www.avira.com Open in urlscan Pro
2a02:26f0:480:f::213:7ed2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Submission: On October 07 via api (October 7th 2024, 12:52:34 pm UTC) from IN — Scanned from DE

Summary HTTP 53 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 53 HTTP transactions. The main IP is 2a02:26f0:480:f::213:7ed2, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.avira.com. The Cisco Umbrella rank of the primary domain is 709629.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 7th 2024. Valid for: a year.

This is the only time www.avira.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a02:26f0:480... 2a02:26f0:480:f::213:7ed2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
22	2a02:26f0:480... 2a02:26f0:480:f::213:7ece	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:350... 2a02:26f0:3500:12::1730:17a4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:310... 2a02:26f0:3100:782::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:350... 2a02:26f0:3500:18::1724:a29d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:710... 2a02:26f0:7100:594::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:480... 2a02:26f0:480:594::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2.16.168.11 2.16.168.11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
53	13

4 2a02:26f0:480:f::213:7ed2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.avira.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:26f0:480:f::213:7ece (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.webassetscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:12::1730:17a4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

prod-blog.avira.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100:782::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
02179915.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:18::1724:a29d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:594::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:594::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.168.11 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-168-11.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kfpqkkacccuawzyd3gga-pfcdj0-b5e1ea1f8-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fiaqjiaafmaaakqce3ydkaaacztqhwmm-pfcdj0-c8c3c305e-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	webassetscdn.com www.webassetscdn.com — Cisco Umbrella Rank: 940765	1 MB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	153 KB
8	avira.com www.avira.com — Cisco Umbrella Rank: 709629 prod-blog.avira.com	159 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2923 kfpqkkacccuawzyd3gga-pfcdj0-b5e1ea1f8-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2926 fiaqjiaafmaaakqce3ydkaaacztqhwmm-pfcdj0-c8c3c305e-clienttons-s.akamaihd.net	1 KB
3	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4618 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5320	35 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	288 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1607 c.go-mpulse.net — Cisco Umbrella Rank: 772	37 KB
1	akstat.io 02179915.akstat.io — Cisco Umbrella Rank: 100196	225 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 498	315 B
53	9

	Domain	Requested by
22	www.webassetscdn.com	www.avira.com prod-blog.avira.com
11	cdn.cookielaw.org	www.avira.com cdn.cookielaw.org
4	prod-blog.avira.com	www.avira.com
4	www.avira.com	www.avira.com
3	www.googletagmanager.com	www.avira.com www.googletagmanager.com
2	consent.cookiebot.com	www.googletagmanager.com consent.cookiebot.com
1	fiaqjiaafmaaakqce3ydkaaacztqhwmm-pfcdj0-c8c3c305e-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	kfpqkkacccuawzyd3gga-pfcdj0-b5e1ea1f8-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	02179915.akstat.io	s.go-mpulse.net
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	www.avira.com
1	geolocation.onetrust.com	cdn.cookielaw.org
53	15

This site contains links to these domains. Also see Links.

Domain
oem.avira.com
support.avira.com
my.avira.com
www.facebook.com
twitter.com
www.linkedin.com
blog.malwarebytes.com
www.anomali.com
www.pinterest.com
www.youtube.com
www.nortonlifelock.com
betacenter.avira.com
www.onetrust.com

Subject Issuer	Validity	Valid
avira.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-07` - `2025-06-17`	a year	crt.sh
www.webassetscdn.com R10	`2024-08-25` - `2024-11-23`	3 months	crt.sh
cookielaw.org WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
prod.cms.avira.com R11	`2024-07-29` - `2024-10-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-07-31` - `2025-07-31`	a year	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-28` - `2025-02-27`	a year	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-02-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Frame ID: 2538580BC8327B4FBFF2748C84B1E888
Requests: 56 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 6F4F2F1A3E676A6C1EC35DD26C29FD19
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New wave of PlugX targets Hong Kong - Avira Blog

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

53
Requests

96 %
HTTPS

92 %
IPv6

9
Domains

15
Subdomains

13
IPs

3
Countries

1900 kB
Transfer

3977 kB
Size

8
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://oem.avira.com/

Search URL Search Domain Scan URL

URL: https://support.avira.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://my.avira.com/en/dashboard/home/referral/websitenav
Title: Login

Search URL Search Domain Scan URL

URL: https://my.avira.com/en/auth/login?cw_ref_code=website&redirect_uri=/dashboard/renewal/tabs/plans
Title: Manage Renewal Settings

Search URL Search Domain Scan URL

URL: https://my.avira.com/en/dashboard/my-account/tabs/profile/referral/websitenav
Title: My Account

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.avira.com%2Fen%2Fblog%2Fnew-wave-of-plugx-targets-hong-kong&t=New%20wave%20of%20PlugX%20targets%20Hong%20Kong

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=New%20wave%20of%20PlugX%20targets%20Hong%20Kong&url=https%3A%2F%2Fwww.avira.com%2Fen%2Fblog%2Fnew-wave-of-plugx-targets-hong-kong&via=avira

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.avira.com%2Fen%2Fblog%2Fnew-wave-of-plugx-targets-hong-kong&title=New%20wave%20of%20PlugX%20targets%20Hong%20Kong&source=https%3A%2F%2Fwww.avira.com%2Fen%2Fblog

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/threat-analysis/2016/08/unpacking-the-spyware-disguised-as-antivirus/
Title: previous versions

Search URL Search Domain Scan URL

URL: https://www.anomali.com/blog/china-based-apt-mustang-panda-targets-minority-groups-public-and-private-sector-organizations
Title: post

Search URL Search Domain Scan URL

URL: https://oem.avira.com/en/technology/machine-learning
Title: zero-day attacks

Search URL Search Domain Scan URL

URL: https://oem.avira.com/en/technology/avira-scan-engines
Title: highest detection rates

Search URL Search Domain Scan URL

URL: https://www.facebook.com/avira
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/avira
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/avira-gmbh
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/avira/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCbjW477IGaSNdtLxOFXh7UQ
Title: YouTube

Search URL Search Domain Scan URL

URL: https://support.avira.com/hc/en-us/community/topics
Title: Avira Community

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/us/en/corporate-profile/
Title: About Avira

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/us/en/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://betacenter.avira.com/key/websitefooter
Title: Beta test

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pfcdj0a6q HTTP 302
https://kfpqkkacccuawzyd3gga-pfcdj0-b5e1ea1f8-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 55

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pfcdj0a6q HTTP 302
https://fiaqjiaafmaaakqce3ydkaaacztqhwmm-pfcdj0-c8c3c305e-clienttons-s.akamaihd.net/eum/results.txt

53 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request new-wave-of-plugx-targets-hong-kong Show response
www.avira.com/en/blog/ 154 KB
29 KB 113ms
30ms Document
text/html 2a02:26f0:480:f::213:7ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: akamai /
Resource Hash: fa29cff4386085b43f17b20be0f634074ad5a753f6cc219ab0140f3c319c22ed

