threatpost.com Open in urlscan Pro
158.160.164.142  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

• https://cm.everesttech.net/cm/dd?d_uuid=21581100364151044760289745419423161196 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zv2j_gAAACA9UQO5

Request Chain 66

• https://12346775.fls.doubleclick.net/activityi;src=12346775;type=globalc;cat=globa0;ord=3964121097172;npa=1;auiddc=1347153576.1727898618;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F;u6=;u7=14168747091207074620747461485842019638-GA1.1.2108401593.1727898618;u9=_malformed-url-prefix-phishing-attacks-spike-6000_164132_;ps=1;pcor=1065674428;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a10v9181803792za200;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F HTTP 302
• https://12346775.fls.doubleclick.net/activityi;dc_pre=CPnn5vq78IgDFVLoEQgdRA0iow;src=12346775;type=globalc;cat=globa0;ord=3964121097172;npa=1;auiddc=1347153576.1727898618;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F;u6=;u7=14168747091207074620747461485842019638-GA1.1.2108401593.1727898618;u9=_malformed-url-prefix-phishing-attacks-spike-6000_164132_;ps=1;pcor=1065674428;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a10v9181803792za200;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F

Request Chain 72

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1727898618291&url=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1727898618291&url=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F&e_ipv6=AQKdlECq_TL5QAAAAZJOyIoeiHwiEBNJW3ygGIcPU9yMVGLoZ-6ffJmWCPDK76kQyZUTBZVWRAqJMfJGed_UA5ctyxvfpQ

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/	71 KB 16 KB	4023ms 3907ms	Document text/html	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 443c4419d50a3356b1e1d4542c01137435333808254698f93f29d3adc56a9ef7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 0 content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 02 Oct 2024 19:50:16 GMT link <https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/wp-json/wp/v2/posts/164132>; rel="alternate"; type="application/json" <https://threatpost.com/?p=164132>; rel=shortlink server ycalb strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-2xwf4 (Varnish/7.3) x-backend varnish x-cache MISS x-cache-hit BYPASS x-cache-hits 0 x-content-type-options nosniff x-debug-auth off x-frame-options SAMEORIGIN x-request-host threatpost.com x-varnish 40014059 x-xss-protection 1; mode=block
GET H2	200	museosans-900italic-webfont.woff2 threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/	15 KB 15 KB	142ms 139ms	Font font/woff2	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900italic-webfont.woff2 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 8edaef698e025c37ba9e8d632a895d7252c62251df3f095d5cff17b6f3304854 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://threatpost.com Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers x-backend varnish etag "66ed6082-3ca8" age 476 via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-lszfk (Varnish/7.3) x-varnish 131142 786435 access-control-allow-origin * x-cache HIT content-length 15528 date Wed, 02 Oct 2024 19:42:20 GMT accept-ranges bytes content-type font/woff2 last-modified Fri, 20 Sep 2024 11:46:10 GMT server ycalb x-cache-hits 8
GET H2	200	museosans-900-webfont.woff2 threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/	20 KB 20 KB	185ms 181ms	Font font/woff2	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900-webfont.woff2 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://threatpost.com Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers x-backend varnish etag "66ed6082-5124" age 38864 via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-2xwf4 (Varnish/7.3) x-varnish 34834691 458772 access-control-allow-origin * x-cache HIT content-length 20772 date Wed, 02 Oct 2024 09:02:33 GMT accept-ranges bytes content-type font/woff2 last-modified Fri, 20 Sep 2024 11:46:10 GMT server ycalb x-cache-hits 894
GET H2	200	museosans-700italic-webfont.woff2 threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/	15 KB 16 KB	51ms 47ms	Font font/woff2	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://threatpost.com Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers x-backend varnish etag "66ed6082-3dcc" age 38897 via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-2xwf4 (Varnish/7.3) x-varnish 39390069 196613 access-control-allow-origin * x-cache HIT content-length 15820 date Wed, 02 Oct 2024 09:01:59 GMT accept-ranges bytes content-type font/woff2 last-modified Fri, 20 Sep 2024 11:46:10 GMT server ycalb x-cache-hits 814
GET H2	200	museosans-700-webfont.woff2 threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/	20 KB 21 KB	142ms 139ms	Font font/woff2	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://threatpost.com Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers x-backend varnish etag "66ed6082-51a4" age 354 via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-lszfk (Varnish/7.3) x-varnish 557187 426053 access-control-allow-origin * x-cache HIT content-length 20900 date Wed, 02 Oct 2024 19:44:22 GMT accept-ranges bytes content-type font/woff2 last-modified Fri, 20 Sep 2024 11:46:10 GMT server ycalb x-cache-hits 8
GET H2	200	museosans-500italic-webfont.woff2 threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/	23 KB 23 KB	143ms 139ms	Font font/woff2	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500italic-webfont.woff2 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 17aee1fe3d7d16e647b97f568230c2ff36c1855ce35ce930c26aec5d2c58eaf4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://threatpost.com Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers x-backend varnish etag "66ed6082-5c74" age 453 via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-lszfk (Varnish/7.3) x-varnish 98526 524298 access-control-allow-origin * x-cache HIT content-length 23668 date Wed, 02 Oct 2024 19:42:44 GMT accept-ranges bytes content-type font/woff2 last-modified Fri, 20 Sep 2024 11:46:10 GMT server ycalb x-cache-hits 8
GET H2	200	museosans-500-webfont.woff2 threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/	20 KB 21 KB	96ms 93ms	Font font/woff2	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://threatpost.com Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers x-backend varnish etag "66ed6082-5194" age 38816 via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-2xwf4 (Varnish/7.3) x-varnish 39390070 360466 access-control-allow-origin * x-cache HIT content-length 20884 date Wed, 02 Oct 2024 09:03:21 GMT accept-ranges bytes content-type font/woff2 last-modified Fri, 20 Sep 2024 11:46:10 GMT server ycalb x-cache-hits 789
GET H2	200	museosans-300italic-webfont.woff2 threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/	23 KB 23 KB	185ms 182ms	Font font/woff2	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://threatpost.com Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers x-backend varnish etag "66ed6082-5bac" age 476 via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-lszfk (Varnish/7.3) x-varnish 426171 196663 access-control-allow-origin * x-cache HIT content-length 23468 date Wed, 02 Oct 2024 19:42:20 GMT accept-ranges bytes content-type font/woff2 last-modified Fri, 20 Sep 2024 11:46:10 GMT server ycalb x-cache-hits 10
GET H2	200	museosans-300-webfont.woff2 threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/	20 KB 21 KB	143ms 140ms	Font font/woff2	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://threatpost.com Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers x-backend varnish etag "66ed6082-51b8" age 89735 via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-8bl89 (Varnish/7.3) x-varnish 110825414 18055195 access-control-allow-origin * x-cache HIT content-length 20920 date Tue, 01 Oct 2024 18:54:41 GMT accept-ranges bytes content-type font/woff2 last-modified Fri, 20 Sep 2024 11:46:10 GMT server ycalb x-cache-hits 2142
GET H2	200	museosans-100italic-webfont.woff2 threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/	23 KB 23 KB	139ms 137ms	Font font/woff2	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100italic-webfont.woff2 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 038fc4d49a9191d416d49841f371b6e0b06bb40f719124099d40fe8f393b9e2c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://threatpost.com Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers x-backend varnish etag "66ed6082-5b34" age 38862 via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-2xwf4 (Varnish/7.3) x-varnish 39390071 131088 access-control-allow-origin * x-cache HIT content-length 23348 date Wed, 02 Oct 2024 09:02:34 GMT accept-ranges bytes content-type font/woff2 last-modified Fri, 20 Sep 2024 11:46:10 GMT server ycalb x-cache-hits 803
