urlscan.io logo urlscan.io
SecurityTrails logo

isnews.stir.ac.uk Open in urlscan Pro
139.153.14.1  Public Scan

Go To Rescan Add Verdict Report
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Submission: On April 04 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 11 domains to perform 60 HTTP transactions. The main IP is 139.153.14.1, located in Stirling, United Kingdom and belongs to JANET Jisc Services Limited, GB. The main domain is isnews.stir.ac.uk.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 22nd 2019. Valid for: 3 months.
This is the only time isnews.stir.ac.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 139.153.14.1 786 (JANET Jis...)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.210.248.44 16625 (AKAMAI-AS)
2 2600:9000:200... 16509 (AMAZON-02)
1 192.0.77.32 2635 (AUTOMATTIC)
2 192.0.76.3 2635 (AUTOMATTIC)
1 2a03:b0c0:3:d... 14061 (DIGITALOC...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:200... 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
7 2606:2800:234... 15133 (EDGECAST)
8 2606:2800:134... 15133 (EDGECAST)
1 3 104.244.42.136 13414 (TWITTER)
1 2a03:2880:f12... 32934 (FACEBOOK)
2 2606:2800:134... 15133 (EDGECAST)
60 16
24    139.153.14.1 (Stirling, United Kingdom)

ASN786 (JANET Jisc Services Limited, GB)
PTR: wordpress.stir.ac.uk
isnews.stir.ac.uk
wordpress.stir.ac.uk
1    2a00:1450:4001:814::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    23.210.248.44 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com
s7.addthis.com
2    2600:9000:200d:cc00:9:b474:ddc0:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d1bxh8uas1mnw7.cloudfront.net
1    192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com
s0.wp.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
stats.wp.com
pixel.wp.com
1    2a03:b0c0:3:d0::21:f001 (Netherlands)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
api.at.getsocial.io
4    2a00:1450:4001:809::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2600:9000:200d:b800:16:2a39:9fc0:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d1uo4w7k31k5mn.cloudfront.net
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
7    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
8    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
cdn.syndication.twimg.com
pbs.twimg.com
3    104.244.42.136 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
syndication.twitter.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
2    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
abs.twimg.com
Domain Requested by
23 isnews.stir.ac.uk isnews.stir.ac.uk
7 pbs.twimg.com isnews.stir.ac.uk
7 platform.twitter.com isnews.stir.ac.uk
platform.twitter.com
4 fonts.gstatic.com isnews.stir.ac.uk
3 syndication.twitter.com 1 redirects isnews.stir.ac.uk
2 abs.twimg.com isnews.stir.ac.uk
2 connect.facebook.net isnews.stir.ac.uk
connect.facebook.net
2 d1bxh8uas1mnw7.cloudfront.net isnews.stir.ac.uk
d1bxh8uas1mnw7.cloudfront.net
1 www.facebook.com connect.facebook.net
1 staticxx.facebook.com connect.facebook.net
1 cdn.syndication.twimg.com platform.twitter.com
1 pixel.wp.com isnews.stir.ac.uk
1 d1uo4w7k31k5mn.cloudfront.net isnews.stir.ac.uk
1 api.at.getsocial.io isnews.stir.ac.uk
1 stats.wp.com isnews.stir.ac.uk
1 s0.wp.com isnews.stir.ac.uk
1 wordpress.stir.ac.uk isnews.stir.ac.uk
1 s7.addthis.com isnews.stir.ac.uk
1 fonts.googleapis.com isnews.stir.ac.uk
60 19
Subject Issuer Validity Valid
wordpress.stir.ac.uk
Let's Encrypt Authority X3		 2019-03-22 -
2019-06-20		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2019-08-05		 4 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
*.wp.com
Go Daddy Secure Certificate Authority - G2		 2018-04-10 -
2020-05-11		 2 years crt.sh
api.at.getsocial.io
Gandi Standard SSL CA 2		 2018-11-19 -
2019-12-18		 a year crt.sh
*.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-03-08 -
2019-06-06		 3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-11-27		 a year crt.sh
syndication.twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-01-24 -
2020-01-24		 a year crt.sh

This page contains 6 frames:

Primary Page: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Frame ID: 59E45C653E76536FD4A0903706960EDD
Requests: 46 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fisnews.stir.ac.uk&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: E35C12E1592C595382BE64368996F466
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: E4B60F065120A40D3D5D1FB50275CD24
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df137010259aa67c%26domain%3Disnews.stir.ac.uk%26origin%3Dhttps%253A%252F%252Fisnews.stir.ac.uk%252Ff3e42b2f4e9ce88%26relation%3Dparent.parent&container_width=298&height=580&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstirlinglibrary%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&width=340
Frame ID: E0A07B139B82ACEF9A6908095B6F59A8
Requests: 1 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f448.png
Frame ID: 418805B4D2EB1EEF97A693081C0C1EA5
Requests: 15 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: ECD0E948F14BC394CE8D8971B8AAB082
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • html /<link[^>]+s\d+\.wp\.com/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • html /<link[^>]+s\d+\.wp\.com/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • headers server /Debian/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^Handlebars$/i
Overall confidence: 100%
Detected patterns
  • script /addthis\.com\/js\//i
  • env /^addthis/i
Overall confidence: 100%
Detected patterns
  • env /^BugSnag$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

60
Requests

100 %
HTTPS

67 %
IPv6

11
Domains

19
Subdomains

16
IPs

4
Countries

1786 kB
Transfer

2357 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/ 		74 KB
74 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
63719972b50a0e91db58c51fb59215ef3232ac3b50d8954e426b9d3a61fa4a89