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: max-age=28984
content-encoding: gzip
content-length: 28824
content-type: text/html; charset=UTF-8
date: Mon, 07 Oct 2024 12:52:26 GMT
expires: Mon, 07 Oct 2024 20:55:30 GMT
link: <https://www.avira.com/blog/wp-json/>; rel="https://api.w.org/" <https://www.avira.com/blog/wp-json/wp/v2/posts/42546>; rel="alternate"; type="application/json" <https://www.avira.com/en/blog/?p=42546>; rel=shortlink <https://www.webassetscdn.com/avira/prod-blog/wp-content/cache/minify/cffed.js.gzip?x77742>; rel=preload; as=script <https://www.webassetscdn.com/avira/prod-blog/wp-content/cache/minify/c5eff.js.gzip?x77742>; rel=preload; as=script <https://www.webassetscdn.com/avira/prod-blog/wp-content/cache/minify/543ff.js.gzip?x77742>; rel=preload; as=script <https://www.webassetscdn.com/avira/prod-blog/wp-content/cache/minify/0211d.css.gzip?x77742>; rel=preload; as=style
referrer-policy: no-referrer-when-downgrade
server: akamai
server-timing: cdn-cache; desc=HIT edge; dur=16 origin; dur=0 ak_p; desc="1728305546203_34831762_7891162_1525_4320_7_39_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 26776 0 pmb=mRUM,1

GET
H2 200 cffed.js.gzip Show response
www.webassetscdn.com/avira/prod-blog/wp-content/cache/minify/ 3 KB
1 KB 311ms
74ms Script
application/x-javascript 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webassetscdn.com/avira/prod-blog/wp-content/cache/minify/cffed.js.gzip?x77742
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a378fd16b0bcb3a466b6b0bcbd6efb96b6e32547eea56876f16f5b564e4123ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

x-amz-id-2: 0rpnltoo+2FNK1K9QMUQ7Xu4vjlbyIBk7q7BbsTFzQH9gyI1PXKp6XYOyhujAvK+7ydHv4vGIU2s6f40RfWPIQ==
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
etag: "5bbe4804c56c7ae667933657b5ebab47"
pragma: no-cache
x-amz-request-id: WVGYJ2G1VDYVPKYM
expires: Mon, 07 Oct 2024 12:52:26 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1100
date: Mon, 07 Oct 2024 12:52:26 GMT
last-modified: Thu, 22 Aug 2024 07:30:38 GMT
content-type: application/x-javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 c5eff.js.gzip Show response
www.webassetscdn.com/avira/prod-blog/wp-content/cache/minify/ 235 KB
74 KB 332ms
95ms Script
application/x-javascript 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webassetscdn.com/avira/prod-blog/wp-content/cache/minify/c5eff.js.gzip?x77742
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f74f3fef4862c1a9085172c13e6ec53a1dc947ef1cdaa85a3c50c92c0a14607a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

x-amz-id-2: WHVKqg+9vzVRxkwy3Wgy0sK7IyOU3bphyYVnLKSI8qThf6q5BFUjB9yMmQBkjqDOvqESVVimsF0=
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
etag: "aa90f4a792f6be7309c75ebf134bc8e5"
pragma: no-cache
x-amz-request-id: WVGZBXB9P3R4ZZN0
expires: Mon, 07 Oct 2024 12:52:26 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 75828
date: Mon, 07 Oct 2024 12:52:26 GMT
last-modified: Thu, 22 Aug 2024 07:28:34 GMT
content-type: application/x-javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 543ff.js.gzip Show response
www.webassetscdn.com/avira/prod-blog/wp-content/cache/minify/ 29 KB
8 KB 388ms
151ms Script
application/x-javascript 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webassetscdn.com/avira/prod-blog/wp-content/cache/minify/543ff.js.gzip?x77742
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d6771ad5f397131140011daa79612e38c2d775ee50fdd2c84da8eef492fc04ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

x-amz-id-2: zTGdJtPDaydtwGg2ubxsTmlYb0SWvTCsvGUNZRoKkb6Mxdp26/tovRgod/jKFJ58o9Moerpuy7E=
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
etag: "004d5f9e278fddbdfbf62bda95354ffa"
pragma: no-cache
x-amz-request-id: WVGQ6DPYQTD10YN2
expires: Mon, 07 Oct 2024 12:52:26 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8163
date: Mon, 07 Oct 2024 12:52:26 GMT
last-modified: Thu, 22 Aug 2024 07:28:35 GMT
content-type: application/x-javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 0211d.css.gzip
www.webassetscdn.com/avira/prod-blog/wp-content/cache/minify/ 229 KB
41 KB 303ms
66ms Stylesheet
text/css 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webassetscdn.com/avira/prod-blog/wp-content/cache/minify/0211d.css.gzip?x77742
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3d3b2838c56ed5edb1485ba62c2c8ddb12f4f800562bcbe426b8801d110dd30e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

x-amz-id-2: 4XvNse4BjDrB3Tx5n1QwSdDgDGgDwPLjwu9aYebLHRTATgoHPrzcoMbdfxKvoGifIsBclWiC0Cc=
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
etag: "89e926fa94c928cb7cad09ecf4feec77"
pragma: no-cache
x-amz-request-id: WVGYM7GY79E51HNK
expires: Mon, 07 Oct 2024 12:52:26 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 41225
date: Mon, 07 Oct 2024 12:52:26 GMT
last-modified: Thu, 22 Aug 2024 07:28:34 GMT
content-type: text/css
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/d1004553-66ed-4eac-aac3-a8e7d62e55ce/ 5 KB
2 KB 263ms
41ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d1004553-66ed-4eac-aac3-a8e7d62e55ce/OtAutoBlock.js

Requested by

Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dac11b6349b6fbbefe783a2cea3f35e8a9f2bd7e88a786874c0928700a9ac70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

content-md5: l6S6lk5NLDyCnu6ShZTcmQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCBD38239B662B
age: 19167
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Tue, 08 Oct 2024 12:52:26 GMT
date: Mon, 07 Oct 2024 12:52:26 GMT
content-type: application/javascript
last-modified: Thu, 15 Aug 2024 14:39:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 1e971b98-b01e-005a-0421-ef950b000000
cf-ray: 8cee074299d6d268-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2052
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 244ms
23ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

content-md5: uiXk8gw/ehyoMvZ3GeQiaQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCE3E0C241C63A
x-ms-lease-status: unlocked
age: 83804
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Mon, 07 Oct 2024 13:35:42 GMT
date: Mon, 07 Oct 2024 12:52:26 GMT
content-type: application/javascript
last-modified: Thu, 03 Oct 2024 19:22:45 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 61ecba25-801e-0016-2462-165214000000
cf-ray: 8cee074299dcd268-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7214
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 KievitWeb-Bold.woff
www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/fonts/KievitWeb/ 56 KB
56 KB 263ms
27ms Font
application/octet-stream 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/fonts/KievitWeb/KievitWeb-Bold.woff
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 16b555282ea8c779478cb1d8674dae40f689dcdeb4664cd762cbdfe47c476d8b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.avira.com
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=31302911
content-encoding: gzip
etag: "8652745947b62f03147b76cd5db508fb"
x-amz-request-id: XX9NB5JP81GYX7NJ
expires: Sat, 04 Oct 2025 20:07:37 GMT
accept-ranges: bytes
access-control-allow-origin: *
date: Mon, 07 Oct 2024 12:52:26 GMT
last-modified: Sat, 12 Feb 2022 12:14:03 GMT
content-type: application/octet-stream
vary: Accept-Encoding
x-amz-id-2: XWwugCjhPo30kFKtUE71IAPNn+5zDAPCjwa9JeVPzqZqyeQHkhH1Ef00SYNYE+tf7Ym0R2MF/MQ=

