

6d19a92054f97e76271f95ef035aa73f87f3294a94013765451958ecf666aafd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jun 2019 22:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1035
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
px.ads.linkedin.com/collect/
Redirect Chain

https://px.ads.linkedin.com/collect/?time=1559600676545&pid=67980%2C67980&url=https%3A%2F%2Fwww.intezer.com%2Fblog-technical-analysis-cryptocurrency-mining-war-on-the-cloud%2F&fmt=js&s=1
https://px.ads.linkedin.com/collect/?time=1559600676545&pid=67980%2C67980&url=https%3A%2F%2Fwww.intezer.com%2Fblog-technical-analysis-cryptocurrency-mining-war-on-the-cloud%2F&fmt=js&s=1&cookiesTes...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1559600676545%26pid%3D67980%252C67980%26url%3Dhttps%253A%252F%252Fwww.intezer.com%252Fblog-techn...
https://px.ads.linkedin.com/collect/?time=1559600676545&pid=67980%2C67980&url=https%3A%2F%2Fwww.intezer.com%2Fblog-technical-analysis-cryptocurrency-mining-war-on-the-cloud%2F&fmt=js&s=1&cookiesTes...

0
110 B

112ms
112ms

Script
application/javascript

2a05:f500:10:101::b93f:9105
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/collect/?time=1559600676545&pid=67980%2C67980&url=https%3A%2F%2Fwww.intezer.com%2Fblog-technical-analysis-cryptocurrency-mining-war-on-the-cloud%2F&fmt=js&s=1&cookiesTest=true&liSync=true
Requested by: Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 22:24:37 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 20
x-li-uuid: 2lwvf43QpBXAAAwuKCsAAA==

Redirect headers

date: Mon, 03 Jun 2019 22:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
x-li-pop: prod-edc2
content-length: 20
x-li-uuid: gEg+e43QpBVg4y/LVSsAAA==
pragma: no-cache
server: Play
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect/?time=1559600676545&pid=67980%2C67980&url=https%3A%2F%2Fwww.intezer.com%2Fblog-technical-analysis-cryptocurrency-mining-war-on-the-cloud%2F&fmt=js&s=1&cookiesTest=true&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
266 B 140ms
139ms Script
application/javascript 104.244.42.3
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nzh93&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.intezer.com%2Fblog-technical-analysis-cryptocurrency-mining-war-on-the-cloud%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 22:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 116
pragma: no-cache
last-modified: Mon, 03 Jun 2019 22:24:36 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: ee6cefe05bf49e0431fc26a90a2f17e2
x-transaction: 00c4259c004de9c5
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/842858921/ 42 B
118 B 22ms
21ms Image
image/gif 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/842858921/?random=1559600676535&cv=9&fst=1559599200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.intezer.com%2Fblog-technical-analysis-cryptocurrency-mining-war-on-the-cloud%2F&tiba=Intezer%20-%20Technical%20Analysis%3A%20Pacha%20Group%20Competing%20against%20Rocke%20Group%20for%20Cryptocurrency%20Mining%20Foothold%20on%20the%20Cloud&fmt=3&cdct=2&is_vtc=1&random=3930014952&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jun 2019 22:24:36 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/842858921/ 42 B
109 B 23ms
22ms Image
image/gif 2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/842858921/?random=1559600676535&cv=9&fst=1559599200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.intezer.com%2Fblog-technical-analysis-cryptocurrency-mining-war-on-the-cloud%2F&tiba=Intezer%20-%20Technical%20Analysis%3A%20Pacha%20Group%20Competing%20against%20Rocke%20Group%20for%20Cryptocurrency%20Mining%20Foothold%20on%20the%20Cloud&fmt=3&cdct=2&is_vtc=1&random=3930014952&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.intezer.com
URL: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jun 2019 22:24:36 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame 871B 0
0 7ms
6ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 2159
pragma: no-cache
cache-control: no-cache
origin: https://www.intezer.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/
accept-encoding: gzip, deflate, br
cookie: fr=0a3QjydDieGfOZtSR..Bc9Z4k...1.0.Bc9Z4k.
Origin: https://www.intezer.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://www.intezer.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen-bolt
date: Mon, 03 Jun 2019 22:24:36 GMT

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.addtoany.com/	1970-01-19 01:14:47	Name: uvc Value: 1
.addtoany.com/	1970-01-19 09:58:56	Name: __cfduid Value: dc166d7c5d5ae47b546994bf7274a928f1559600675
.intezer.com/	1970-01-19 03:22:56	Name: _fbp Value: fb.1.1559600676136.689957240
.intezer.com/	1970-01-19 01:13:20	Name: _gat Value: 1
.intezer.com/	1970-01-19 01:14:47	Name: _gid Value: GA1.2.1148824592.1559600676
.intezer.com/	1970-01-19 18:44:32	Name: _ga Value: GA1.2.566514029.1559600676
.intezer.com/	1970-01-19 18:45:59	Name: ORG21155 Value: e76cedeb-55fd-4576-8041-3e2ba03e2215
www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud	1969-12-31 23:59:59	Name: Value: MXCookie