Request headers

Host
isnews.stir.ac.uk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:30 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
Link
<https://isnews.stir.ac.uk/wp-json/>; rel="https://api.w.org/" <https://wp.me/pa1Akn-2ng>; rel=shortlink
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
style.min.css
isnews.stir.ac.uk/wp-includes/css/dist/block-library/ 		25 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-includes/css/dist/block-library/style.min.css?ver=c5d0cbd282a129ba18c34fb4977afa19
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:30 GMT
Last-Modified
Fri, 22 Feb 2019 08:01:58 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"629a-58277014b8980"
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
25242
twitter-feed.css
isnews.stir.ac.uk/wp-content/plugins/wp-to-twitter/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-content/plugins/wp-to-twitter/css/twitter-feed.css?ver=c5d0cbd282a129ba18c34fb4977afa19
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
196b0d1013a5fb1985890e13453ab76df8bdcee3d57893e84afa3f3e58eacf52

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:30 GMT
Last-Modified
Tue, 02 Apr 2019 10:32:33 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"6ce-58589a7a25240"
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1742
bootstrap.min.css
isnews.stir.ac.uk/wp-content/themes/sparkling/assets/css/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-content/themes/sparkling/assets/css/bootstrap.min.css?ver=c5d0cbd282a129ba18c34fb4977afa19
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:30 GMT
Last-Modified
Tue, 26 Jun 2018 13:32:09 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"1d970-56f8b865e0840"
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
121200
fontawesome-all.min.css
isnews.stir.ac.uk/wp-content/themes/sparkling/assets/css/ 		38 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-content/themes/sparkling/assets/css/fontawesome-all.min.css?ver=5.1.1.
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
f3bce9f7694e1e5ae61f21bdf51af4e502ced317f0471b6b3609b3000dd3d408

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:30 GMT
Last-Modified
Tue, 26 Jun 2018 13:32:09 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"9697-56f8b865e0840"
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
38551
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600%2C700%7CRoboto+Slab%3A400%2C300%2C700&ver=c5d0cbd282a129ba18c34fb4977afa19
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
2d3b7897125c3b4461f7478b56308d930b2adf8d7309f946df99fe1aabbb1fda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 04 Apr 2019 10:57:30 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 04 Apr 2019 10:57:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Thu, 04 Apr 2019 10:57:30 GMT
style.css
isnews.stir.ac.uk/wp-content/themes/sparkling/ 		50 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-content/themes/sparkling/style.css?ver=2.4.2
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
c3ded168f3f63bd28892b80f63da7ca8aa016d3a17e65af8d09d9da7830c1b15

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:30 GMT
Last-Modified
Tue, 26 Jun 2018 13:32:10 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"c625-56f8b866d4a80"
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
50725
addthis_wordpress_public.min.css
isnews.stir.ac.uk/wp-content/plugins/addthis-all/frontend/build/ 		587 B
936 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-content/plugins/addthis-all/frontend/build/addthis_wordpress_public.min.css?ver=c5d0cbd282a129ba18c34fb4977afa19
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:30 GMT
Last-Modified
Mon, 29 Oct 2018 15:47:04 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"24b-5795ffb07ce00"
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
587
jetpack.css
isnews.stir.ac.uk/wp-content/plugins/jetpack/css/ 		69 KB
69 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-content/plugins/jetpack/css/jetpack.css?ver=7.2
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
52c94582d4a01eb75a648cac10832143576dcb4cc2a49a82fe89f6ab779cc592

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:30 GMT
Last-Modified
Wed, 03 Apr 2019 08:01:50 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"1135e-5859baa787780"
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
70494
addthis_widget.js
s7.addthis.com/js/300/ 		344 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js?ver=c5d0cbd282a129ba18c34fb4977afa19
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.44 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ae3ea387b378c0292d88b248f89469115159836aa628d33862e409f2cc7ba67a

Request headers

Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 10:57:30 GMT
content-encoding
gzip
surrogate-key
client_dist
last-modified
Thu, 28 Feb 2019 14:32:49 GMT
etag
"5c77f111-561d6"
vary
Accept-Encoding
x-distribution
99
cache-tag
client_dist
status
200
cache-control
public, max-age=600
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-type
application/javascript
jquery.js
isnews.stir.ac.uk/wp-includes/js/jquery/ 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
fa055f2f7c5b735dbbb71954f434aed79925bc00ff2ffbc3ecfc4a790689a723

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:30 GMT
Last-Modified
Fri, 22 Feb 2019 08:01:59 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"17b9f-58277015acbc0"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
97183
jquery-migrate.min.js
isnews.stir.ac.uk/wp-includes/js/jquery/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:30 GMT
Last-Modified
Wed, 22 Jun 2016 07:51:31 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"2748-535d934a5a6c0"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
10056
bootstrap.min.js
isnews.stir.ac.uk/wp-content/themes/sparkling/assets/js/vendor/ 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-content/themes/sparkling/assets/js/vendor/bootstrap.min.js?ver=c5d0cbd282a129ba18c34fb4977afa19
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:30 GMT
Last-Modified
Tue, 26 Jun 2018 13:32:09 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"90b5-56f8b865e0840"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
37045
functions.js
isnews.stir.ac.uk/wp-content/themes/sparkling/assets/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-content/themes/sparkling/assets/js/functions.js?ver=20180503
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
9a65004f0cc689887abf230aa96cce169c785f2a0320881f58b2fadd91351fb6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:30 GMT
Last-Modified
Tue, 26 Jun 2018 13:32:09 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"9a9-56f8b865e0840"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2473
/
wordpress.stir.ac.uk/ 		0
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wordpress.stir.ac.uk/?dm=055f001bae9b6b637b9df782f52366f1&action=load&blogid=118&siteid=1&t=364872504&back=https%3A%2F%2Fisnews.stir.ac.uk%2F2019%2F03%2F29%2Fblue-button-phishing-attack-resurfaces%2F
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
wordpress.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:30 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
Access-Control-Allow-Methods
POST,GET,OPTIONS,PUT,DELETE
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://isnews.stir.ac.uk
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0
shutterstock_1159107313-2-750x410.jpg
isnews.stir.ac.uk/files/2018/09/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isnews.stir.ac.uk/files/2018/09/shutterstock_1159107313-2-750x410.jpg
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
4c9d285865bd295f0f624bf0192ad9d96035371bef686f0527d2cf17ee3a666f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:30 GMT
Last-Modified
Wed, 26 Sep 2018 12:41:55 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"503a23f4e393306e928f82fe23361877"
Content-Type
image/jpeg
Connection
Keep-Alive
Keep-Alive
timeout=5, max=95
Content-Length
51908
Expires
Sat, 04 Jun 2022 20:44:10 GMT
embed.js
d1bxh8uas1mnw7.cloudfront.net/assets/ 		570 B
895 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1bxh8uas1mnw7.cloudfront.net/assets/embed.js
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:cc00:9:b474:ddc0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62aa1bc2b43ec094ed7216e9bce09a287b66657e99d836ee8d48de6670103d85