GET
H2 200 KievitWebPro-Regular.woff
www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/fonts/KievitWeb/ 54 KB
54 KB 264ms
28ms Font
application/octet-stream 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/fonts/KievitWeb/KievitWebPro-Regular.woff
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 01fba482f08656e11cbf03333b07048a33b574dc7024d5651f94b0b3cff89c3a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.avira.com
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=31003736
content-encoding: gzip
etag: "cb0b064a6f71ca79ea66c595c22211cc"
x-amz-request-id: XX9NBD651AMBB6KP
expires: Wed, 01 Oct 2025 09:01:22 GMT
accept-ranges: bytes
access-control-allow-origin: *
date: Mon, 07 Oct 2024 12:52:26 GMT
last-modified: Sat, 12 Feb 2022 12:14:03 GMT
content-type: application/octet-stream
vary: Accept-Encoding
x-amz-id-2: nryDzeqLOZRJEHN4IhRuv/6Bf9Cy11osXdApQ7mmbN9PIXzVmHPymPmFz/lfsrwf3xqBCX54qfs=

GET
H2 200 KievitWebPro-Medium.woff
www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/fonts/KievitWeb/ 55 KB
56 KB 280ms
44ms Font
application/octet-stream 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/fonts/KievitWeb/KievitWebPro-Medium.woff
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b560f4b355f71bf3d9c4c92124294a15c7451c5a0abff85afcbe878b1a4be573

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.avira.com
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=31003609
content-encoding: gzip
etag: "e3e978f02a0cba365d213e745bedfdb4"
x-amz-request-id: BY57B1ZCAHQ7ZDG8
expires: Wed, 01 Oct 2025 08:59:15 GMT
accept-ranges: bytes
access-control-allow-origin: *
date: Mon, 07 Oct 2024 12:52:26 GMT
last-modified: Sat, 12 Feb 2022 12:14:03 GMT
content-type: application/octet-stream
vary: Accept-Encoding
x-amz-id-2: KGqOoVvdQzYtVxTP9r5uK+/dYRa7i7xc6zTr0jocjY3xO7thAdn6rUJtg3KeT23eCDgztpWUPJQ=

GET
H2 200 KievitWebPro-Light.woff
www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/fonts/KievitWeb/ 55 KB
55 KB 301ms
66ms Font
application/octet-stream 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/fonts/KievitWeb/KievitWebPro-Light.woff
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a791aba3842d3766494ad0aa2a1b9cdbd2bb8aa8b2235aedea82e993c851a1ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.avira.com
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

x-amz-id-2: qieTpn6AYKTBitpVlQL3F6ZNXp2ujPHQy20+1xd1+3iP4JvAkZKbbwMoqZHMg2rfr3ABWAwKs0I=
cache-control: max-age=31505247
content-encoding: gzip
etag: "a8a9d6aaf9f3940badc66e2a2aa21047"
x-amz-request-id: M5T7Z4H5R08YZH1V
expires: Tue, 07 Oct 2025 04:19:53 GMT
accept-ranges: bytes
access-control-allow-origin: *
date: Mon, 07 Oct 2024 12:52:26 GMT
last-modified: Thu, 18 Jan 2024 15:05:37 GMT
content-type: application/octet-stream
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 avira_icons.ttf
www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/fonts/avira_icons/ 171 KB
171 KB 285ms
50ms Font
application/vnd.ms-opentype 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/fonts/avira_icons/avira_icons.ttf?75fixw
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3199043f616f378bd0a4fe51c0dd6f0a5c699c970bcda23db2ff46c910a6bacd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.avira.com
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=31316148
etag: "422037d348abf325581765efae50c193"
x-amz-request-id: XX9T35YCHKWPVRH9
expires: Sat, 04 Oct 2025 23:48:14 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 174712
date: Mon, 07 Oct 2024 12:52:26 GMT
last-modified: Sat, 12 Feb 2022 12:14:03 GMT
content-type: application/vnd.ms-opentype
x-amz-id-2: 8hFvYGDWBi4xpIPduy3cxyGvI3DSq5ATTceR3uxZlEjk56BdBZuWQk/wmXx2cT69YhAuMnqnix4=

GET
H2 200 avira-logo-black.svg
www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/img/ 2 KB
2 KB 15ms
14ms Image
image/svg+xml 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/img/avira-logo-black.svg
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b06a086772e41e5c71e268946669ad339dd475cd64aa09c2cdcf0c0ad9cb1b49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

x-amz-id-2: 5ZDZLS4kKSdX38QqITEOhDb4QaRguFwoUJAxQM+KqvpxP81D00XiZU+ZYl80KjmH0b32rNZNqmg=
cache-control: max-age=30057331
content-encoding: gzip
etag: "55e251736d7cc3b7224743f8d1ebee62"
x-amz-request-id: KD8X60ATD6N1D109
expires: Sat, 20 Sep 2025 10:07:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1255
date: Mon, 07 Oct 2024 12:52:26 GMT
last-modified: Thu, 18 Jan 2024 15:05:31 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 PlugX-01-no-crop-861x540.png
www.webassetscdn.com/avira/prod-blog/wp-content/uploads/2020/01/ 436 KB
436 KB 145ms
141ms Image
image/png 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.webassetscdn.com/avira/prod-blog/wp-content/uploads/2020/01/PlugX-01-no-crop-861x540.png
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cd4b6c97e352f75bffdc3d1be5a407b77f85b74c067d25b8a00362f55a67060e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=31536000
etag: "c4894dd54d6f6640ca2fffa7358bee4f"
x-amz-request-id: WVGJJKJEV9TJQBZA
expires: Tue, 07 Oct 2025 12:52:26 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 446264
date: Mon, 07 Oct 2024 12:52:26 GMT
last-modified: Wed, 30 Sep 2020 09:10:01 GMT
content-type: image/png
x-amz-id-2: fbDl5iglkg/YcqwIagpDV3KeiUBVDoqoxdT3n2g+pE9gIlG+vF0GOrBgAQ2ExBpjESSq5gtIDjI=

GET
H/1.1 200
OK 0211d.css
prod-blog.avira.com/wp-content/cache/minify/ 229 KB
40 KB 627ms
392ms Stylesheet
text/css 2a02:26f0:3500:12::1730:17a4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-blog.avira.com/wp-content/cache/minify/0211d.css?x77742
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / W3 Total Cache/2.3.0
Resource Hash: 3d3b2838c56ed5edb1485ba62c2c8ddb12f4f800562bcbe426b8801d110dd30e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

Vary: Accept-Encoding
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Encoding: gzip
ETag: "66c6e7db-9ffe"
Pragma: no-cache
Connection: keep-alive
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes
Content-Length: 40958
Date: Mon, 07 Oct 2024 12:52:27 GMT
Content-Type: text/css
Last-Modified: Thu, 22 Aug 2024 07:25:15 GMT
Server: nginx
X-Powered-By: W3 Total Cache/2.3.0

GET
H/1.1 200
OK cffed.js Show response
prod-blog.avira.com/wp-content/cache/minify/ 3 KB
2 KB 358ms
343ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-blog.avira.com/wp-content/cache/minify/cffed.js?x77742
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / W3 Total Cache/2.3.0
Resource Hash: a378fd16b0bcb3a466b6b0bcbd6efb96b6e32547eea56876f16f5b564e4123ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