GET H2	200	museosans-100-webfont.woff2 threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/	20 KB 20 KB	187ms 185ms	Font font/woff2	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://threatpost.com Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers x-backend varnish etag "66ed6082-50c8" age 89735 via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-8bl89 (Varnish/7.3) x-varnish 107874721 18055197 access-control-allow-origin * x-cache HIT content-length 20680 date Tue, 01 Oct 2024 18:54:42 GMT accept-ranges bytes content-type font/woff2 last-modified Fri, 20 Sep 2024 11:46:10 GMT server ycalb x-cache-hits 2081
GET H2	200	/ threatpost.com/wp-content/plugins/bwp-minify/min/	300 KB 43 KB	185ms 182ms	Stylesheet text/css	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash b08996e13b6199cbecd0498e65b56bc4b72929810b6336734d0700e3677cd20c Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers content-encoding gzip age 484 x-cache-hit BYPASS expires Thu, 03 Oct 2024 19:42:12 GMT x-varnish 1081558 688132 x-cache HIT date Wed, 02 Oct 2024 19:42:13 GMT content-type text/css; charset=utf-8 vary Accept-Encoding x-cache-hits 6 last-modified Fri, 20 Sep 2024 11:46:10 GMT x-frame-options SAMEORIGIN cache-control max-age=86400 x-backend varnish x-debug-auth off via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-lszfk (Varnish/7.3) accept-ranges bytes content-length 43860 x-request-host threatpost.com server ycalb
GET H2	200	jquery-1.12.4-wp.js Show response threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/	95 KB 95 KB	187ms 184ms	Script application/javascript	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers etag "66ed6081-17a56" age 476 expires Wed, 09 Oct 2024 19:42:20 GMT x-varnish 491751 622600 x-cache HIT date Wed, 02 Oct 2024 19:42:20 GMT content-type application/javascript last-modified Fri, 20 Sep 2024 11:46:09 GMT x-cache-hits 14 cache-control max-age=604800, public x-backend varnish pragma public via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-lszfk (Varnish/7.3) accept-ranges bytes content-length 96854 server ycalb
GET H2	200	lazyload.js Show response threatpost.com/wp-content/plugins/kaspersky-lazy-load/assets/js/	7 KB 7 KB	187ms 185ms	Script application/javascript	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/plugins/kaspersky-lazy-load/assets/js/lazyload.js?ver=202224051706 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 3307268982e18bae27fb0691dea184c6a6ce845db0f6ce1f41ca63e948dde8a6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers etag "66ed6082-1a91" age 391 expires Wed, 09 Oct 2024 19:43:45 GMT x-varnish 1081559 655393 x-cache HIT date Wed, 02 Oct 2024 19:43:45 GMT content-type application/javascript last-modified Fri, 20 Sep 2024 11:46:10 GMT x-cache-hits 10 cache-control max-age=604800, public x-backend varnish pragma public via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-lszfk (Varnish/7.3) accept-ranges bytes content-length 6801 server ycalb
GET H2	200	alert_text.js Show response threatpost.com/wp-content/plugins/kaspersky-cookies-notification/scripts/	107 B 255 B	188ms 186ms	Script application/javascript	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js?ver=1726832770 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 68cdaaeccd079ab33df06d3e5fb47594a4458a6491d48a8ae2f394defb419eb5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers etag "66ed6082-6b" age 38825 expires Wed, 09 Oct 2024 09:03:11 GMT x-varnish 34834693 196695 x-cache HIT date Wed, 02 Oct 2024 09:03:11 GMT content-type application/javascript last-modified Fri, 20 Sep 2024 11:46:10 GMT x-cache-hits 860 cache-control max-age=604800, public x-backend varnish pragma public via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-2xwf4 (Varnish/7.3) accept-ranges bytes content-length 107 server ycalb
GET H2	200	alert.js Show response threatpost.com/wp-content/plugins/kaspersky-cookies-notification/scripts/	4 KB 4 KB	185ms 183ms	Script application/javascript	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js?ver=1726832769 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 500288356853c7199a27a6a2cdcd14b217d18dd9c8103272d8e6def6acbe2580 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers etag "66ed6081-104a" age 89734 expires Tue, 08 Oct 2024 18:54:42 GMT x-varnish 99618414 19791904 x-cache HIT date Tue, 01 Oct 2024 18:54:42 GMT content-type application/javascript last-modified Fri, 20 Sep 2024 11:46:09 GMT x-cache-hits 2082 cache-control max-age=604800, public x-backend varnish pragma public via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-8bl89 (Varnish/7.3) accept-ranges bytes content-length 4170 server ycalb
GET H2	200	kaspersky-twitter-pullquote.js Show response threatpost.com/wp-content/plugins/kspr_twitter_pullquote/js/	599 B 733 B	187ms 186ms	Script application/javascript	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js?ver=1.0 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 1791bf831c158912a11ca40bcf5f3573fc54ec8f8343c37780dab679c0203d63 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers etag "66ed6081-257" age 89741 expires Tue, 08 Oct 2024 18:54:35 GMT x-varnish 111053874 8093762 x-cache HIT date Tue, 01 Oct 2024 18:54:35 GMT content-type application/javascript last-modified Fri, 20 Sep 2024 11:46:09 GMT x-cache-hits 2019 cache-control max-age=604800, public x-backend varnish pragma public via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-8bl89 (Varnish/7.3) accept-ranges bytes content-length 599 server ycalb
GET H2	200	loadmore.js Show response threatpost.com/wp-content/themes/threatpost-2018/assets/js/	4 KB 5 KB	188ms 186ms	Script application/javascript	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/themes/threatpost-2018/assets/js/loadmore.js?ver=6.5.5 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash e0f1df7af81fd8eb920863093c426fdafd241b8d9aeb6126fb2fd24f36c061b3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers etag "66ed6082-11e7" age 38862 expires Wed, 09 Oct 2024 09:02:35 GMT x-varnish 35950163 131091 x-cache HIT date Wed, 02 Oct 2024 09:02:35 GMT content-type application/javascript last-modified Fri, 20 Sep 2024 11:46:10 GMT x-cache-hits 889 cache-control max-age=604800, public x-backend varnish pragma public via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-2xwf4 (Varnish/7.3) accept-ranges bytes content-length 4583 server ycalb
GET H2	200	social-share.js Show response threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/js/	18 KB 18 KB	184ms 182ms	Script application/javascript	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js?ver=1.0.0 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 546be401414bcb20cdea07cdbcd806409b9629e4895737e214401948c40409f3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers etag "66ed6082-484d" age 38827 expires Wed, 09 Oct 2024 09:03:09 GMT x-varnish 39390072 262165 x-cache HIT date Wed, 02 Oct 2024 09:03:09 GMT content-type application/javascript last-modified Fri, 20 Sep 2024 11:46:10 GMT x-cache-hits 859 cache-control max-age=604800, public x-backend varnish pragma public via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-2xwf4 (Varnish/7.3) accept-ranges bytes content-length 18509 server ycalb
GET H2	200	phish-fish-e1591191632979.jpg media.kasperskycontenthub.com/wp-content/uploads/sites/103/2020/06/03094019/	53 KB 53 KB	611ms 244ms	Image image/jpeg	2a11:27c0:10::182 EDGECENTERLLC
General Check archive.org Show headers Download Go to Show image Full URL https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2020/06/03094019/phish-fish-e1591191632979.jpg Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0:10::182 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash a1267fb5f954298273455537282a988283137c3ebeb9bef9f99d653a0a7ccd71 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache MISS etag "26a41fc5fbb3f72019285056105bd717" x-amz-request-id 86f16b1c03fbd114 accept-ranges bytes content-length 54467 date Wed, 02 Oct 2024 19:50:17 GMT content-type image/jpeg last-modified Wed, 11 Sep 2024 23:53:59 GMT server nginx x-node dh-up-gc22