Request headers

Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 28 Mar 2019 14:56:33 GMT
content-encoding
last-modified
Thu, 28 Mar 2019 14:56:26 GMT
server
AmazonS3
age
71117
etag
"a34eed93b4d90ba6f9f48d82c433b49b"
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
accept-ranges
bytes
content-length
570
via
1.1 7f0216233154388a0ffe191ece5a7b12.cloudfront.net (CloudFront)
x-amz-cf-id
aTUHQjB4QpAeXZXRoxIXKW3pKol1u4fvV-2PJ_bIG73bFRsuEoTzAg==
devicepx-jetpack.js
s0.wp.com/wp-content/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201914
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Thu, 04 Apr 2019 10:57:30 GMT
content-encoding
gzip
server
nginx
etag
W/"5841a56f-52b6"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Mon, 30 Mar 2020 00:28:42 GMT
skip-link-focus-fix.min.js
isnews.stir.ac.uk/wp-content/themes/sparkling/assets/js/ 		543 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-content/themes/sparkling/assets/js/skip-link-focus-fix.min.js?ver=20140222
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
2123b61f26a87c608f5e339df52bb4bf85dfa17718ee83b80e9b869e07c9a447

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:30 GMT
Last-Modified
Tue, 26 Jun 2018 13:32:09 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"21f-56f8b865e0840"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
543
comment-reply.min.js
isnews.stir.ac.uk/wp-includes/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-includes/js/comment-reply.min.js?ver=c5d0cbd282a129ba18c34fb4977afa19
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
31cb76c05cbf5d71466f93078e8ba0f6e39cd92d0acc86d385b8cf2899963695

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:30 GMT
Last-Modified
Wed, 13 Mar 2019 08:43:14 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"8ba-583f5cbdc6c80"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2234
facebook-embed.min.js
isnews.stir.ac.uk/wp-content/plugins/jetpack/_inc/build/ 		622 B
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-content/plugins/jetpack/_inc/build/facebook-embed.min.js
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
70e6c7d7718e715de38eb98c94c68be796dcbc6f4dc71d467362675529d24746

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:31 GMT
Last-Modified
Wed, 03 Apr 2019 08:01:51 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"26e-5859baa87b9c0"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
622
twitter-timeline.min.js
isnews.stir.ac.uk/wp-content/plugins/jetpack/_inc/build/ 		357 B
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-content/plugins/jetpack/_inc/build/twitter-timeline.min.js?ver=4.0.0
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
a09b5785c230e1f08f23ea6af8aa0d341736c3371d8bc6b30fc0aff9c213e46b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:31 GMT
Last-Modified
Wed, 03 Apr 2019 08:01:51 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"165-5859baa87b9c0"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
357
wp-embed.min.js
isnews.stir.ac.uk/wp-includes/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-includes/js/wp-embed.min.js?ver=c5d0cbd282a129ba18c34fb4977afa19
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:31 GMT
Last-Modified
Mon, 10 Dec 2018 09:56:04 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"57b-57ca7f9177500"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1403
form.js
isnews.stir.ac.uk/wp-content/plugins/akismet/_inc/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-content/plugins/akismet/_inc/form.js?ver=4.1.1
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:31 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
Connection
close
Content-Length
649
Content-Type
text/html; charset=iso-8859-1
e-201914.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-201914.js
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 10:57:31 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
expires
Sun, 29 Mar 2020 20:02:20 GMT
wp-emoji-release.min.js
isnews.stir.ac.uk/wp-includes/js/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-includes/js/wp-emoji-release.min.js?ver=c5d0cbd282a129ba18c34fb4977afa19
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:31 GMT
Last-Modified
Fri, 22 Feb 2019 08:02:00 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"2f02-58277016a0e00"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
12034
gs_async.js
api.at.getsocial.io/get/v1/656a7d/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://api.at.getsocial.io/get/v1/656a7d/gs_async.js
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::21:f001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx + Phusion Passenger 5.3.2 / Phusion Passenger 5.3.2
Resource Hash
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
Phusion Passenger 5.3.2
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Status
403 Forbidden
Connection
close
Access-Control-Request-Method
*
X-Request-Id
accac4ca-0669-4b88-a35e-fd87958018fc
X-Runtime
0.004497
Server
nginx + Phusion Passenger 5.3.2
X-Frame-Options
ALLOWALL
Access-Control-Allow-Methods
GET, POST
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https:isnews.wordpress.stir.ac.uk
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v16/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:809::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600%2C700%7CRoboto+Slab%3A400%2C300%2C700&ver=c5d0cbd282a129ba18c34fb4977afa19
Origin
https://isnews.stir.ac.uk