Vary: Accept-Encoding
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Encoding: gzip
ETag: "66c6e7eb-44c"
Pragma: no-cache
Connection: keep-alive
Referrer-Policy: no-referrer-when-downgrade
Accept-Ranges: bytes
Content-Length: 1100
Date: Mon, 07 Oct 2024 12:52:27 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 22 Aug 2024 07:25:31 GMT
Server: nginx
X-Powered-By: W3 Total Cache/2.3.0

GET
H2 200 2021_Avira_Box_bundle_PAID_PRIME_EN.png
www.webassetscdn.com/avira/prod/cache-buster-1643901397/tmp/image-thumbnails/ContentHub/VisualContent/Images/ProductBoxshot/ProductBoxshot_bundle_PRIME/image-thumb__14410__width55/ 8 KB
8 KB 35ms
35ms Image
image/png 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.webassetscdn.com/avira/prod/cache-buster-1643901397/tmp/image-thumbnails/ContentHub/VisualContent/Images/ProductBoxshot/ProductBoxshot_bundle_PRIME/image-thumb__14410__width55/2021_Avira_Box_bundle_PAID_PRIME_EN.png
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f825abaca954cc77f24d745d1baba3e5d5960d1602c72b9fbec4fc54339f2019

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=29977202
etag: "aba4f5fda592ea44979d93ae73657b0c"
x-amz-request-id: 5ZZKT7Z42YJM5QGF
expires: Fri, 19 Sep 2025 11:52:29 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7874
date: Mon, 07 Oct 2024 12:52:27 GMT
last-modified: Thu, 03 Feb 2022 16:36:58 GMT
content-type: image/png
x-amz-id-2: RSXTawvOe3JspovHZnBiKmw0uAU4cpbp/ZWl3azJa4Ny1qmaDDpUZKmlsZPzafOtoDJH3PQ9p2GkZdNgUCyd+g==

GET
H2 200 2020_Avira_Box_bundle_PAID_ISEC-win_EN_880x1536.png
www.webassetscdn.com/avira/prod/cache-buster-1607682507/tmp/image-thumbnails/products/cms/boxshots/en/image-thumb__10388__width55/ 8 KB
8 KB 32ms
26ms Image
image/png 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.webassetscdn.com/avira/prod/cache-buster-1607682507/tmp/image-thumbnails/products/cms/boxshots/en/image-thumb__10388__width55/2020_Avira_Box_bundle_PAID_ISEC-win_EN_880x1536.png
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5622cce1e81579470baca7fb35a5f42357ec51aa6a5ce49f174e1caf354275f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=29645865
etag: "3dcb070111e20ec4a55deb56e988174f"
x-amz-request-id: 2RF0AA0K0FHXX8Z1
expires: Mon, 15 Sep 2025 15:50:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7854
date: Mon, 07 Oct 2024 12:52:27 GMT
last-modified: Fri, 11 Dec 2020 11:13:34 GMT
content-type: image/png
x-amz-id-2: 2QY7K0rqv6FdyW/+YCxZX9tfd66T5vTETdLMaliGMkwzZkCeBheaEou9vSrl1fJRZr4fLpQvub4xEybuGR24YQ==

GET
H2 200 2020_box_bundle_free_FS_unicspotl_EN.png
www.webassetscdn.com/avira/prod/cache-buster-1602593916/tmp/image-thumbnails/ContentHub/VisualContent/Images/ProductBoxshot/ProductBoxshot_bundle_Unicorn-Spotlight_Free-Security/image-thumb__10279_... 8 KB
8 KB 46ms
41ms Image
image/png 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.webassetscdn.com/avira/prod/cache-buster-1602593916/tmp/image-thumbnails/ContentHub/VisualContent/Images/ProductBoxshot/ProductBoxshot_bundle_Unicorn-Spotlight_Free-Security/image-thumb__10279__width55/2020_box_bundle_free_FS_unicspotl_EN.png
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a42eabf600a746d0c8825913bac5afc875915e73ede26c0c4277de072bf0b46f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=31536000
etag: "e563a982edeccf60213d2bc65db27035"
x-amz-request-id: DKPJG3R58H6D9BEM
expires: Tue, 07 Oct 2025 12:52:27 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8217
date: Mon, 07 Oct 2024 12:52:27 GMT
last-modified: Tue, 13 Oct 2020 12:59:03 GMT
content-type: image/png
x-amz-id-2: WY/4ChahGAd27D+4oYeTDqwBLHF3BGj4FpqLuyXv1XYNj6gtXpEYZOnkpgAqYWtO8/JOHCfAQbY=

GET
H2 200 Avira-Prime-Mobile_1.png
www.webassetscdn.com/avira/prod/cache-buster-1608547519/tmp/image-thumbnails/_default_upload_bucket/image-thumb__13276__width55/ 4 KB
4 KB 31ms
26ms Image
image/png 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.webassetscdn.com/avira/prod/cache-buster-1608547519/tmp/image-thumbnails/_default_upload_bucket/image-thumb__13276__width55/Avira-Prime-Mobile_1.png
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 114e1a4cedeca1be22388224e1a99903292d80c74d9138bfecba577af01d1d4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=31536000
etag: "21645bc85afeb900a743195191d82d26"
x-amz-request-id: 6QD1A3BWF7JZPQGX
expires: Tue, 07 Oct 2025 12:52:27 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3837
date: Mon, 07 Oct 2024 12:52:27 GMT
last-modified: Tue, 30 Aug 2022 11:45:04 GMT
content-type: image/png
x-amz-id-2: NTWjL2MX4ifB7VMBU0DT2YXSmJihamg/BB7srhG7xx78fgox+QQUYxfmcynnX6WpytVAE2nz3NA=

GET
H2 200 Avira-Prime-Mobile.png
www.webassetscdn.com/avira/prod/cache-buster-1608547218/tmp/image-thumbnails/_default_upload_bucket/image-thumb__13274__width55/ 4 KB
4 KB 47ms
42ms Image
image/png 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.webassetscdn.com/avira/prod/cache-buster-1608547218/tmp/image-thumbnails/_default_upload_bucket/image-thumb__13274__width55/Avira-Prime-Mobile.png
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 114e1a4cedeca1be22388224e1a99903292d80c74d9138bfecba577af01d1d4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=30278003
etag: "21645bc85afeb900a743195191d82d26"
x-amz-request-id: VETW21C2M0QQCGS7
expires: Mon, 22 Sep 2025 23:25:50 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3837
date: Mon, 07 Oct 2024 12:52:27 GMT
last-modified: Tue, 30 Aug 2022 11:45:21 GMT
content-type: image/png
x-amz-id-2: yxrFFfLY5NwqvYVyJ+V5XYLbJX7VCrx/kFaZu4WuFGlGFBaY3kIL9zqY7zO+vkSdnHOJaigkf4w=

GET
H2 200 plug_decrypt_payload.png
www.webassetscdn.com/avira/prod-blog/wp-content/uploads/2020/08/ 21 KB
21 KB 347ms
113ms Image
image/png 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.webassetscdn.com/avira/prod-blog/wp-content/uploads/2020/08/plug_decrypt_payload.png?x15938
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6c2a0f5a86d1324fcd23647eaf389e9eb2f47d13af5d18a22b36214529bdfcf2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=31536000
etag: "753d8e135e7d20a748b944b7da54ea8f"
x-amz-request-id: WVGNR69FW455WRBE
expires: Tue, 07 Oct 2025 12:52:26 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21685
date: Mon, 07 Oct 2024 12:52:26 GMT
last-modified: Mon, 03 Aug 2020 10:34:34 GMT
content-type: image/png
x-amz-id-2: TJwZhZN9uezG/A5gci1XuWBnjbjXjixzOsm2NVogQWTxPf4/kud8hfktKsQwTK4qplOS9bVvwf0=