GET H2	200	Becky-Bracken-pic.jpg media.threatpost.com/wp-content/uploads/sites/103/2020/07/10041056/	39 KB 39 KB	180ms 33ms	Image image/jpeg	2600:9000:20ae:600:0:5c46:4f40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.threatpost.com/wp-content/uploads/sites/103/2020/07/10041056/Becky-Bracken-pic.jpg Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ae:600:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 949ce08c8b86d6d986c1dd7043588e95515b6cd7f799575317d19705543d500c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache-control max-age=31536000 etag "e1cab0c2364107ab6eae069ca14087d7" age 2164370 via 1.1 f5af2731a86629973e69564f824d95be.cloudfront.net (CloudFront), 1.1 39665d11bf385fb9aabc991f857b37dc.cloudfront.net (CloudFront) expires Tue, 17 Aug 2021 13:15:28 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 39625 x-amz-cf-id UFSx_xBBs_BFUbdZKqE1L7RzB6sPCCF8L-f0QjyKqiVW7w6XUSzljg== date Sat, 07 Sep 2024 18:37:28 GMT content-type image/jpeg last-modified Mon, 17 Aug 2020 13:15:29 GMT server AmazonS3 x-amz-cf-pop FRA56-P9, MUC50-P5
GET H2	200	SMB-webinar-promo-article-b.jpg media.kasperskycontenthub.com/wp-content/uploads/sites/103/2021/02/17150450/	157 KB 157 KB	611ms 244ms	Image image/jpeg	2a11:27c0:10::182 EDGECENTERLLC
General Check archive.org Show headers Download Go to Show image Full URL https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2021/02/17150450/SMB-webinar-promo-article-b.jpg Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0:10::182 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash 793c1fa20d428c9cc9f0af0179d9de217c124f5d19d31c6b36878ba793bbacd2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache MISS etag "a2fa17a9d3c4987c5c58e2be2ebd9669" x-amz-request-id a85aa97f9cb2253e accept-ranges bytes content-length 160257 date Wed, 02 Oct 2024 19:50:17 GMT content-type image/jpeg last-modified Wed, 11 Sep 2024 23:56:47 GMT server nginx x-node dh-up-gc21
GET H2	200	phishing-captcha-image-300x161.jpg media.kasperskycontenthub.com/wp-content/uploads/sites/103/2021/02/19160657/	5 KB 5 KB	723ms 356ms	Image image/jpeg	2a11:27c0:10::182 EDGECENTERLLC
General Check archive.org Show headers Download Go to Show image Full URL https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2021/02/19160657/phishing-captcha-image-300x161.jpg Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0:10::182 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash b713c4d60db13b6748f0e57674ff4a364c1ee805223c52786c9ce2ea8d07a8fa Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache MISS etag "ede1a653b858bf57bdc048bbbecd1a20" x-amz-request-id da29237e731b907f accept-ranges bytes content-length 4850 date Wed, 02 Oct 2024 19:50:17 GMT content-type image/jpeg last-modified Wed, 11 Sep 2024 23:56:48 GMT server nginx x-node dh-up-gc21
GET H2	200	cybersecurity_336_300x2.jpg media.kasperskycontenthub.com/wp-content/uploads/sites/103/2022/09/05095106/	298 KB 298 KB	184ms 80ms	Image image/jpeg	2a11:27c0:10::182 EDGECENTERLLC
General Check archive.org Show headers Download Go to Show image Full URL https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2022/09/05095106/cybersecurity_336_300x2.jpg Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0:10::182 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash 459b6e8f13bcee749803158c0efd58396db234b46dd73eb296148299eea9d82f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache HIT etag "8036d0d3ef921bb7da269e3c1a484e5c" x-amz-request-id b50f6c5bbc9a3d9c accept-ranges bytes content-length 305079 date Wed, 02 Oct 2024 19:50:17 GMT content-type image/jpeg last-modified Thu, 12 Sep 2024 00:02:24 GMT server nginx x-cached-since 2024-10-02T12:50:08+00:00 x-node dh-up-gc4
GET H2	404	cybersecurity_336_500x2.jpg kasperskycontenthub.com/threatpost-global/files/2022/09/	27 B 27 B	412ms 254ms	Image text/html	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://kasperskycontenthub.com/threatpost-global/files/2022/09/cybersecurity_336_500x2.jpg Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 0e1bce295fd801ab223481da8e6f3ae3a579e69152558444a61b13f3fa26a851 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers content-encoding gzip x-backend varnish age 0 via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-8bl89 (Varnish/7.3) x-varnish 109610903 x-cache MISS date Wed, 02 Oct 2024 19:50:17 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server ycalb x-cache-hits 0
GET H2	200	scripts.js Show response kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/	2 KB 2 KB	212ms 54ms	Script application/javascript	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/scripts.js?ver=1.0 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers etag "66ed6081-828" age 38883 expires Wed, 09 Oct 2024 09:02:14 GMT x-varnish 35950165 34 x-cache HIT date Wed, 02 Oct 2024 09:02:14 GMT content-type application/javascript last-modified Fri, 20 Sep 2024 11:46:09 GMT x-cache-hits 971 cache-control max-age=604800, public x-backend varnish pragma public via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-2xwf4 (Varnish/7.3) accept-ranges bytes content-length 2088 server ycalb
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 968 B	39ms 18ms	Script text/javascript	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 07d4a299bf3b7258dd6a813244d4f9aa9dfb661907c53532c06daeb50a467a95 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache-control private, max-age=300 content-encoding gzip cross-origin-resource-policy cross-origin report-to {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} x-content-type-options nosniff expires Wed, 02 Oct 2024 19:50:17 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" date Wed, 02 Oct 2024 19:50:17 GMT x-xss-protection 0 content-type text/javascript; charset=utf-8 server ESF x-frame-options SAMEORIGIN
GET H2	200	main.js Show response threatpost.com/wp-content/plugins/kaspersky-gravity-forms-dynamic-recaptcha/assets/js/	3 KB 3 KB	58ms 55ms	Script application/javascript	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/plugins/kaspersky-gravity-forms-dynamic-recaptcha/assets/js/main.js?ver=202124050927 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 4d52f37b83f70c5035632548c652508d793eec55e17f2ac19552f4fa19d323be Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers etag "66ed6082-ab4" age 417 expires Wed, 09 Oct 2024 19:43:20 GMT x-varnish 1146892 458779 x-cache HIT date Wed, 02 Oct 2024 19:43:20 GMT content-type application/javascript last-modified Fri, 20 Sep 2024 11:46:10 GMT x-cache-hits 12 cache-control max-age=604800, public x-backend varnish pragma public via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-lszfk (Varnish/7.3) accept-ranges bytes content-length 2740 server ycalb
GET H2	200	main.js Show response threatpost.com/wp-content/plugins/kaspersky-lazy-load/assets/js/	437 B 569 B	63ms 60ms	Script application/javascript	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/plugins/kaspersky-lazy-load/assets/js/main.js?ver=202224051706 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 0de5867fb96beb7a6df6147dea8d8f921d522b0822b0bdc46ac1af2277d3215c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers etag "66ed6082-1b5" age 38897 expires Wed, 09 Oct 2024 09:01:59 GMT x-varnish 37882699 196615 x-cache HIT date Wed, 02 Oct 2024 09:01:59 GMT content-type application/javascript last-modified Fri, 20 Sep 2024 11:46:10 GMT x-cache-hits 990 cache-control max-age=604800, public x-backend varnish pragma public via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-2xwf4 (Varnish/7.3) accept-ranges bytes content-length 437 server ycalb
GET H2	200	s_code_single_suite.js Show response media.kaspersky.com/tracking/omniture/	208 KB 75 KB	54ms 14ms	Script application/javascript	185.85.15.23 KL-EXT
General Check archive.org Show headers Download Go to Full URL https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=6.5.5 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 185.85.15.23 , Germany, ASN200107 (KL-EXT, CH), Reverse DNS Software / Kaspersky Labs, Kaspersky Labs Resource Hash 2a0bee86cb7897007c66d44b3008c3f91ff9e1f9a289c97eeff0a0d19c6275a7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers content-encoding br etag "80f291d72cf2da1:0" x-content-type-options nosniff alt-svc h3=":443"; ma=86400; persist=1 date Wed, 02 Oct 2024 19:50:17 GMT content-type application/javascript last-modified Mon, 19 Aug 2024 11:42:17 GMT x-server fr1/FRA1 vary Accept-Encoding x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=3600 accept-ranges bytes x-xss-protection 1; mode=block x-powered-by Kaspersky Labs, Kaspersky Labs server