Response headers

date
Mon, 25 Mar 2019 20:19:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:10:29 GMT
server
sffe
age
830280
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:31 GMT
BngRUXZYTXPIvIBgJJSb6u92w7CGwR2oefDo.woff2
fonts.gstatic.com/s/robotoslab/v8/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v8/BngRUXZYTXPIvIBgJJSb6u92w7CGwR2oefDo.woff2
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:809::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4901c9453014d8e210b2f62189f68c2d7964543517e1fc8447924de7d542058a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600%2C700%7CRoboto+Slab%3A400%2C300%2C700&ver=c5d0cbd282a129ba18c34fb4977afa19
Origin
https://isnews.stir.ac.uk

Response headers

date
Fri, 08 Mar 2019 22:42:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:29:14 GMT
server
sffe
age
2290484
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11388
x-xss-protection
1; mode=block
expires
Sat, 07 Mar 2020 22:42:47 GMT
fa-solid-900.woff2
isnews.stir.ac.uk/wp-content/themes/sparkling/assets/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-content/themes/sparkling/assets/fonts/fa-solid-900.woff2
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
79279c8900d692d54bd3468993728088da3a33f5eabe667637554d3811000837

Request headers

Pragma
no-cache
Origin
https://isnews.stir.ac.uk
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://isnews.stir.ac.uk/wp-content/themes/sparkling/assets/css/fontawesome-all.min.css?ver=5.1.1.
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://isnews.stir.ac.uk/wp-content/themes/sparkling/assets/css/fontawesome-all.min.css?ver=5.1.1.
Origin
https://isnews.stir.ac.uk

Response headers

Date
Thu, 04 Apr 2019 10:57:31 GMT
Last-Modified
Tue, 26 Jun 2018 13:32:09 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"b048-56f8b865e0840"
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
45128
altmetric_badges-035a0e30d097f856470cada09afb27cc.js
d1bxh8uas1mnw7.cloudfront.net/assets/ 		90 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1bxh8uas1mnw7.cloudfront.net/assets/altmetric_badges-035a0e30d097f856470cada09afb27cc.js
Requested by
Host: d1bxh8uas1mnw7.cloudfront.net
URL: https://d1bxh8uas1mnw7.cloudfront.net/assets/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:cc00:9:b474:ddc0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d72aec33f5675c10a75ef40d2d8b43cd8f86bb7b3cf5c1103eda9c36110fb6c

Request headers

Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 28 Mar 2019 14:56:33 GMT
content-encoding
last-modified
Thu, 28 Mar 2019 14:56:25 GMT
server
AmazonS3
age
590459
etag
"0c384f99632b73f40a2eb78d337b9d9a"
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
92401
via
1.1 7f0216233154388a0ffe191ece5a7b12.cloudfront.net (CloudFront)
x-amz-cf-id
4rqlwdaVXqBwylYluMmi9w-OFFVfC9o5O9LdSFlUe-pA-LN-UZr2FQ==
expires
Fri, 27 Mar 2020 20:56:24 GMT
0.png
d1uo4w7k31k5mn.cloudfront.net/donut/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1uo4w7k31k5mn.cloudfront.net/donut/0.png
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:b800:16:2a39:9fc0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f29c3a85f3347506a62ee2dc7a80e1dac67d97eb4d58de3cf4d4a0a4b4c96b10

Request headers

Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 03 Apr 2019 18:35:12 GMT
via
1.1 e4438a14707a01f6102dc21875d75080.cloudfront.net (CloudFront)
last-modified
Wed, 02 May 2012 02:52:35 GMT
server
AmazonS3
age
59226
etag
"c713f76edf575fe4e34e2b46e83c4def"
x-cache
Hit from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
13699
x-amz-cf-id
J-5A3svPktErnyWbIzAJsJnqtYcmBQjtVV2msNijirRGfzaJrv-02g==
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:809::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600%2C700%7CRoboto+Slab%3A400%2C300%2C700&ver=c5d0cbd282a129ba18c34fb4977afa19
Origin
https://isnews.stir.ac.uk

Response headers

date
Mon, 25 Mar 2019 20:19:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:28 GMT
server
sffe
age
830261
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9080
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:50 GMT
glyphicons-halflings-regular.woff2
isnews.stir.ac.uk/wp-content/themes/sparkling/assets/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-content/themes/sparkling/assets/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Pragma
no-cache
Origin
https://isnews.stir.ac.uk
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://isnews.stir.ac.uk/wp-content/themes/sparkling/assets/css/bootstrap.min.css?ver=c5d0cbd282a129ba18c34fb4977afa19
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://isnews.stir.ac.uk/wp-content/themes/sparkling/assets/css/bootstrap.min.css?ver=c5d0cbd282a129ba18c34fb4977afa19
Origin
https://isnews.stir.ac.uk

Response headers

Date
Thu, 04 Apr 2019 10:57:31 GMT
Last-Modified
Tue, 26 Jun 2018 13:32:09 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
ETag
"466c-56f8b865e0840"
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
18028
BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v8/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v8/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:809::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c68d891f07355e5d0807b4a4f18ac8f16f6e9088277be3134c7efa570022ab2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600%2C700%7CRoboto+Slab%3A400%2C300%2C700&ver=c5d0cbd282a129ba18c34fb4977afa19
Origin
https://isnews.stir.ac.uk