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 25) Message: [Facebook Pixel] - Duplicate Pixel ID: 128260767783916.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
px.ads.linkedin.com
sjs.bizographics.com
snap.licdn.com
ssl.google-analytics.com
static.addtoany.com
static.ads-twitter.com
t.co
web.mxradon.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.intezer.com
www.linkedin.com
104.244.42.3
104.244.42.5
151.101.36.157
172.217.16.194
2606:4700:10::6814:6e27
2620:109:c002::6cae:a0a
2a00:1450:4001:808::2003
2a00:1450:4001:814::200e
2a00:1450:4001:819::200a
2a00:1450:4001:81a::2008
2a00:1450:4001:81d::2004
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2008
2a00:1450:4001:824::2002
2a02:26f0:6c00:28c::25ea
2a02:26f0:6c00:293::3adf
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
52.166.220.150
52.77.15.192
0cdd3ca4479c39d36ed01073c77695920fdece801d10da701e47d59f8c1c8fc8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1448d19eebf777a4b07f5f9a70629878cf9fd04c305247d95103da42cdd502bc
161dab58676b279f43addcbc3f800ac11276f20f15866ba7f7b5c60bc01b065b
1bb334d1bb1e2942438198efcc2afa71970301a40cbf63b8305ea400fd95127a
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
296896f3eef0e70b18e1cb66462d2cd6845b77617187b3c64e9584d30ec9c9db
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
42d8dd637938367579ce936df334ff5857b62c58e5d1713a14722b16233a0ad6
452d513b1ef9c6cb1afbe50a84b02c065daf5f3f459c556fbbbd6daa7fe15bbc
4fe88b624d3221a1009b92f21e5ee2944454e05a777a87b94ec11c7fa61e659d
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51440076db17da8561165834c49d160ea7cead58a7abe456befc64350a915ba8
534708b43bc02cb8910f2c21a92047c6590f02ff62fee2f2b328fbb3839e7e6b
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
570a4964629f982285ef5282d47767738b4ef2f75cb8bad8ccfc206683ee1d0d
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
63fbb5dc09c9952428e590dc16fa329e108b4d73ee4e2f384ac2056764b08030
65a52f6e516f0c632596218b193336646905690934acda722c840c621d7e56d4
6b99a864ac2ef80cb95cb43b7df0196e8837ccbb6abe9f168bc429a1cf47bb60
6bebe6bf7abf43624ab1ed62cabc6a1e1d9d5f1cea38042e516439b5391c1621
6d19a92054f97e76271f95ef035aa73f87f3294a94013765451958ecf666aafd
7172cf395cc07326cfa91e051dd3e0cadc0f696270f207112ae6d3e699622a75
76ea9ffb498d4afa3e7499fe8663594985fbe902bab9d01db87e94e976738b4f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
8199d7b0010918b2ee1d1beb58a25d895474de7807639cd9da688ade50394498
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8750f6b8f2666990efa3048e2f8e07a2f455b2b4880ea2b9dab1515c87325b14
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
993b54391ed7524e6f321326d0f7bd2ed8f92bcf4e08bb1efc988ca16546807c
9c34e5932894ad07481094fafa8fdea528094f589cb53bc13fbc5f45cf24a9ff
9eec546112f0148b34ad110b00ce98834a150551c6ff7330cba4d8994327aeec
9f17cf26a55985023264156466226988cd6ddaf467252499809f7a260c69ac0e
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a94558535ca72995a47883885d6fdfdee113dcbb8e937e88196f25cb181c72b2
a996a7e714479ac60287f7456d7f409f634c64aaf9e063c00ca241100d82e721
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad6380694828771732547d84e4db61445b050e99f94295b981baf1319219b263
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b8afc445eb4f92feb1c5f82a276d3af530add32580dbacaa680ace6ec1242597
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
c38df4a2300e1acd22e8547908f1c0815e4232522aed59fd2d45942480b56f4c
c40a0cdd5ab5dcc4da78066f70839808bb4ee8fb2f3360dec64fde438770b099
c9e11177a2e1adfe9a85400d30eab10132cf967f7a723c8e96cc5a242bdef82b
cac4692b542fc5889d75e28e224bb32f19b950de4f9bff65957d8ac9d950cc1f
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
ce2dc45c0adef73039fafb13f6147ac6d4e9c27f5e2839126500fa3eef483c34
ceb3f22d2636e2442a18d861feaa39802be4cb3d3925fae1b93266c10e3a3abf
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d65871bdadc4044d6a5c618d75a0bae0d2385089e91ab7d3d70d66eb6ab4234c
dab0b354da78a8aba670d58e6484ba4eb31bdd2dd76e06efef32e991062f91b4
de2d97842c12a08a1916e1f31bc112123609ecad85eb38240728fcc969b47e01
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0a11c37993e7e3b3a9ae20ae787493a61727399209fb0d61f83865ad4bd86af
e1ec5764822301872f720b77be27439a7eb119ac6d2a7b03c917f73e3e7d3b98
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61f27d2a303886ba4466f8d59679d28b463fa30e903f7825b720f00f4c51b00
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3772f3817e8ebf1b37ec026e21a7551670aad19dd4b34f7b1660a1d44e788f1
f9f59f81ab10e1d0236f0c81c59c05e76eb79f04b722559ba4aa7cf2684f8018
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9
fc71dde0fa1f3434b18e014866b9484f577bc34c8ea80155e0039fe041419fa6
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

www.intezer.com Open in urlscan Pro 52.166.220.150 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

100 %HTTPS

71 %IPv6

19 Domains

21 Subdomains

21 IPs

6 Countries

2755 kBTransfer

3694 kBSize

8 Cookies

17 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.intezer.com Open in urlscan Pro
52.166.220.150 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

100 %
HTTPS

71 %
IPv6

19
Domains

21
Subdomains

21
IPs

6
Countries

2755 kB
Transfer

3694 kB
Size

8
Cookies

73 HTTP transactions
1 data transactions