GET H2	200	main.js Show response threatpost.com/wp-content/themes/threatpost-2018/assets/js/	121 KB 121 KB	59ms 57ms	Script application/javascript	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/themes/threatpost-2018/assets/js/main.js?ver=202107061113 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash d6bd41bdf56fdc5de7810ac93ffbfb7a5f08afc4aa2912e6ff0aca9fdb9136ba Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers etag "66ed6082-1e2bb" age 476 expires Wed, 09 Oct 2024 19:42:20 GMT x-varnish 426172 327698 x-cache HIT date Wed, 02 Oct 2024 19:42:20 GMT content-type application/javascript last-modified Fri, 20 Sep 2024 11:46:10 GMT x-cache-hits 12 cache-control max-age=604800, public x-backend varnish pragma public via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-lszfk (Varnish/7.3) accept-ranges bytes content-length 123579 server ycalb
GET H2	200	/ Show response kasperskycontenthub.com/	0 229 B	346ms 189ms	Script application/javascript	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=1152822014&back=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers age 0 x-content-type-options nosniff x-cache-hit BYPASS x-varnish 37882701 x-cache MISS date Wed, 02 Oct 2024 19:50:17 GMT content-type application/javascript x-cache-hits 0 x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains x-backend varnish x-debug-auth off via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-2xwf4 (Varnish/7.3) accept-ranges bytes content-length 0 x-xss-protection 1; mode=block x-request-host kasperskycontenthub.com server ycalb
GET H2	200	gtm.js Show response www.googletagmanager.com/	249 KB 85 KB	56ms 29ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c1c0989d025d5eea9a5abbb3d70971326e8a054c152a8b2f19594ac888af5c6f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Wed, 02 Oct 2024 19:50:17 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 02 Oct 2024 19:50:17 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Wed, 02 Oct 2024 18:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 86258 x-xss-protection 0 server Google Tag Manager
GET H2	200	gtm.js Show response www.googletagmanager.com/	557 KB 136 KB	60ms 59ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5a13cc3b756b8b56c18ebf217a87e0f6e8026d55c56b8c756b50655459c61525 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers content-encoding gzip report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Wed, 02 Oct 2024 19:50:17 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 02 Oct 2024 19:50:17 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 139485 x-xss-protection 0 server Google Tag Manager
GET H2	200	icons.svg threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/	13 KB 13 KB	56ms 55ms	Other image/svg+xml	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers x-backend varnish etag "66ed6082-328e" age 476 via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-lszfk (Varnish/7.3) x-varnish 491752 360475 access-control-allow-origin * x-cache HIT content-length 12942 date Wed, 02 Oct 2024 19:42:20 GMT accept-ranges bytes content-type image/svg+xml last-modified Fri, 20 Sep 2024 11:46:10 GMT server ycalb x-cache-hits 10
GET H2	200	logo.png threatpost.com/wp-content/themes/threatpost-2018/assets/images/	19 KB 19 KB	58ms 57ms	Image image/png	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo.png Requested by Host: threatpost.com URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css Response headers etag "66ed6082-4a32" age 354 expires Wed, 09 Oct 2024 19:44:22 GMT x-varnish 1081560 393301 x-cache HIT date Wed, 02 Oct 2024 19:44:22 GMT content-type image/png last-modified Fri, 20 Sep 2024 11:46:10 GMT x-cache-hits 4 cache-control max-age=604800, public x-backend varnish pragma public via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-lszfk (Varnish/7.3) accept-ranges bytes content-length 18994 server ycalb
GET H2	200	mail-plane-large-dark.svg threatpost.com/wp-content/themes/threatpost-2018/assets/images/	812 B 966 B	57ms 57ms	Image image/svg+xml	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-large-dark.svg Requested by Host: threatpost.com URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css Response headers x-backend varnish etag "66ed6082-32c" age 89728 via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-8bl89 (Varnish/7.3) x-varnish 109610902 3407950 access-control-allow-origin * x-cache HIT content-length 812 date Tue, 01 Oct 2024 18:54:48 GMT accept-ranges bytes content-type image/svg+xml last-modified Fri, 20 Sep 2024 11:46:10 GMT server ycalb x-cache-hits 726
GET H2	200	logo-white.png threatpost.com/wp-content/themes/threatpost-2018/assets/images/	10 KB 10 KB	55ms 55ms	Image image/png	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo-white.png Requested by Host: threatpost.com URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css Response headers etag "66ed6082-260a" age 354 expires Wed, 09 Oct 2024 19:44:22 GMT x-varnish 1146893 32833 x-cache HIT date Wed, 02 Oct 2024 19:44:22 GMT content-type image/png last-modified Fri, 20 Sep 2024 11:46:10 GMT x-cache-hits 4 cache-control max-age=604800, public x-backend varnish pragma public via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-lszfk (Varnish/7.3) accept-ranges bytes content-length 9738 server ycalb
GET H2	200	phishing-sign-in-page-300x161.jpg media.kasperskycontenthub.com/wp-content/uploads/sites/103/2021/02/19160718/	7 KB 7 KB	340ms 273ms	Image image/jpeg	2a11:27c0:10::182 EDGECENTERLLC
General Check archive.org Show headers Download Go to Show image Full URL https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2021/02/19160718/phishing-sign-in-page-300x161.jpg Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0:10::182 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash 3e9eefb59277748bb91f68907a4ddbc3d5ff18307fb8af50285f925427145afd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache MISS etag "d58d99202d89890c159ffefc908f5123" x-amz-request-id 6061a87499a5e4a6 accept-ranges bytes content-length 7490 date Wed, 02 Oct 2024 19:50:17 GMT content-type image/jpeg last-modified Wed, 11 Sep 2024 23:56:48 GMT server nginx x-node dh-up-gc5
GET H2	200	phishing-email-example-300x222.jpg media.kasperskycontenthub.com/wp-content/uploads/sites/103/2021/02/19160706/	12 KB 12 KB	358ms 292ms	Image image/jpeg	2a11:27c0:10::182 EDGECENTERLLC
General Check archive.org Show headers Download Go to Show image Full URL https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2021/02/19160706/phishing-email-example-300x222.jpg Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0:10::182 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash f0a4d16aad94ac27eb35c9707b8a74b3c383baaccac7d80fbd2822830c52cc18 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache MISS etag "43cfb6a96f4a9bc4db7cefb691260490" x-amz-request-id c400ca78f5687a8d accept-ranges bytes content-length 12175 date Wed, 02 Oct 2024 19:50:17 GMT content-type image/jpeg last-modified Wed, 11 Sep 2024 23:56:48 GMT server nginx x-node dh-up-gc22
GET H2	200	cloud-digital-64x64.png media.kasperskycontenthub.com/wp-content/uploads/sites/103/2022/04/29082135/	10 KB 10 KB	107ms 69ms	Image image/png	2a11:27c0:10::182 EDGECENTERLLC
General Check archive.org Show headers Download Go to Show image Full URL https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2022/04/29082135/cloud-digital-64x64.png Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0:10::182 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash c2b1d3e721d38c46cbaaa362388526ed9b9f661780ffa85e1ed50b69af5643ad Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache HIT etag "f1455ae047ce96f757a16ac05f552d4e" x-amz-request-id 110921d7685b661f accept-ranges bytes content-length 9876 date Wed, 02 Oct 2024 19:50:17 GMT content-type image/png last-modified Thu, 12 Sep 2024 00:02:12 GMT server nginx x-cached-since 2024-10-02T13:49:58+00:00 x-node dh-up-gc22
GET H2	200	01_intro_iot-e1520348007355-64x64.png media.kasperskycontenthub.com/wp-content/uploads/sites/103/2016/12/06095327/	6 KB 6 KB	111ms 74ms	Image image/png	2a11:27c0:10::182 EDGECENTERLLC