Response headers

date
Sat, 09 Mar 2019 03:56:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:28:22 GMT
server
sffe
age
2271674
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11272
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 03:56:17 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?_=1554375451037
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b11faabf1682228571e2dffbaf7d24574771360d304adf0fff7f55d4c22f1eca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
GKRA/mumhvdmLz0BPWLzQA==
status
200
date
Thu, 04 Apr 2019 10:57:31 GMT
vary
Accept-Encoding
content-length
1779
x-fb-debug
A1JWB1UP4AUyKXO7BvX9/0UtHdiBQXQDjkNcG8X8PU4bnMu7/We71b57pp7C+2UBRrGRUV8N/kx1E3cHRrSQPQ==
x-fb-content-md5
9c5437237979d502e9db5c071ced296f
etag
"69cd896c3b56dd9ac43183db5b84f1bb"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 04 Apr 2019 11:17:31 GMT
widgets.js
platform.twitter.com/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/wp-content/plugins/jetpack/_inc/build/twitter-timeline.min.js?ver=4.0.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E2) /
Resource Hash
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19

Request headers

Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 17:40:21 GMT
Server
ECS (fcn/40E2)
Etag
"4cf9f34505e9344b9a7e4d00e67b6c88+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28028
form.js
isnews.stir.ac.uk/wp-content/plugins/akismet/_inc/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://isnews.stir.ac.uk/wp-content/plugins/akismet/_inc/form.js?ver=4.1.1
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.153.14.1 Stirling, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
wordpress.stir.ac.uk
Software
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
isnews.stir.ac.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:31 GMT
Server
Apache/2.4.25 (Debian) mod_auth_kerb/5.4 OpenSSL/1.0.2r
Connection
close
Content-Length
649
Content-Type
text/html; charset=iso-8859-1
g.gif
pixel.wp.com/ 		50 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A7.2&blog=148141335&post=9130&tz=0&srv=isnews.stir.ac.uk&host=isnews.stir.ac.uk&ref=&fcp=706&rand=0.13343622134502842
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Thu, 04 Apr 2019 10:57:31 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
sdk.js
connect.facebook.net/en_US/ 		193 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=27001f364a2350f8eb3d95ad7e9bfad1&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?_=1554375451037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
66955ed614ff3871cf6fb2a1af86ed85a10908407ef563e0f4520adfbcf4e837
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Origin
https://isnews.stir.ac.uk

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
1hdODiCQd2d1R7T6rQqWMg==
status
200
date
Thu, 04 Apr 2019 10:57:31 GMT
vary
Accept-Encoding
content-length
58820
x-fb-debug
QnsuRquX6hgEvR9gKudGMtYUb1YKnbknfFIvQexsyDxv7jMQeOrkFwnBladSDbs+865OnzsSaU/AhokXod1Sbw==
x-fb-content-md5
772f60444d29d6b8f42d4a6ca5634e67
etag
"e4f7810237966c3f80356ed31e6550c8"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Fri, 03 Apr 2020 10:23:46 GMT
widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html
platform.twitter.com/widgets/ Frame E35C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fisnews.stir.ac.uk&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AB) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 04 Apr 2019 10:57:31 GMT
Etag
"347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified
Thu, 07 Mar 2019 17:39:26 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/41AB)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5783
moment~timeline~tweet.6e5b62723488aee38af0c77681396a5b.js
platform.twitter.com/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/moment~timeline~tweet.6e5b62723488aee38af0c77681396a5b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4186) /
Resource Hash
e26fdccb214e020f70cf2aede7b77d5dc51854e23b3acbb4bcff0018773a636f

Request headers

Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 17:39:15 GMT
Server
ECS (fcn/4186)
Etag
"da3e8002f83d92efe615008a56f12f48+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
7925
timeline.4c6ab682148a0366f9efb1647a3f4799.js
platform.twitter.com/js/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/timeline.4c6ab682148a0366f9efb1647a3f4799.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/418C) /
Resource Hash
68a21402dc8bbd85d41b7bf206a9819d583d6b81f39bb67f744d3c39d8d68d36