GET
H2 200 plug_APT4.jpg
www.webassetscdn.com/avira/prod-blog/wp-content/uploads/2020/08/ 8 KB
8 KB 39ms
35ms Image
image/jpeg 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.webassetscdn.com/avira/prod-blog/wp-content/uploads/2020/08/plug_APT4.jpg?x15938
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 142a5050a5bc1deb9cafb91d3c69ae60335c182d7479360dd578621fe45c23fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=31100297
etag: "583ef1e428dfd3959d7635fc4d437a0d"
x-amz-request-id: T3R4A10DCSYH1C2K
expires: Thu, 02 Oct 2025 11:50:43 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8177
date: Mon, 07 Oct 2024 12:52:26 GMT
last-modified: Mon, 03 Aug 2020 10:34:08 GMT
content-type: image/jpeg
x-amz-id-2: i9bBc5XbpZ3S8LtkJ8kRQHA0sySBGkPkjomw5lZ1Pmd2y21uEJd0ekBcs3bkByGO7R9rVYSY0xE=

GET
H2 200 placeholder-180x135.png
www.avira.com/blog/wp-content/themes/avira-blog/img/ 98 B
427 B 27ms
24ms Image
image/png 2a02:26f0:480:f::213:7ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avira.com/blog/wp-content/themes/avira-blog/img/placeholder-180x135.png
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: akamai / W3 Total Cache/2.3.0
Resource Hash: 44321d15b5a4c24d1d4326bf1978096b20a8b5cb3d4cbe2acc950d2dca4039e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=55143
etag: "66c6dd9e-62"
referrer-policy: no-referrer-when-downgrade
expires: Tue, 08 Oct 2024 04:11:29 GMT
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1728305546763_34831762_7896359_20_3612_8_0_182";dur=1
content-length: 98
date: Mon, 07 Oct 2024 12:52:26 GMT
content-type: image/png
last-modified: Thu, 22 Aug 2024 06:41:34 GMT
x-powered-by: W3 Total Cache/2.3.0
server: akamai

GET
H2 200 placeholder-280x210.jpg
www.avira.com/blog/wp-content/themes/avira-blog/img/ 4 KB
4 KB 19ms
14ms Image
image/jpeg 2a02:26f0:480:f::213:7ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avira.com/blog/wp-content/themes/avira-blog/img/placeholder-280x210.jpg
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: akamai / W3 Total Cache/2.3.0
Resource Hash: 5f4fde2d7440d6d167b501ecb054b83aeb20f17ce9f9095ba90d6930ac542b22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=55039
etag: "66c6dd9e-e8f"
referrer-policy: no-referrer-when-downgrade
expires: Tue, 08 Oct 2024 04:09:46 GMT
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1728305547087_34831762_7899655_18_4154_8_0_146";dur=1
content-length: 3727
date: Mon, 07 Oct 2024 12:52:27 GMT
content-type: image/jpeg
last-modified: Thu, 22 Aug 2024 06:41:34 GMT
x-powered-by: W3 Total Cache/2.3.0
server: akamai

GET
H/1.1 200
OK c5eff.js Show response
prod-blog.avira.com/wp-content/cache/minify/ 235 KB
74 KB 230ms
227ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-blog.avira.com/wp-content/cache/minify/c5eff.js?x77742
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f74f3fef4862c1a9085172c13e6ec53a1dc947ef1cdaa85a3c50c92c0a14607a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

Content-Encoding: gzip
Pragma: private
ETag: "pri1724308894;gz"
Connection: keep-alive
Referrer-Policy: no-referrer-when-downgrade
Content-Length: 75635
Date: Mon, 07 Oct 2024 12:52:27 GMT
Content-Type: application/x-javascript; charset=utf-8
Vary: Accept-Encoding
Server: nginx
Last-Modified: Thu, 22 Aug 2024 06:41:34 GMT

GET
H/1.1 200
OK 543ff.js Show response
prod-blog.avira.com/wp-content/cache/minify/ 29 KB
8 KB 311ms
289ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-blog.avira.com/wp-content/cache/minify/543ff.js?x77742
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d6771ad5f397131140011daa79612e38c2d775ee50fdd2c84da8eef492fc04ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

Content-Encoding: gzip
Pragma: private
ETag: "pri1724308959;gz"
Connection: keep-alive
Referrer-Policy: no-referrer-when-downgrade
Content-Length: 8156
Date: Mon, 07 Oct 2024 12:52:27 GMT
Content-Type: application/x-javascript; charset=utf-8
Vary: Accept-Encoding
Server: nginx
Last-Modified: Thu, 22 Aug 2024 06:42:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 294 KB
94 KB 76ms
28ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NPWW2M8K&l=sdl

Requested by

Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a924afd83bfc98e5e15b0cf9eefc44d37020d2559c56ac89b484488ad00d3799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 07 Oct 2024 12:52:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 12:52:27 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 07 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 95573
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 d1004553-66ed-4eac-aac3-a8e7d62e55ce.json Show response
cdn.cookielaw.org/consent/d1004553-66ed-4eac-aac3-a8e7d62e55ce/ 6 KB
2 KB 65ms
42ms XHR
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d1004553-66ed-4eac-aac3-a8e7d62e55ce/d1004553-66ed-4eac-aac3-a8e7d62e55ce.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a68e405a7fdd792087988cf98debedf237302d09ea4a37e23a5d91d354f6e5a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

content-md5: ugKxgbv3LGwQmEKa3RomMQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCBD38224372FB
age: 79781
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Tue, 08 Oct 2024 12:52:26 GMT
date: Mon, 07 Oct 2024 12:52:26 GMT
content-type: application/json
last-modified: Thu, 15 Aug 2024 14:39:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: db4687f4-a01e-0082-4f21-ef32da000000
cf-ray: 8cee07434a6b37e4-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1922
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
315 B 169ms
30ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8cee07447b73198f-FRA
access-control-allow-origin: *
date: Mon, 07 Oct 2024 12:52:26 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/ 421 KB
102 KB 23ms
21ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee39d0cbc9e9cd88b7dac8ebca680b89e8879081f855152f21772c7834474437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

content-md5: B7RJGeSCnZZuAb1NQkB81w==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DBB9A2763B37CA
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 24150
x-content-type-options: nosniff
date: Mon, 07 Oct 2024 12:52:27 GMT
content-type: application/javascript
last-modified: Wed, 20 Sep 2023 06:26:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 370b2d5d-e01e-0045-3ee5-1dec60000000
cf-ray: 8cee07454a24d268-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 103637
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 293 KB
100 KB 82ms
35ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TK3DGR7

Requested by

Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d0f254167f6fe68ef3376da31911f42c390fe9337510d5424be0cda5bacf045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 07 Oct 2024 12:52:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 12:52:27 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 07 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102213
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 9F3DH-WHDX9-7CG66-F4G3J-99FEC Show response
s.go-mpulse.net/boomerang/ 140 KB
36 KB 126ms
45ms Script
application/javascript 2a02:26f0:3100:782::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/9F3DH-WHDX9-7CG66-F4G3J-99FEC
Requested by: Host: www.avira.com
URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100:782::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b38b56cc66465707f7a28c32aaa60859276bf30d268eb6d3a90a02bfb6d74ba2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=604800
timing-allow-origin: *
content-encoding: br
customappheader: mpulse-ab-boomr__git__361fdb1__git__361fdb1__p19.alsi10-lite
content-length: 36382
date: Mon, 07 Oct 2024 12:52:27 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 02 Aug 2024 08:53:27 GMT
vary: Accept-Encoding