General Check archive.org Show headers Download Go to Show image Full URL https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2016/12/06095327/01_intro_iot-e1520348007355-64x64.png Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0:10::182 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash e7b09255eb2baa24f82cc435b988d86cf28f3c4c495f3da10d1d95cd6166ac1e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache HIT etag "7e159b19402a36c8a7919c746a350744" x-amz-request-id 3101073a2793ee54 accept-ranges bytes content-length 5949 date Wed, 02 Oct 2024 19:50:17 GMT content-type image/png last-modified Wed, 11 Sep 2024 23:43:12 GMT server nginx x-cached-since 2024-10-02T13:49:58+00:00 x-node dh-up-gc5
GET H2	200	Ransomware-64x64.jpg media.kasperskycontenthub.com/wp-content/uploads/sites/103/2019/06/20122305/	2 KB 2 KB	106ms 69ms	Image image/jpeg	2a11:27c0:10::182 EDGECENTERLLC
General Check archive.org Show headers Download Go to Show image Full URL https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2019/06/20122305/Ransomware-64x64.jpg Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0:10::182 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash a9cd0da089c8a9f68edc523eb56ab5fe5ec6df35e989dfdd54cdc04c871b9a93 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache HIT etag "5aa6f487ce6e3a49d6e253cc7752aa43" x-amz-request-id fad6f9cdb08da90c accept-ranges bytes content-length 1901 date Wed, 02 Oct 2024 19:50:17 GMT content-type image/jpeg last-modified Wed, 11 Sep 2024 23:50:44 GMT server nginx x-cached-since 2024-10-02T13:49:58+00:00 x-node dh-up-gc17
GET H2	200	Security_Cyber_Insurance-64x64.jpg media.kasperskycontenthub.com/wp-content/uploads/sites/103/2018/07/19123143/	2 KB 2 KB	112ms 75ms	Image image/jpeg	2a11:27c0:10::182 EDGECENTERLLC
General Check archive.org Show headers Download Go to Show image Full URL https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2018/07/19123143/Security_Cyber_Insurance-64x64.jpg Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0:10::182 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash 97c42d28f70d21116c01e0a6d582cb3f4513113f56241ee0b01aa09349e6454f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache HIT etag "f61ceca9cf1e61564498640e71cb41aa" x-amz-request-id 114a326b1172221b accept-ranges bytes content-length 1864 date Wed, 02 Oct 2024 19:50:17 GMT content-type image/jpeg last-modified Wed, 11 Sep 2024 23:46:49 GMT server nginx x-cached-since 2024-10-02T13:49:58+00:00 x-node dh-up-gc5
GET H2	200	Cutting-Through-the-Noise-from-Daily-Alerts-64x64.png media.kasperskycontenthub.com/wp-content/uploads/sites/103/2021/08/03142545/	9 KB 10 KB	114ms 76ms	Image image/png	2a11:27c0:10::182 EDGECENTERLLC
General Check archive.org Show headers Download Go to Show image Full URL https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2021/08/03142545/Cutting-Through-the-Noise-from-Daily-Alerts-64x64.png Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0:10::182 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash d1fb63f766f0256878a7764edc2c02fa45b2399f1ce95ba60fb30d7f8dd12c79 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache HIT etag "62959435ddbf1a1a363b0f919961ea4e" x-amz-request-id 718718257e002adc accept-ranges bytes content-length 9618 date Wed, 02 Oct 2024 19:50:17 GMT content-type image/png last-modified Wed, 11 Sep 2024 23:58:43 GMT server nginx x-cached-since 2024-10-02T13:49:58+00:00 x-node dh-up-gc21
GET H2	200	gtm.js Show response www.googletagmanager.com/	639 KB 162 KB	63ms 61ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bd31bf370e379a8f8983a0ae68d65cd93cb431111831bf637b503658e5a3e666 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers content-encoding gzip report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Wed, 02 Oct 2024 19:50:17 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 02 Oct 2024 19:50:17 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 165688 x-xss-protection 0 server Google Tag Manager
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/	541 KB 215 KB	30ms 8ms	Script text/javascript	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8635cb1f53e720094ad3494627fd904246c714272f0aaa563117f2688deaee24 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://threatpost.com Referer https://threatpost.com/ Response headers content-encoding gzip age 25987 report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} x-content-type-options nosniff expires Thu, 02 Oct 2025 12:37:10 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 02 Oct 2024 12:37:10 GMT last-modified Mon, 23 Sep 2024 04:00:50 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha accept-ranges bytes access-control-allow-origin * content-length 219745 x-xss-protection 0 server sffe
GET H2	200	id Show response dpm.demdex.net/	368 B 914 B	104ms 31ms	XHR application/json	52.31.64.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=983502BE532960BE0A490D4C%40AdobeOrg&d_nsid=0&ts=1727898617721 Requested by Host: media.kaspersky.com URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=6.5.5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.31.64.150 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-64-150.eu-west-1.compute.amazonaws.com Software / Resource Hash ae97ed07b0c717ebca78d874836057213c09b3d3a8ae6965dc2cc4b2b0f581fb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://threatpost.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private dcs dcs-prod-irl1-1-v065-0148714e0.edge-irl1.demdex.com 2 ms content-encoding gzip pragma no-cache access-control-allow-credentials true x-tid c1FcME4QRKU= expires Thu, 01 Jan 1970 00:00:00 UTC access-control-allow-origin https://threatpost.com content-length 311 p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" date Wed, 02 Oct 2024 19:50:17 GMT content-type application/json;charset=utf-8 vary Origin
GET H2	200	flipboard.svg threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/	236 B 339 B	58ms 57ms	Image image/svg+xml	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/flipboard.svg Requested by Host: threatpost.com URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css Response headers x-backend varnish etag "66ed6082-ec" age 354 via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-lszfk (Varnish/7.3) x-varnish 1081561 393303 access-control-allow-origin * x-cache HIT content-length 236 date Wed, 02 Oct 2024 19:44:23 GMT accept-ranges bytes content-type image/svg+xml last-modified Fri, 20 Sep 2024 11:46:10 GMT server ycalb x-cache-hits 3
GET H2	200	fa-brands-400.woff2 threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/	107 KB 108 KB	56ms 54ms	Font font/woff2	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fa-brands-400.woff2?v=6.4.2 Requested by Host: threatpost.com URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://threatpost.com Referer https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css Response headers x-backend varnish etag "66ed6082-1acf0" age 89740 via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-8bl89 (Varnish/7.3) x-varnish 99618417 19431460 access-control-allow-origin * x-cache HIT content-length 109808 date Tue, 01 Oct 2024 18:54:37 GMT accept-ranges bytes content-type font/woff2 last-modified Fri, 20 Sep 2024 11:46:10 GMT server ycalb x-cache-hits 1949
GET H3	200	destination Show response www.googletagmanager.com/gtag/	286 KB 98 KB	35ms 35ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=G-YP1JLG57CH&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 08297a5b0db5f560a6a572eb3793a0a053056a7d4090fc09bd2f099ea5b15ae2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Wed, 02 Oct 2024 19:50:17 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 02 Oct 2024 19:50:17 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 100273 x-xss-protection 0 server Google Tag Manager
GET H2	200	dest5.html kaspersky.demdex.net/ Frame E3C4	0 0	105ms 31ms	Document text/html	52.214.92.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kaspersky.demdex.net/dest5.html?d_nsid=0 Requested by Host: media.kaspersky.com URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=6.5.5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.214.92.225 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-214-92-225.eu-west-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://threatpost.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding gzip content-type text/html;charset=UTF-8 date Wed, 02 Oct 2024 19:50:17 GMT dcs dcs-prod-irl1-2-v065-0e75ab0c8.edge-irl1.demdex.com 0 ms expires Thu, 01 Jan 1970 00:00:00 UTC last-modified Mon, 23 Sep 2024 10:26:48 GMT p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" pragma no-cache strict-transport-security max-age=31536000; includeSubDomains vary accept-encoding x-tid OPmrlyx+Q1g=