Request headers

Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 17:39:16 GMT
Server
ECS (fcn/418C)
Etag
"0b75ea6c252ef45cd6d3a2e31473d9d5+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
11574
profile
cdn.syndication.twimg.com/timeline/ 		35 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_isstirling_old&dnt=false&domain=isnews.stir.ac.uk&lang=en&screen_name=isstirling&suppress_response_codes=true&t=1727083&tweet_limit=5&tz=GMT%2B0000&with_replies=false
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
tsa_o /
Resource Hash
9d642ea3b2323849c1fe2b5f2d1cba6875508ef4b2fba1335462bfe86aee23dc
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 10:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-disposition
attachment; filename=jsonp.jsonp
strict-transport-security
max-age=631138519
content-length
4394
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
147
last-modified
Thu, 04 Apr 2019 10:57:31 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
must-revalidate, max-age=300
x-connection-hash
feed8ef215a86090824ce98a355759ef
timing-allow-origin
*
x-transaction
00ce29e40055b6e5
expires
Thu, 04 Apr 2019 11:02:31 GMT
syndication
syndication.twitter.com/i/jot/ 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1554375451297%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 10:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
109
pragma
no-cache
last-modified
Thu, 04 Apr 2019 10:57:31 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
3cb4d5d6fc6d28b86e1e6b336666a1bb
x-transaction
00523e62008f70d6
expires
Tue, 31 Mar 1981 05:00:00 GMT
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame E4B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=27001f364a2350f8eb3d95ad7e9bfad1&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Wed, 01 Apr 2020 17:46:59 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
3Xw2RhBPAzjweFxoRGHyS4suCG7NjuB83w1AnwjvyUE930Yxn7buDuuHOiGQrKsVy5Z+0DsQOtnUSv9WU7JpVw==
content-length
10984
date
Thu, 04 Apr 2019 10:57:31 GMT
page.php
www.facebook.com/v2.3/plugins/ Frame E0A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df137010259aa67c%26domain%3Disnews.stir.ac.uk%26origin%3Dhttps%253A%252F%252Fisnews.stir.ac.uk%252Ff3e42b2f4e9ce88%26relation%3Dparent.parent&container_width=298&height=580&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstirlinglibrary%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&width=340
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=27001f364a2350f8eb3d95ad7e9bfad1&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df137010259aa67c%26domain%3Disnews.stir.ac.uk%26origin%3Dhttps%253A%252F%252Fisnews.stir.ac.uk%252Ff3e42b2f4e9ce88%26relation%3Dparent.parent&container_width=298&height=580&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstirlinglibrary%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&width=340
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
vary
Accept-Encoding
x-content-type-options
nosniff
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
facebook-api-version
v2.8
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
hQOrCooCq8OskltcJOSohcHp1qf1qnqGJcTKEdQIHrApRliSfDE4RfZ4z3PIt4WOrmlM/AaGzseeDHmSnBBPvA==
date
Thu, 04 Apr 2019 10:57:31 GMT
1f448.png
abs.twimg.com/emoji/v2/72x72/ Frame 4188 		422 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f448.png
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4199) /
Resource Hash
4dc8736a1f88ba8b83372678be7d33ec790a58f91125c1794c65219d533e891a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 10:57:31 GMT
x-content-type-options
nosniff
x-ton-expected-size
422
x-cache
HIT
status
200
content-length
422
x-response-time
119
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:28:34 GMT
server
ECS (fcn/4199)
etag
"D3w7G3cLTZqaQU3X/K27SA=="
content-type
image/png
access-control-allow-origin
*
x-connection-hash
8df743a90143285c310cf20e4b4effcc
accept-ranges
bytes
expires
Fri, 03 Apr 2020 10:57:31 GMT
1f449-1f3fd.png
abs.twimg.com/emoji/v2/72x72/ Frame 4188 		423 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f449-1f3fd.png
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40B4) /
Resource Hash
b765af1b37a098a4c456422f03a329d8bb674c0b0a965a5188904bcd783358af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 10:57:31 GMT
x-content-type-options
nosniff
x-ton-expected-size
423
x-cache
HIT
status
200
content-length
423
x-response-time
113
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:28:35 GMT
server
ECS (fcn/40B4)
etag
"dYWfsFLq3HsmRLWNQ2LlDg=="
content-type
image/png
access-control-allow-origin
*
x-connection-hash
33047b0dde74274036bfce0bba6d162c
accept-ranges
bytes
expires
Fri, 03 Apr 2020 10:57:31 GMT
timeline.0940efb0bc0eb82a2de893b3e7b414bf.dark.ltr.css
platform.twitter.com/css/ Frame 4188 		55 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/css/timeline.0940efb0bc0eb82a2de893b3e7b414bf.dark.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A4) /
Resource Hash
878001af03bacbecc479a0d0f54a7a76e2af82097fde9565378a3a1fed14e67a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 17:39:10 GMT
Server
ECS (fcn/41A4)
Etag
"31bab1615e488674683ae9637526e56d+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Content-Length
12557
timeline.0940efb0bc0eb82a2de893b3e7b414bf.dark.ltr.css
platform.twitter.com/css/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.twitter.com/css/timeline.0940efb0bc0eb82a2de893b3e7b414bf.dark.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A4) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 10:57:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 17:39:10 GMT
Server
ECS (fcn/41A4)
Etag
"31bab1615e488674683ae9637526e56d+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Content-Length
12557
c1xETcfr_normal.jpg
pbs.twimg.com/profile_images/997073478359617536/ Frame 4188 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/997073478359617536/c1xETcfr_normal.jpg
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/418C) /
Resource Hash
ca17c9da7e4a713ac7b7d770bdf6035c32632bec917891f52e15ed18d4ac2c17
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time
136
date
Thu, 04 Apr 2019 10:57:31 GMT
x-content-type-options
nosniff
surrogate-key
profile_images profile_images/bucket/3 profile_images/997073478359617536
last-modified
Thu, 17 May 2018 11:14:56 GMT
server
ECS (fcn/418C)
access-control-allow-origin
*
x-cache
HIT
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
be6980f320f901ad58c87d385453471b
accept-ranges
bytes
content-length
1807
5GcUQHrl_normal.jpg
pbs.twimg.com/profile_images/1064481583695097856/ Frame 4188 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1064481583695097856/5GcUQHrl_normal.jpg
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4196) /
Resource Hash
8ed522ce0ef30cf920166a068b5fcaee565d2231dcdb57c747f5b2c900567f82
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time
141
date
Thu, 04 Apr 2019 10:57:31 GMT
x-content-type-options
nosniff
surrogate-key
profile_images profile_images/bucket/3 profile_images/1064481583695097856
last-modified
Mon, 19 Nov 2018 11:30:41 GMT
server
ECS (fcn/4196)
access-control-allow-origin
*
x-cache
HIT
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
8d42d001d0d7b2f6a098fc0b6b5776f3
accept-ranges
bytes
content-length
2111
D3TCyH4XsAE5wJ7
pbs.twimg.com/media/ Frame 4188 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/D3TCyH4XsAE5wJ7?format=jpg&name=360x360
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E2) /
Resource Hash
1c8efaf90c9f07adef4b6bf8d2defcf27fc9dbccc158fef736cc3c467958d74e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time
161
date
Thu, 04 Apr 2019 10:57:31 GMT
x-content-type-options
nosniff
surrogate-key
media media/bucket/6 media/1113729174232084481
last-modified
Thu, 04 Apr 2019 09:03:01 GMT
server
ECS (fcn/40E2)
access-control-allow-origin
*
x-cache
MISS
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
bb5d12c4374a511b5f7700b303d950bc
accept-ranges
bytes
content-length
24304
D3PO5DeW4AA0EP-
pbs.twimg.com/media/ Frame 4188 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/D3PO5DeW4AA0EP-?format=jpg&name=360x360
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40DE) /
Resource Hash
ebf0cbcf9b05293a57668e3aa8961c0c075d7e551b724e1fec15a077f0fb6c91
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time
347
date
Thu, 04 Apr 2019 10:57:31 GMT
x-content-type-options
nosniff
surrogate-key
media media/bucket/1 media/1113461012471144448
last-modified
Wed, 03 Apr 2019 15:17:27 GMT
server
ECS (fcn/40DE)
access-control-allow-origin
*
x-cache
MISS
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
32e7b196258807c37d244174357d1bd4
accept-ranges
bytes
content-length
23058
D3J7XXDX0AUa2Fs
pbs.twimg.com/media/ Frame 4188 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/D3J7XXDX0AUa2Fs?format=jpg&name=360x360
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40B3) /
Resource Hash
06baa7ecdc068da4f4b18549f3706cb261eb62a2d75c11744b870c1a2ef79d58
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time
223
date
Thu, 04 Apr 2019 10:57:31 GMT
x-content-type-options
nosniff
surrogate-key
media media/bucket/5 media/1113087699169300485
last-modified
Tue, 02 Apr 2019 14:34:02 GMT
server
ECS (fcn/40B3)
access-control-allow-origin
*
x-cache
MISS
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
430877eac9e1f38317f7391083e113c8
accept-ranges
bytes
content-length
9944
D3O3csDWwAAfFUs
pbs.twimg.com/media/ Frame 4188 		562 KB
562 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/D3O3csDWwAAfFUs?format=jpg&name=360x360
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40DA) /
Resource Hash
94d131bee5634c77acc65d87061410e2cc716abcb8b79d5dbc26bbcd460e2597
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time
471
date
Thu, 04 Apr 2019 10:57:31 GMT
x-content-type-options
nosniff
surrogate-key
media media/bucket/8 media/1113435236380098560
last-modified
Wed, 03 Apr 2019 13:35:01 GMT
server
ECS (fcn/40DA)
access-control-allow-origin
*
x-cache
MISS
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
c6b9a941078c41a0427447ed5e38f1be
accept-ranges
bytes
content-length
575246
D3OzcTWWsAALL-_
pbs.twimg.com/media/ Frame 4188 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/D3OzcTWWsAALL-_?format=jpg&name=small
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40DE) /
Resource Hash
0b7dff8f0efd8b81eae4d9b3641c5b70f0d32fc931678cc20c1c1abe8ccc2a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time
130
date
Thu, 04 Apr 2019 10:57:31 GMT
x-content-type-options
nosniff
surrogate-key
media media/bucket/3 media/1113430831702388736
last-modified
Wed, 03 Apr 2019 13:17:31 GMT
server
ECS (fcn/40DE)
access-control-allow-origin
*
x-cache
HIT
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
1620a88bae473800e2eb3d61eb9e6c29
accept-ranges
bytes
content-length
63598
truncated
/ Frame 4188 		707 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 4188 		825 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7617ed30b8adef52b9e11ad72dd08abec0947acf8a609e599093efa9f83b28af