GET
H2 200 avira-logo-oem.png
www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/img/ 2 KB
2 KB 26ms
25ms Image
image/png 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/img/avira-logo-oem.png
Requested by: Host: prod-blog.avira.com
URL: https://prod-blog.avira.com/wp-content/cache/minify/0211d.css?x77742
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: aaede122ef10bf5e5606a1e7f1a0a49080351a69bf817b51c4d3b013e0018b8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://prod-blog.avira.com/wp-content/cache/minify/0211d.css?x77742

Response headers

x-amz-id-2: /znV2ANgUk8WkqaOSGTYi2nIoMWAc+c6I1EFqAZRK988hKtHA3BmE/lMjBjd8nYQYrdgjHoZMak=
cache-control: max-age=31536000
etag: "4bbae306e316e9b1ba5bac5daa340463"
x-amz-request-id: FR5GZ3NYHDPY7YH9
expires: Tue, 07 Oct 2025 12:52:27 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2202
date: Mon, 07 Oct 2024 12:52:27 GMT
last-modified: Thu, 18 Jan 2024 15:05:30 GMT
content-type: image/png
x-amz-server-side-encryption: AES256

GET
H2 200 avira-secure-browser.svg
www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/img/ 16 KB
2 KB 22ms
21ms Image
image/svg+xml 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/img/avira-secure-browser.svg
Requested by: Host: prod-blog.avira.com
URL: https://prod-blog.avira.com/wp-content/cache/minify/0211d.css?x77742
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 163f89f7f9f4caef83e9270af2d963e770b6b02f1f497ae69d21c442559272af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://prod-blog.avira.com/wp-content/cache/minify/0211d.css?x77742

Response headers

x-amz-id-2: Nm9vZdxrx7QCfWypg3x/152MhgwWha1BH1ba1s9puke6jF6jmqeFWWevZg8gcpWL+ABsF5LN30w=
cache-control: max-age=30125997
content-encoding: gzip
etag: "8261bf460410f56da9c20ea17b520300"
x-amz-request-id: 2YJBNB13XM2C4HMN
expires: Sun, 21 Sep 2025 05:12:24 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1764
date: Mon, 07 Oct 2024 12:52:27 GMT
last-modified: Thu, 18 Jan 2024 15:05:31 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 avira_icons.ttf
www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/fonts/avira_icons/ 176 KB
176 KB 69ms
58ms Font
application/vnd.ms-opentype 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/fonts/avira_icons/avira_icons.ttf
Requested by: Host: prod-blog.avira.com
URL: https://prod-blog.avira.com/wp-content/cache/minify/0211d.css?x77742
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: dd8d66534120a008951dc05acbe5ed2893c007d3ab34ffb4fa5e744612538d68

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.avira.com
Referer: https://prod-blog.avira.com/wp-content/cache/minify/0211d.css?x77742

Response headers

x-amz-id-2: Dl9fAPP18ynv+gfkfL2NXbOrRE8unUlhqoMJCrkQ2EDMQzku6iVyhi8J0cUMdDAaZXFvh+KasSg=
cache-control: max-age=31505191
etag: "fdfb72d140e1deec38ea15ddcdc46be1"
x-amz-request-id: WFFJR8R87G3XKJXH
expires: Tue, 07 Oct 2025 04:18:58 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 179724
date: Mon, 07 Oct 2024 12:52:27 GMT
last-modified: Sun, 27 Aug 2023 06:28:22 GMT
content-type: application/vnd.ms-opentype
x-amz-server-side-encryption: AES256

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/d1004553-66ed-4eac-aac3-a8e7d62e55ce/019150e7-fb6b-7c84-b35e-f155a5d4f919/ 50 KB
13 KB 36ms
36ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d1004553-66ed-4eac-aac3-a8e7d62e55ce/019150e7-fb6b-7c84-b35e-f155a5d4f919/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0d34be40b251c3c606a078bb61f453b7bb244a84d7e8bf081947cfc79bd3376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

content-md5: CZlUMK8TxCSkE8cpxP6e9A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCBD382318238B
age: 77431
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Tue, 08 Oct 2024 12:52:27 GMT
date: Mon, 07 Oct 2024 12:52:27 GMT
content-type: application/json
last-modified: Thu, 15 Aug 2024 14:39:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 0ba199da-601e-009f-3121-efeb30000000
cf-ray: 8cee0746bebf37e4-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13219
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 270 KB
94 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MP55636&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK3DGR7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0eee77d1aa1013768f645de41a5681c0ac8c0696c05c901501145a9797a5f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 07 Oct 2024 12:52:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 12:52:27 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 07 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96158
x-xss-protection: 0
server: Google Tag Manager

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/assets/ 9 KB
3 KB 23ms
23ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

content-md5: lVxK9llV8eU2kvSDRI+c8w==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DBB9A272739A66
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 43454
x-content-type-options: nosniff
date: Mon, 07 Oct 2024 12:52:27 GMT
content-type: application/json
last-modified: Wed, 20 Sep 2023 06:25:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 197d4d9b-701e-0025-2a67-7990ff000000
cf-ray: 8cee074868c337e4-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2626
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/assets/v2/ 62 KB
13 KB 33ms
32ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

content-md5: 3yHA5F3oKJDlMPXEHc+wYA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DBB9A2735C2A8F
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 30050
x-content-type-options: nosniff
date: Mon, 07 Oct 2024 12:52:27 GMT
content-type: application/json
last-modified: Wed, 20 Sep 2023 06:25:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 1f0c1890-501e-0032-8072-7939f4000000
cf-ray: 8cee074868c637e4-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12708
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/assets/ 21 KB
4 KB 24ms
24ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

content-md5: c7xAZ9MSGAobGaTYg/Qtag==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 66580
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Oct 2024 12:52:27 GMT
content-type: text/css
last-modified: Wed, 20 Sep 2023 06:26:05 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 7f51ca8f-f01e-0076-6d6f-22b3cb000000
cf-ray: 8cee074868c837e4-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 110 KB
34 KB 59ms
16ms Script
application/javascript 2a02:26f0:3500:18::1724:a29d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=5b6b1891-ba80-43e2-82ec-cd787eb689f9&culture=en
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP55636&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a29d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ae1062717e422bb6d61122c2b54684a66c27c71f7154d49e16be57aea3241be1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

access-control-expose-headers: Request-Context
cache-control: public, max-age=743
content-encoding: gzip
etag: "2786a6a9518db1:0"
cross-origin-resource-policy: cross-origin
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
expires: Mon, 07 Oct 2024 13:04:50 GMT
accept-ranges: bytes
content-length: 34532
date: Mon, 07 Oct 2024 12:52:27 GMT
content-type: application/javascript
last-modified: Mon, 07 Oct 2024 08:46:34 GMT
vary: Accept-Encoding