GET H2	200	id Show response kaspersky.d3.sc.omtrdc.net/	2 B 266 B	78ms 20ms	XHR application/x-javascript	63.140.62.222 OMNITURE
General Check archive.org Show headers Download Go to Full URL https://kaspersky.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&mid=14168747091207074620747461485842019638&ts=1727898617873 Requested by Host: media.kaspersky.com URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=6.5.5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.140.62.222 , United States, ASN15224 (OMNITURE, US), Reverse DNS ip-63-140-62-222.data.adobedc.net Software jag / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://threatpost.com/ Response headers cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true x-content-type-options nosniff access-control-allow-origin https://threatpost.com p3p CP="This is not a P3P policy" content-length 2 date Wed, 02 Oct 2024 19:50:17 GMT x-xss-protection 1; mode=block content-type application/x-javascript;charset=utf-8 vary Origin server jag
GET H2	200	ibs:dpid=411&dpuuid=Zv2j_gAAACA9UQO5 dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=21581100364151044760289745419423161196 https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zv2j_gAAACA9UQO5	42 B 715 B	34ms 34ms	Image image/gif	52.31.64.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zv2j_gAAACA9UQO5 Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Server 52.31.64.150 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-64-150.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private dcs dcs-prod-irl1-2-v065-06db52c8d.edge-irl1.demdex.com 3 ms content-encoding gzip pragma no-cache x-content-type-options nosniff x-tid q9GZ3ImfR80= expires Thu, 01 Jan 1970 00:00:00 UTC content-length 59 p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" date Wed, 02 Oct 2024 19:50:18 GMT content-type image/gif Redirect headers Cache-Control no-cache Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zv2j_gAAACA9UQO5 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM" Content-Length 0 Date Wed, 02 Oct 2024 19:50:18 GMT Connection keep-alive Server AMO-cookiemap/1.1
GET H2	200	web-vitals.attribution.iife.js Show response unpkg.com/web-vitals@3.0.0/dist/	10 KB 4 KB	47ms 23ms	Script application/javascript	2606:4700::6811:f5cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/web-vitals@3.0.0/dist/web-vitals.attribution.iife.js Requested by Host: threatpost.com URL: https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9344b6a4db3db16dee581361244125a03a353c2ed0f5f701d83dc2be552d07c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers content-encoding br cf-cache-status HIT etag "2647-N1l5oKJqaDLvxL3cO+UxlArzaXc" age 16313599 x-content-type-options nosniff date Wed, 02 Oct 2024 19:50:18 GMT content-type application/javascript; charset=utf-8 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01HT16NH1HE05PZSQMATH47T6P-fra vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000 via 1.1 fly.io cf-ray 8cc7387b4ce96922-FRA access-control-allow-origin * server cloudflare
GET H3	200	js Show response www.googletagmanager.com/gtag/	302 KB 102 KB	31ms 31ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-CEMREXL3PF&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 372b97ebe5b147a80b4341fddc628a8b0d190aadceae364bd33a8bda15938c14 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 02 Oct 2024 19:50:18 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 02 Oct 2024 19:50:18 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 104514 x-xss-protection 0 server Google Tag Manager
GET H2	200	quant.js Show response secure.quantserve.com/	23 KB 10 KB	54ms 7ms	Script application/javascript	2620:116:800d:21:de2e:c7b3:55c0:d5a0 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 20133cc700841ec85f087ff9834a922b482b9135e98574a9afebade4c754558c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache-control private, max-age=604800 content-encoding gzip etag "HP/dXILNCv8vRT01LqWQOg==" expires Wed, 09 Oct 2024 19:50:18 GMT accept-ranges bytes date Wed, 02 Oct 2024 19:50:18 GMT content-type application/javascript vary Accept-Encoding
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	38ms 7ms	Script application/javascript	146.75.120.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers vary Accept-Encoding,Host cache-control no-cache content-encoding gzip etag "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip" accept-ranges bytes x-cache HIT, HIT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" content-length 15412 date Wed, 02 Oct 2024 19:50:18 GMT x-tw-cdn FT last-modified Fri, 22 Mar 2024 21:07:24 GMT content-type application/javascript; charset=utf-8 x-served-by cache-iad-kiad7000168-IAD, cache-fra-etou8220053-FRA x-amz-server-side-encryption AES256
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	40 KB 14 KB	63ms 20ms	Script application/javascript	2a02:26f0:3100::1735:283b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::1735:283b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache-control max-age=83185 content-encoding gzip x-cdn AKAM x-content-type-options nosniff accept-ranges bytes content-length 14628 date Wed, 02 Oct 2024 19:50:18 GMT last-modified Thu, 22 Aug 2024 10:43:55 GMT content-type application/javascript;charset=utf-8 vary Accept-Encoding x-amz-server-side-encryption AES256
GET H3	200	js Show response www.googletagmanager.com/gtag/	221 KB 79 KB	25ms 24ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-12346775 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d33318fb458a04016c35e4150ebe53c3ff41a8d14318f9894ebc2749d9ea43fd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 02 Oct 2024 19:50:18 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 02 Oct 2024 19:50:18 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 80690 x-xss-protection 0 server Google Tag Manager
GET		undefined.js www.dwin1.com/	0 0
GET H2	200	tune.js Show response js.go2sdk.com/v2/	4 KB 4 KB	55ms 13ms	Script application/javascript	108.138.36.93 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.go2sdk.com/v2/tune.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.93 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-93.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 688ea52c7291b980af811cab2dfc8af5ebb15a01555ddc0f3f312db77b059b74 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers x-amz-version-id null etag "3301ce2b9ef7fa3f72c5ae2b296d4ceb" age 49391 via 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 4142 x-amz-cf-id 3lgOMmFEVb19pXBG3cFEq0Xhv4iahrQx5ZAsFHi9MYkOeBmVhs3LwQ== date Wed, 02 Oct 2024 06:07:08 GMT content-type application/javascript last-modified Mon, 04 Mar 2024 18:55:58 GMT server AmazonS3 x-amz-cf-pop MUC50-P2 x-amz-server-side-encryption AES256
GET H2	200	favicon.ico threatpost.com/wp-content/themes/threatpost-2018/assets/images/favicon/	15 KB 4 KB	54ms 54ms	Other image/x-icon	158.160.164.142 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/favicon/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.160.164.142 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software ycalb / Resource Hash 7c9505dda8d990411211c1fd197adb35e20ca9505bb4fe03481b8d71ab11c194 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Response headers content-encoding gzip etag W/"66ed6083-3aee" age 282 expires Wed, 09 Oct 2024 19:45:35 GMT x-varnish 1146895 491620 x-cache HIT date Wed, 02 Oct 2024 19:45:35 GMT content-type image/x-icon last-modified Fri, 20 Sep 2024 11:46:11 GMT vary Accept-Encoding x-cache-hits 2 cache-control max-age=604800, public x-backend varnish pragma public via 1.1 kch-varnish-kube-httpcache-6bbf48fc9b-lszfk (Varnish/7.3) accept-ranges bytes content-length 3912 server ycalb