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 4188 		572 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d67cbe62c3c2c50fa3af647e3f7910c28a9927aeca37463ae28ffff9a240376d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 4188 		644 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46448909ce97ba850c6c0753a47bba758da621333b0fa3a11931a396a8bac43e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 4188 		739 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
jot
syndication.twitter.com/i/ 		43 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fisnews.stir.ac.uk%2F2019%2F03%2F29%2Fblue-button-phishing-attack-resurfaces%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_partner%22%3A%22jetpack%22%2C%22widget_data_source%22%3A%22profile%3Aisstirling%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1554375451828%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22c1f189f%3A1551939852453%22%2C%22format_version%22%3A%22c1f189f%3A1551939852453%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22element%22%3A%22notice%22%2C%22section%22%3A%22header%22%2C%22action%22%3A%22seen%22%7D%7D&notice_seen=true
Requested by
Host: isnews.stir.ac.uk
URL: https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://isnews.stir.ac.uk/2019/03/29/blue-button-phishing-attack-resurfaces/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 10:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
116
pragma
no-cache
last-modified
Thu, 04 Apr 2019 10:57:31 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
3cb4d5d6fc6d28b86e1e6b336666a1bb
x-transaction
008037ba00b7a465
expires
Tue, 31 Mar 1981 05:00:00 GMT
jot.html
platform.twitter.com/ Frame ECD0
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40D0) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
null
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 04 Apr 2019 10:57:31 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Thu, 07 Mar 2019 17:40:21 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40D0)
X-Cache
HIT
Content-Length
80

Redirect headers

status
302 302 Found
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length
0
content-type
text/html;charset=utf-8
date
Thu, 04 Apr 2019 10:57:31 GMT
expires
Tue, 31 Mar 1981 05:00:00 GMT
last-modified
Thu, 04 Apr 2019 10:57:31 GMT
location
https://platform.twitter.com/jot.html
pragma
no-cache
server
tsa_f
strict-transport-security
max-age=631138519
x-connection-hash
3cb4d5d6fc6d28b86e1e6b336666a1bb
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-response-time
119
x-transaction
00a9abd5003132ae
x-tsa-request-body-time
2
x-twitter-response-tags
BouncerCompliant
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _wpemojiSettings function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto undefined| $ function| jQuery object| jQuery112407929036642346927 function| SparklingIsMobile function| generateMobileMenu string| GETSOCIAL_VERSION function| loadGsLib string| addthis_product string| wp_product_version string| wp_blog_version object| addthis_share object| addthis_config object| addthis_layers object| addthis_layers_tools object| addthis_plugin_info object| wpcom_img_zoomer object| detectZoom object| twemoji object| wp object| _altmetric undefined| Handlebars object| AltmetricTemplates undefined| Bugsnag function| _altmetric_embed_init object| addComment object| jpfbembed function| fbAsyncInit object| _stq function| st_go function| linktracker_init object| wpcom object| FB object| __twttrll object| twttr object| __twttr