GET
H2 200 cropped-Logo_only_500-1-300x300.png
www.webassetscdn.com/avira/prod-blog/wp-content/uploads/2016/09/ 31 KB
31 KB 12ms
12ms Other
image/png 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webassetscdn.com/avira/prod-blog/wp-content/uploads/2016/09/cropped-Logo_only_500-1-300x300.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 17953ef65e5d27efdb9d60903d470270d8bfcc04ab5c061ff9cf101b546e00d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=31511832
etag: "49331ca40e028e1541b594a7d3e726c8"
x-amz-request-id: 4D3GMENNJ9H9T8W0
expires: Tue, 07 Oct 2025 06:09:39 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31486
date: Mon, 07 Oct 2024 12:52:27 GMT
last-modified: Fri, 06 Mar 2020 12:58:29 GMT
content-type: image/png
x-amz-id-2: hnVsCxi02sXsB6SteEXoQvK86xETl0M/2McBT63x49Eepg8DRAjYXkgS0neMsnguaa6YfI+50tU=

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
495 B 21ms
21ms Fetch
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

content-md5: tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 24695
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Oct 2024 12:52:27 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2024 19:22:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 9bdbf3fc-301e-00c3-1f76-161ac9000000
cf-ray: 8cee0748e98337e4-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 19ms
18ms Image
mage/png 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

content-md5: E8+sk/ECzKgTUVtDLikiIA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCE3E0C3FA32C0
age: 47163
cf-cache-status: HIT
x-content-type-options: nosniff
date: Mon, 07 Oct 2024 12:52:27 GMT
content-type: mage/png
last-modified: Thu, 03 Oct 2024 19:22:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 7168d88c-901e-00ec-11ca-159bf3000000
cf-ray: 8cee0748ed7ed268-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4036
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 18ms
17ms Image
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

content-md5: Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 38694
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Oct 2024 12:52:27 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2024 19:22:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: b155f26a-401e-0083-64cf-153327000000
cf-ray: 8cee0748ed86d268-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 favicon-32x32.png
www.avira.com/blog/ 1 KB
2 KB 13ms
13ms Other
image/png 2a02:26f0:480:f::213:7ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avira.com/blog/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: akamai / W3 Total Cache/2.3.0
Resource Hash: a961b4999fbb3ea58527df10b36cfd5c6ac7cf9fd12a0ecede32a8f7f48fec30

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=55064
etag: "66c6dddd-500"
referrer-policy: no-referrer-when-downgrade
expires: Tue, 08 Oct 2024 04:10:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1728305547679_34831762_7905876_24_5139_7_0_219";dur=1
content-length: 1280
date: Mon, 07 Oct 2024 12:52:27 GMT
content-type: image/png
last-modified: Thu, 22 Aug 2024 06:42:37 GMT
x-powered-by: W3 Total Cache/2.3.0
server: akamai

GET
H2 200 config.json Show response
c.go-mpulse.net/api/ 1 KB
783 B 124ms
86ms XHR
application/json 2a02:26f0:7100:594::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=9F3DH-WHDX9-7CG66-F4G3J-99FEC&d=www.avira.com&t=5761018&v=1.766.60&sl=0&si=71266af5-53b2-49fe-8d82-413bc4dd0341-skzl3e&plugins=AK,ConfigOverride,Continuity,PageParams,RT,PaintTiming,NavigationTiming,ResourceTiming,Memory,Akamai,EventTiming,LOGN&acao=&ak.ai=603925
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/9F3DH-WHDX9-7CG66-F4G3J-99FEC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:594::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 69cae872e2461663f69583ed393a86b06b6596f9f1ebdbf5c653991d4d81cd3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin: *
content-encoding: gzip
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 600
date: Mon, 07 Oct 2024 12:52:27 GMT
content-type: application/json
vary: Accept-Encoding

GET
H2 200 bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 6F4F 0
0 57ms
9ms Document
text/html 2a02:26f0:480:594::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=5b6b1891-ba80-43e2-82ec-cd787eb689f9&culture=en
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:594::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 07 Oct 2024 12:52:27 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Tue, 07 Oct 2025 12:52:27 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1728305547775_35115176_689700311_34_1222_10_12_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 cc.js Show response
consent.cookiebot.com/5b6b1891-ba80-43e2-82ec-cd787eb689f9/ 369 B
593 B 175ms
174ms Script
application/x-javascript 2a02:26f0:3500:18::1724:a29d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/5b6b1891-ba80-43e2-82ec-cd787eb689f9/cc.js?renew=false&referer=www.avira.com&dnt=false&init=false&culture=en
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=5b6b1891-ba80-43e2-82ec-cd787eb689f9&culture=en
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a29d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 202a7999490bd014a555d341697903e823beeeb2caf4acb2584e6099aab5e46d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: private, max-age=60
access-control-expose-headers: Request-Context
content-encoding: gzip
cross-origin-resource-policy: cross-origin
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
content-length: 356
date: Mon, 07 Oct 2024 12:52:27 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding

POST
H2 204 /
02179915.akstat.io/ 0
225 B 105ms
91ms Ping
image/gif 2a02:26f0:3100:782::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://02179915.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/9F3DH-WHDX9-7CG66-F4G3J-99FEC

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100:782::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: Mon, 07 Oct 2024 12:52:28 GMT
access-control-allow-origin: https://www.avira.com
alt-svc: h3=":443"; ma=93600
x-xss-protection: 0
date: Mon, 07 Oct 2024 12:52:28 GMT
content-type: image/gif

GET
H/1.1

200
OK

results.txt Show response
kfpqkkacccuawzyd3gga-pfcdj0-b5e1ea1f8-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pfcdj0a6q
https://kfpqkkacccuawzyd3gga-pfcdj0-b5e1ea1f8-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

89ms
15ms

XHR
text/plain

2.16.168.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://kfpqkkacccuawzyd3gga-pfcdj0-b5e1ea1f8-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2.16.168.11 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-168-11.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 8
Date: Mon, 07 Oct 2024 12:52:28 GMT
Content-Type: text/plain
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage

Redirect headers

Access-Control-Allow-Origin: *
Location: https://kfpqkkacccuawzyd3gga-pfcdj0-b5e1ea1f8-clientnsv4-s.akamaihd.net/eum/results.txt
Content-Length: 0
Date: Mon, 07 Oct 2024 12:52:28 GMT
Server: AkamaiGHost
Connection: keep-alive

GET
H/1.1

200
OK

results.txt Show response
fiaqjiaafmaaakqce3ydkaaacztqhwmm-pfcdj0-c8c3c305e-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pfcdj0a6q
https://fiaqjiaafmaaakqce3ydkaaacztqhwmm-pfcdj0-c8c3c305e-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

111ms
21ms

XHR
text/plain

2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqjiaafmaaakqce3ydkaaacztqhwmm-pfcdj0-c8c3c305e-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong

Response headers

ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 8
Date: Mon, 07 Oct 2024 12:52:28 GMT
Content-Type: text/plain
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage

Redirect headers

Access-Control-Allow-Origin: *
Location: https://fiaqjiaafmaaakqce3ydkaaacztqhwmm-pfcdj0-c8c3c305e-clienttons-s.akamaihd.net/eum/results.txt
Content-Length: 0
Date: Mon, 07 Oct 2024 12:52:28 GMT
Server: AkamaiGHost
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.avira.com/	1970-01-21 00:15:10	Name: country Value: DE
.avira.com/	1970-01-21 00:05:12	Name: sourceCodeCookie Value: 999_a8j\|\|source=direct\|medium=(none)\|campaign=(not set)\|segmentCode=a
.avira.com/	1970-01-21 00:05:12	Name: __trSrc Value: 999_a8j
.avira.com/	1970-01-21 09:41:05	Name: sdl_cid Value: 39114923.1728305547
.avira.com/	1970-01-21 00:48:17	Name: language Value: en
www.avira.com/	1969-12-31 23:59:59	Name: GTM_check Value: 1
.avira.com/	1970-01-21 08:50:41	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Oct+07+2024+14%3A52%3A27+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202308.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=acfc8c0c-c0b6-4768-9286-5f82cbe97e13&interactionCount=0&landingPath=https%3A%2F%2Fwww.avira.com%2Fen%2Fblog%2Fnew-wave-of-plugx-targets-hong-kong&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CBG276%3A0%2CC0004%3A0
.www.avira.com/	1970-01-21 00:15:10	Name: RT Value: "z=1&dm=www.avira.com&si=ec30c939-6a10-41cc-a9fc-6f95cd331fea&ss=m1z0hy97&sl=1&tt=14r&bcn=%2F%2F02179915.akstat.io%2F&ld=1a4"

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong Message: The resource https://www.webassetscdn.com/avira/prod-blog/wp-content/cache/minify/543ff.js.gzip?x77742 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong Message: The resource https://www.webassetscdn.com/avira/prod-blog/wp-content/themes/avira-blog/fonts/avira_icons/avira_icons.ttf?75fixw was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong Message: The resource https://www.webassetscdn.com/avira/prod-blog/wp-content/cache/minify/0211d.css.gzip?x77742 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong Message: The resource https://www.webassetscdn.com/avira/prod-blog/wp-content/cache/minify/c5eff.js.gzip?x77742 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.avira.com/en/blog/new-wave-of-plugx-targets-hong-kong Message: The resource https://www.webassetscdn.com/avira/prod-blog/wp-content/cache/minify/cffed.js.gzip?x77742 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179915.akstat.io
c.go-mpulse.net
cdn.cookielaw.org
consent.cookiebot.com
consentcdn.cookiebot.com
fiaqjiaafmaaakqce3ydkaaacztqhwmm-pfcdj0-c8c3c305e-clienttons-s.akamaihd.net
geolocation.onetrust.com
kfpqkkacccuawzyd3gga-pfcdj0-b5e1ea1f8-clientnsv4-s.akamaihd.net
prod-blog.avira.com
s.go-mpulse.net
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
www.avira.com
www.googletagmanager.com
www.webassetscdn.com
2.16.168.11
2606:4700:4400::6812:2089
2606:4700::6812:562a
2a00:1450:4001:828::2008
2a02:26f0:3100:782::11a6
2a02:26f0:3500:12::1730:17a4
2a02:26f0:3500:16::215:149b
2a02:26f0:3500:18::1724:a29d
2a02:26f0:480:594::f09
2a02:26f0:480:f::213:7ece
2a02:26f0:480:f::213:7ed2
2a02:26f0:7100:594::11a6
01fba482f08656e11cbf03333b07048a33b574dc7024d5651f94b0b3cff89c3a
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
114e1a4cedeca1be22388224e1a99903292d80c74d9138bfecba577af01d1d4b
142a5050a5bc1deb9cafb91d3c69ae60335c182d7479360dd578621fe45c23fa
163f89f7f9f4caef83e9270af2d963e770b6b02f1f497ae69d21c442559272af
16b555282ea8c779478cb1d8674dae40f689dcdeb4664cd762cbdfe47c476d8b
17953ef65e5d27efdb9d60903d470270d8bfcc04ab5c061ff9cf101b546e00d8
202a7999490bd014a555d341697903e823beeeb2caf4acb2584e6099aab5e46d
2d0f254167f6fe68ef3376da31911f42c390fe9337510d5424be0cda5bacf045
2dac11b6349b6fbbefe783a2cea3f35e8a9f2bd7e88a786874c0928700a9ac70
3199043f616f378bd0a4fe51c0dd6f0a5c699c970bcda23db2ff46c910a6bacd
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3d3b2838c56ed5edb1485ba62c2c8ddb12f4f800562bcbe426b8801d110dd30e
44321d15b5a4c24d1d4326bf1978096b20a8b5cb3d4cbe2acc950d2dca4039e0
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5622cce1e81579470baca7fb35a5f42357ec51aa6a5ce49f174e1caf354275f7
5f4fde2d7440d6d167b501ecb054b83aeb20f17ce9f9095ba90d6930ac542b22
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69cae872e2461663f69583ed393a86b06b6596f9f1ebdbf5c653991d4d81cd3d
6c2a0f5a86d1324fcd23647eaf389e9eb2f47d13af5d18a22b36214529bdfcf2
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a378fd16b0bcb3a466b6b0bcbd6efb96b6e32547eea56876f16f5b564e4123ae
a42eabf600a746d0c8825913bac5afc875915e73ede26c0c4277de072bf0b46f
a68e405a7fdd792087988cf98debedf237302d09ea4a37e23a5d91d354f6e5a6
a791aba3842d3766494ad0aa2a1b9cdbd2bb8aa8b2235aedea82e993c851a1ab
a924afd83bfc98e5e15b0cf9eefc44d37020d2559c56ac89b484488ad00d3799
a961b4999fbb3ea58527df10b36cfd5c6ac7cf9fd12a0ecede32a8f7f48fec30
aaede122ef10bf5e5606a1e7f1a0a49080351a69bf817b51c4d3b013e0018b8d
ae1062717e422bb6d61122c2b54684a66c27c71f7154d49e16be57aea3241be1
b06a086772e41e5c71e268946669ad339dd475cd64aa09c2cdcf0c0ad9cb1b49
b0eee77d1aa1013768f645de41a5681c0ac8c0696c05c901501145a9797a5f83
b38b56cc66465707f7a28c32aaa60859276bf30d268eb6d3a90a02bfb6d74ba2
b560f4b355f71bf3d9c4c92124294a15c7451c5a0abff85afcbe878b1a4be573
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
cd4b6c97e352f75bffdc3d1be5a407b77f85b74c067d25b8a00362f55a67060e
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d6771ad5f397131140011daa79612e38c2d775ee50fdd2c84da8eef492fc04ad
dd8d66534120a008951dc05acbe5ed2893c007d3ab34ffb4fa5e744612538d68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
ee39d0cbc9e9cd88b7dac8ebca680b89e8879081f855152f21772c7834474437
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
f0d34be40b251c3c606a078bb61f453b7bb244a84d7e8bf081947cfc79bd3376
f74f3fef4862c1a9085172c13e6ec53a1dc947ef1cdaa85a3c50c92c0a14607a
f825abaca954cc77f24d745d1baba3e5d5960d1602c72b9fbec4fc54339f2019
fa29cff4386085b43f17b20be0f634074ad5a753f6cc219ab0140f3c319c22ed

www.avira.com Open in urlscan Pro 2a02:26f0:480:f::213:7ed2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

53 Requests

96 %HTTPS

92 %IPv6

9 Domains

15 Subdomains

13 IPs

3 Countries

1900 kBTransfer

3977 kBSize

8 Cookies

22 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.avira.com Open in urlscan Pro
2a02:26f0:480:f::213:7ed2 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

96 %
HTTPS

92 %
IPv6

9
Domains

15
Subdomains

13
IPs

3
Countries

1900 kB
Transfer

3977 kB
Size

8
Cookies

53 HTTP transactions
4 data transactions