POST H2	204	collect region1.google-analytics.com/g/	0 0	39ms 15ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-YP1JLG57CH&gtm=45je4a10v879046328z871206015za200zb836855486&_p=1727898617491&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=2108401593.1727898618&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F&sid=1727898618&sct=1&seg=0&dt=Malformed%20URL%20Prefix%20Phishing%20Attacks%20Spike%206%2C000%25%20%7C%20Threatpost&en=page_view&_fv=1&_nsi=1&_ss=1&ep.dateStringISO=2024-10-02T19%3A50%3A18.077Z&ep.event_id=1727898617491.1&tfd=5226 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=G-YP1JLG57CH&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://threatpost.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 02 Oct 2024 19:50:18 GMT content-type text/plain server Golfe2
GET H2	200	rules-p-_7kVx0t9Jqj90.js Show response rules.quantcount.com/	2 B 354 B	98ms 35ms	Script application/javascript	2600:9000:20ae:4600:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-_7kVx0t9Jqj90.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ae:4600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache-control max-age=3600 age 3334 cross-origin-resource-policy cross-origin access-control-allow-methods GET via 1.1 65bfa9839a30709dc259dc9134cf67b2.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Hit from cloudfront content-length 2 x-amz-cf-id 10jDKsiRqeUovUrT5wCi8XRAtABRnMlEKn31ov5o-SLK-Z9WYtItzA== date Wed, 02 Oct 2024 18:54:44 GMT content-type application/javascript x-amz-cf-pop MUC50-P5 server AmazonS3
GET H2	200	adsct t.co/i/	43 B 627 B	158ms 132ms	Image image/gif	162.159.140.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=3&eci=2&event_id=565669f3-957a-4faa-ad61-63a10d1794cf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d6e6a3fc-1b78-4074-b3f9-9dd88295c3f9&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ntt0j&type=javascript&version=2.3.30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers strict-transport-security max-age=0 x-transaction-id 7e846765f1804dc3 cache-control no-cache, no-store, max-age=0 x-connection-hash 0948e1adf16305bd1adad15e4a7d3c31b3c97d14f43f359c768636919231f02f cf-cache-status DYNAMIC cf-ray 8cc7387bd9844d93-FRA x-response-time 104 content-length 43 date Wed, 02 Oct 2024 19:50:18 GMT content-type image/gif;charset=utf-8 perf 7402827104 server cloudflare tsa_o
GET H2	200	adsct analytics.twitter.com/i/	43 B 393 B	269ms 207ms	Image image/gif	104.244.42.3 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=565669f3-957a-4faa-ad61-63a10d1794cf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d6e6a3fc-1b78-4074-b3f9-9dd88295c3f9&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ntt0j&type=javascript&version=2.3.30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.3 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_f / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers strict-transport-security max-age=631138519 x-transaction-id b3a17dfef917d22f cache-control no-cache, no-store, max-age=0 x-connection-hash 57b8cc7bcca79bde42981ddd4d023b8f75a2d33cc0dce90767a352abfebe2d1d x-response-time 181 content-length 43 date Wed, 02 Oct 2024 19:50:18 GMT perf 7402827104 content-type image/gif;charset=utf-8 server tsa_f
GET H2	200	activityi;dc_pre=CPnn5vq78IgDFVLoEQgdRA0iow;src=12346775;type=globalc;cat=globa0;ord=3964121097172;npa=1;auiddc=1347153576.1727898618;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fmalformed-url-prefi... 12346775.fls.doubleclick.net/ Frame 742B Redirect Chain https://12346775.fls.doubleclick.net/activityi;src=12346775;type=globalc;cat=globa0;ord=3964121097172;npa=1;auiddc=1347153576.1727898618;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fmalformed-url-pr... https://12346775.fls.doubleclick.net/activityi;dc_pre=CPnn5vq78IgDFVLoEQgdRA0iow;src=12346775;type=globalc;cat=globa0;ord=3964121097172;npa=1;auiddc=1347153576.1727898618;u1=B2C;u2=no_locale;u4=thr...	0 0	31ms 30ms	Document text/html	142.250.186.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://12346775.fls.doubleclick.net/activityi;dc_pre=CPnn5vq78IgDFVLoEQgdRA0iow;src=12346775;type=globalc;cat=globa0;ord=3964121097172;npa=1;auiddc=1347153576.1727898618;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F;u6=;u7=14168747091207074620747461485842019638-GA1.1.2108401593.1727898618;u9=_malformed-url-prefix-phishing-attacks-spike-6000_164132_;ps=1;pcor=1065674428;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a10v9181803792za200;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-12346775 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://threatpost.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 717 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 02 Oct 2024 19:50:18 GMT expires Wed, 02 Oct 2024 19:50:18 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 02 Oct 2024 19:50:18 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://12346775.fls.doubleclick.net/activityi;dc_pre=CPnn5vq78IgDFVLoEQgdRA0iow;src=12346775;type=globalc;cat=globa0;ord=3964121097172;npa=1;auiddc=1347153576.1727898618;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F;u6=;u7=14168747091207074620747461485842019638-GA1.1.2108401593.1727898618;u9=_malformed-url-prefix-phishing-attacks-spike-6000_164132_;ps=1;pcor=1065674428;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a10v9181803792za200;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	activity;register_conversion=1;src=12346775;type=globalc;cat=globa0;ord=3964121097172;npa=1;auiddc=1347153576.1727898618;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fmalformed-url-prefix-phishing-at... ad.doubleclick.net/	0 23 B	69ms 44ms	Image image/png	142.250.181.230 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/activity;register_conversion=1;src=12346775;type=globalc;cat=globa0;ord=3964121097172;npa=1;auiddc=1347153576.1727898618;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F;u6=;u7=14168747091207074620747461485842019638-GA1.1.2108401593.1727898618;u9=_malformed-url-prefix-phishing-attacks-spike-6000_164132_;ps=1;pcor=1065674428;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a10v9181803792za200;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F? Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 0 date Wed, 02 Oct 2024 19:50:18 GMT attribution-reporting-register-trigger {"aggregatable_deduplication_keys":[{"deduplication_key":"9338757433915852001"}],"aggregatable_trigger_data":[{"filters":[{"14":["13165872"]}],"key_piece":"0xb1838c3be6d090b3","source_keys":["12","13","14","15","16","17","18","19","20","21","24068220","24068221","24068222","24068223","628625456","628625457","628625458","628625459","628641048","628641049","628641050","628641051","628697792","628697793","628697794","628697795","638517668","638517669","638517670","638517671"]},{"key_piece":"0x9fd14ae8ad062064","not_filters":{"14":["13165872"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","24068220","24068221","24068222","24068223","628625456","628625457","628625458","628625459","628641048","628641049","628641050","628641051","628697792","628697793","628697794","628697795","638517668","638517669","638517670","638517671"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"24068220":34,"24068221":34,"24068222":34,"24068223":3345,"628625456":32,"628625457":32,"628625458":32,"628625459":3177,"628641048":32,"628641049":32,"628641050":32,"628641051":3177,"628697792":32,"628697793":32,"628697794":32,"628697795":3177,"638517668":32,"638517669":32,"638517670":32,"638517671":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"18263174820219958178","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"9338757433915852001","filters":[{"14":["13165872"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"9338757433915852001","filters":[{"14":["13165872"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"9338757433915852001","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"9338757433915852001","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12346775"]}} content-type image/png x-xss-protection 0 server cafe