2 Cookies

Domain/Path Name / Value
isnews.stir.ac.uk/ Name: __atuvs
Value: 5ca5e31bcfb0f23b000
isnews.stir.ac.uk/ Name: __atuvc
Value: 1%7C14

1 Console Messages

Source Level URL
Text
console-api log URL: https://isnews.stir.ac.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
api.at.getsocial.io
cdn.syndication.twimg.com
connect.facebook.net
d1bxh8uas1mnw7.cloudfront.net
d1uo4w7k31k5mn.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
isnews.stir.ac.uk
pbs.twimg.com
pixel.wp.com
platform.twitter.com
s0.wp.com
s7.addthis.com
staticxx.facebook.com
stats.wp.com
syndication.twitter.com
wordpress.stir.ac.uk
www.facebook.com
104.244.42.136
139.153.14.1
192.0.76.3
192.0.77.32
23.210.248.44
2600:9000:200d:b800:16:2a39:9fc0:21
2600:9000:200d:cc00:9:b474:ddc0:21
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:809::2003
2a00:1450:4001:814::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:b0c0:3:d0::21:f001
06baa7ecdc068da4f4b18549f3706cb261eb62a2d75c11744b870c1a2ef79d58
0b7dff8f0efd8b81eae4d9b3641c5b70f0d32fc931678cc20c1c1abe8ccc2a38
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
196b0d1013a5fb1985890e13453ab76df8bdcee3d57893e84afa3f3e58eacf52
1c8efaf90c9f07adef4b6bf8d2defcf27fc9dbccc158fef736cc3c467958d74e
2123b61f26a87c608f5e339df52bb4bf85dfa17718ee83b80e9b869e07c9a447
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2d3b7897125c3b4461f7478b56308d930b2adf8d7309f946df99fe1aabbb1fda
31cb76c05cbf5d71466f93078e8ba0f6e39cd92d0acc86d385b8cf2899963695
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19
46448909ce97ba850c6c0753a47bba758da621333b0fa3a11931a396a8bac43e
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4901c9453014d8e210b2f62189f68c2d7964543517e1fc8447924de7d542058a
4c9d285865bd295f0f624bf0192ad9d96035371bef686f0527d2cf17ee3a666f
4dc8736a1f88ba8b83372678be7d33ec790a58f91125c1794c65219d533e891a
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
52c94582d4a01eb75a648cac10832143576dcb4cc2a49a82fe89f6ab779cc592
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
62aa1bc2b43ec094ed7216e9bce09a287b66657e99d836ee8d48de6670103d85
63719972b50a0e91db58c51fb59215ef3232ac3b50d8954e426b9d3a61fa4a89
66955ed614ff3871cf6fb2a1af86ed85a10908407ef563e0f4520adfbcf4e837
68a21402dc8bbd85d41b7bf206a9819d583d6b81f39bb67f744d3c39d8d68d36
70e6c7d7718e715de38eb98c94c68be796dcbc6f4dc71d467362675529d24746
7617ed30b8adef52b9e11ad72dd08abec0947acf8a609e599093efa9f83b28af
79279c8900d692d54bd3468993728088da3a33f5eabe667637554d3811000837
878001af03bacbecc479a0d0f54a7a76e2af82097fde9565378a3a1fed14e67a
8d72aec33f5675c10a75ef40d2d8b43cd8f86bb7b3cf5c1103eda9c36110fb6c
8ed522ce0ef30cf920166a068b5fcaee565d2231dcdb57c747f5b2c900567f82
94d131bee5634c77acc65d87061410e2cc716abcb8b79d5dbc26bbcd460e2597
9a65004f0cc689887abf230aa96cce169c785f2a0320881f58b2fadd91351fb6
9d642ea3b2323849c1fe2b5f2d1cba6875508ef4b2fba1335462bfe86aee23dc
a09b5785c230e1f08f23ea6af8aa0d341736c3371d8bc6b30fc0aff9c213e46b
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae3ea387b378c0292d88b248f89469115159836aa628d33862e409f2cc7ba67a
b11faabf1682228571e2dffbaf7d24574771360d304adf0fff7f55d4c22f1eca
b765af1b37a098a4c456422f03a329d8bb674c0b0a965a5188904bcd783358af
c3ded168f3f63bd28892b80f63da7ca8aa016d3a17e65af8d09d9da7830c1b15
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c
c68d891f07355e5d0807b4a4f18ac8f16f6e9088277be3134c7efa570022ab2d
ca17c9da7e4a713ac7b7d770bdf6035c32632bec917891f52e15ed18d4ac2c17
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
d67cbe62c3c2c50fa3af647e3f7910c28a9927aeca37463ae28ffff9a240376d
e26fdccb214e020f70cf2aede7b77d5dc51854e23b3acbb4bcff0018773a636f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf0cbcf9b05293a57668e3aa8961c0c075d7e551b724e1fec15a077f0fb6c91
f29c3a85f3347506a62ee2dc7a80e1dac67d97eb4d58de3cf4d4a0a4b4c96b10
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3bce9f7694e1e5ae61f21bdf51af4e502ced317f0471b6b3609b3000dd3d408
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fa055f2f7c5b735dbbb71954f434aed79925bc00ff2ffbc3ecfc4a790689a723
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c