POST H2	204	collect region1.analytics.google.com/g/	0 0	17ms 15ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-CEMREXL3PF&gtm=45je4a10v9108261345z879348897za200zb79348897&_p=1727898617491&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=2108401593.1727898618&ul=de-de&sr=1600x1200&_ng=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727898618&sct=1&seg=0&dl=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F&dt=Malformed%20URL%20Prefix%20Phishing%20Attacks%20Spike%206%2C000%25%20%7C%20Threatpost&en=page_view&_fv=1&_ss=1&tfd=5331 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CEMREXL3PF&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://threatpost.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 02 Oct 2024 19:50:18 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 553 B	71ms 23ms	Ping text/plain	2a00:1450:400c:c1f::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-CEMREXL3PF&cid=2108401593.1727898618&gtm=45je4a10v9108261345z879348897za200zb79348897&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101747727 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CEMREXL3PF&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c1f::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://threatpost.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 02 Oct 2024 19:50:18 GMT content-type text/plain server Golfe2
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	1462ms 1444ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-CEMREXL3PF&cid=2108401593.1727898618&gtm=45je4a10v9108261345z879348897za200zb79348897&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101747727&tag_exp=101671035~101747727&z=852983057 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Wed, 02 Oct 2024 19:50:19 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 812 B	185ms 158ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=39138&time=1727898618291&url=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept * Referer https://threatpost.com/ Response headers x-li-pop afd-prod-ltx1-x content-encoding gzip x-fs-uuid 00062383bf5b6d480ccae598f9eb68ac x-msedge-ref Ref A: 54E73090E948488ABC021A2D67AE2A4B Ref B: FRAEDGE1512 Ref C: 2024-10-02T19:50:18Z x-li-fabric prod-ltx1 x-restli-protocol-version 1.0.0 access-control-allow-methods GET, OPTIONS x-li-uuid AAYjg79bbUgMyuWY+etorA== x-li-proto http/2 access-control-allow-origin * x-cache CONFIG_NOCACHE date Wed, 02 Oct 2024 19:50:18 GMT content-type application/json access-control-allow-headers *
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1727898618291&url=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1727898618291&url=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F&e_ipv6=AQKdlECq_TL5QAAAA...	0 264 B	198ms 164ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1727898618291&url=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F&e_ipv6=AQKdlECq_TL5QAAAAZJOyIoeiHwiEBNJW3ygGIcPU9yMVGLoZ-6ffJmWCPDK76kQyZUTBZVWRAqJMfJGed_UA5ctyxvfpQ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers linkedin-action 1 x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: A968C48378CA48F6B5A4926A98534E3E Ref B: FRAEDGE1910 Ref C: 2024-10-02T19:50:18Z x-li-fabric prod-ltx1 x-li-uuid AAYjg79eQFJGW5Hsbi2taA== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Wed, 02 Oct 2024 19:50:18 GMT content-type application/javascript Redirect headers linkedin-action 1 x-li-pop afd-prod-ltx1-x location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1727898618291&url=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F&e_ipv6=AQKdlECq_TL5QAAAAZJOyIoeiHwiEBNJW3ygGIcPU9yMVGLoZ-6ffJmWCPDK76kQyZUTBZVWRAqJMfJGed_UA5ctyxvfpQ x-msedge-ref Ref A: 3D027984B9CD473E973A0C281B701B6D Ref B: FRAEDGE1516 Ref C: 2024-10-02T19:50:18Z x-li-fabric prod-ltx1 x-li-uuid AAYjg79bZTJoI78ymUVRLg== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Wed, 02 Oct 2024 19:50:18 GMT
GET H2	200	pixel;r=888713208;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;ref=;d... pixel.quantserve.com/	35 B 455 B	23ms 13ms	Image image/gif	2620:116:800d:21:de2e:c7b3:55c0:d5a0 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=888713208;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;ref=;d=threatpost.com;dst=1;et=1727898618294;tzo=-120;ogl=type.article%2Ctitle.Malformed%20URL%20Prefix%20Phishing%20Attacks%20Spike%206%252C000%25%2Cdescription.Sneaky%20attackers%20are%20flipping%20backslashes%20in%20phishing%20email%20URLs%20to%20evade%20protec%2Curl.https%3A%2F%2Fthreatpost%252Ecom%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F%2Cimage.https%3A%2F%2Fmedia%252Ethreatpost%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F103%2F2020%2F06%2F03094019%2Fphish;ses=e5203a3b-71dc-4c0f-bcb1-bcff6c61043b;uht=2;fpan=1;fpa=P0-1083502351-1727898618180;pbc=;cm=undefined;gdpr=0;mdl= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers strict-transport-security max-age=86400 cache-control private, no-cache, no-store, proxy-revalidate pragma no-cache expires Fri, 04 Aug 1978 12:00:00 GMT content-length 35 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" date Wed, 02 Oct 2024 19:50:18 GMT attribution-reporting-register-trigger {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]} content-type image/gif
GET H2	200	s01863744426111 kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.22.3/	43 B 223 B	22ms 21ms	Image image/gif	63.140.62.222 OMNITURE
General Check archive.org Show headers Download Go to Show image Full URL https://kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.22.3/s01863744426111?AQB=1&ndh=1&pf=1&t=2%2F9%2F2024%2021%3A50%3A18%203%20-120&mid=14168747091207074620747461485842019638&aamlh=6&ce=UTF-8&ns=kaspersky&cdp=2&pageName=websites%20%3E%20malformed-url-prefix-phishing-attacks-spike-6000%2F164132&g=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F&cc=USD&ch=websites&server=threatpost.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=default&l2=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F&c3=b2c&v9=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F&c20=%5BNULL%5D&c29=v1%3As_code_single_suite.js%3AtrackPageView%20%3E%20sng.t%3Ap&c30=v1%3A20240819%3A318%3ANextGen%3A%5BNULL%5D&c31=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F&v44=D%3Dv3&c47=Default&v47=D%3Dc47&c51=Websites&c57=%5BNULL%5D&v57=D%3Dc57&c58=Malformed%20URL%20Prefix%20Phishing%20Attacks%20Spike%206%2C000%25%20%7C%20Threatpost&v71=v1%3APage%20View%3A%5BNULL%5D&v113=14168747091207074620747461485842019638&v116=2108401593.1727898618&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&AQE=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.140.62.222 , United States, ASN15224 (OMNITURE, US), Reverse DNS ip-63-140-62-222.data.adobedc.net Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://threatpost.com/ Response headers cache-control no-cache, no-store, max-age=0, no-transform, private pragma no-cache etag 3710634028839829504-4618254824318657892 x-content-type-options nosniff expires Tue, 01 Oct 2024 19:50:18 GMT access-control-allow-origin * p3p CP="This is not a P3P policy" content-length 43 date Wed, 02 Oct 2024 19:50:18 GMT x-xss-protection 1; mode=block last-modified Thu, 03 Oct 2024 19:50:18 GMT vary * server jag content-type image/gif;charset=utf-8
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 194 B	169ms 168ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://threatpost.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept * Content-Type text/plain;charset=UTF-8 Response headers linkedin-action 1 x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: E05C9D8983D247DABAE6F4977C8F5F6C Ref B: FRAEDGE1516 Ref C: 2024-10-02T19:50:18Z x-li-fabric prod-ltx1 access-control-allow-credentials true x-li-uuid AAYjg79g4kRV4Phsq1ColA== x-li-proto http/2 access-control-allow-origin https://threatpost.com x-cache CONFIG_NOCACHE date Wed, 02 Oct 2024 19:50:18 GMT vary Origin
POST H2	204	collect region1.analytics.google.com/g/	0 0	38ms 13ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-CEMREXL3PF&gtm=45je4a10v9108261345z879348897za200zb79348897&_p=1727898617491&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=2108401593.1727898618&ul=de-de&sr=1600x1200&_ng=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&dp=%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F&sid=1727898618&sct=1&seg=0&dl=https%3A%2F%2Fthreatpost.com%2Fmalformed-url-prefix-phishing-attacks-spike-6000%2F164132%2F&dt=Malformed%20URL%20Prefix%20Phishing%20Attacks%20Spike%206%2C000%25%20%7C%20Threatpost&_s=2&tfd=10337 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CEMREXL3PF&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://threatpost.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://threatpost.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 02 Oct 2024 19:50:23 GMT content-type text/plain server Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.dwin1.com

URL

https://www.dwin1.com/undefined.js