urlscan.io logo urlscan.io
SecurityTrails logo

bgr.com Open in urlscan Pro
192.0.66.208  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apple.news/AeDxSu97OSg2ZlEhJ9-V3YA
Effective URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Submission: On May 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 52 IPs in 4 countries across 39 domains to perform 163 HTTP transactions. The main IP is 192.0.66.208, located in United States and belongs to AUTOMATTIC, US. The main domain is bgr.com.
TLS certificate: Issued by R3 on April 8th 2021. Valid for: 3 months.
This is the only time bgr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
8 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
37 192.0.66.208 2635 (AUTOMATTIC)
3 18.185.191.84 16509 (AMAZON-02)
1 104.19.150.54 13335 (CLOUDFLAR...)
1 2600:9000:218... 16509 (AMAZON-02)
2 151.101.113.131 54113 (FASTLY)
1 151.101.130.217 54113 (FASTLY)
11 2606:4700::68... 13335 (CLOUDFLAR...)
3 13.226.159.35 16509 (AMAZON-02)
1 3 99.86.2.29 16509 (AMAZON-02)
15 2606:2800:234... 15133 (EDGECAST)
1 13.225.82.136 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
1 151.139.128.11 20446 (HIGHWINDS3)
1 2600:9000:20e... 16509 (AMAZON-02)
8 72.247.225.215 16625 (AKAMAI-AS)
2 192.0.76.3 2635 (AUTOMATTIC)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 13.225.74.116 16509 (AMAZON-02)
1 72.247.225.98 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.113.2 54113 (FASTLY)
2 2a03:2880:f03... 32934 (FACEBOOK)
2 2600:9000:218... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.224.194.150 14618 (AMAZON-AES)
2 2a03:2880:f13... 32934 (FACEBOOK)
1 2 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
3 167.99.251.246 14061 (DIGITALOC...)
12 104.107.161.205 16625 (AKAMAI-AS)
2 52.94.243.89 16509 (AMAZON-02)
1 18.195.172.136 16509 (AMAZON-02)
1 64.202.112.127 23352 (SERVERCEN...)
3 151.101.114.132 54113 (FASTLY)
2 3 76.223.111.131 16509 (AMAZON-02)
1 54.227.207.23 14618 (AMAZON-AES)
1 34.120.133.55 15169 (GOOGLE)
1 2600:9000:218... 16509 (AMAZON-02)
3 4 3.11.29.5 16509 (AMAZON-02)
1 2 2.18.233.201 16625 (AKAMAI-AS)
3 104.244.42.136 13414 (TWITTER)
5 70.42.32.31 22075 (AS-OUTBRAIN)
1 2606:2800:134... 15133 (EDGECAST)
2 2606:2800:134... 15133 (EDGECAST)
1 151.101.114.110 54113 (FASTLY)
1 162.247.243.146 13335 (CLOUDFLAR...)
163 52
3    2a02:26f0:10c:486::3277 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
apple.news
8    2a02:26f0:6c00:2a2::1aca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.apple.com
37    192.0.66.208 (United States)

ASN2635 (AUTOMATTIC, US)
bgr.com
3    18.185.191.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
widget.manychat.com
manychat.com
1    104.19.150.54 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2600:9000:2182:c800:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
video-cdn.bgr.com
2    151.101.113.131 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
ads.blogherads.com
1    151.101.130.217 (United States)

ASN54113 (FASTLY, US)
iabusprivacy.pmc.com
11    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    13.226.159.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-35.dus51.r.cloudfront.net
tagan.adlightning.com
3    99.86.2.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-29.fra6.r.cloudfront.net
sb.scorecardresearch.com
15    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    13.225.82.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-82-136.fra2.r.cloudfront.net
z-na.associates-amazon.com
1    2600:9000:211e:f400:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-magiclinks.trackonomics.net
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
s.skimresources.com
1    2600:9000:20eb:1c00:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.agkn.com
8    72.247.225.215 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-215.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2606:4700:20::ac43:486c (United States)

ASN13335 (CLOUDFLARENET, US)
mccdn.me
1    13.225.74.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-116.fra2.r.cloudfront.net
cdn.adsafeprotected.com
1    72.247.225.98 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com
js-sec.indexww.com
1    2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.113.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
a.quora.com
2    2a03:2880:f030:13:face:b00c:0:3 (France)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2600:9000:2182:ac00:1d:d7f6:39cf:a761 (United States)

ASN16509 (AMAZON-02, US)
m.media-amazon.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    3.224.194.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
q.quora.com
2    2a03:2880:f130:83:face:b00c:0:25de (France)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
3    167.99.251.246 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
front.optimonk.com
12    104.107.161.205 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-161-205.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
2    52.94.243.89 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
assoc-na.associates-amazon.com
1    18.195.172.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
d.agkn.com
1    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
log.outbrainimg.com
3    151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
3    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    54.227.207.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-207-23.compute-1.amazonaws.com
idx.liadm.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    2600:9000:2182:ca00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
4    3.11.29.5 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-29-5.eu-west-2.compute.amazonaws.com
aa.agkn.com
2    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
3    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
5    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
1    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
2    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
pbs.twimg.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
Apex Domain
Subdomains		 Transfer
38 bgr.com
bgr.com
video-cdn.bgr.com
1 MB
18 twitter.com
platform.twitter.com
syndication.twitter.com
372 KB
16 outbrain.com
widgets.outbrain.com
widget-pixels.outbrain.com
odb.outbrain.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
129 KB
13 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
images.outbrainimg.com
314 KB
11 cookielaw.org
cdn.cookielaw.org
176 KB
8 apple.com
www.apple.com
791 KB
7 skimresources.com
s.skimresources.com
r.skimresources.com
t.skimresources.com
p.skimresources.com
16 KB
6 agkn.com
js.agkn.com
d.agkn.com
aa.agkn.com
6 KB
3 twimg.com
cdn.syndication.twimg.com
pbs.twimg.com
146 KB
3 adsrvr.org
match.adsrvr.org
1 KB
3 optimonk.com
front.optimonk.com
11 KB
3 associates-amazon.com
z-na.associates-amazon.com
assoc-na.associates-amazon.com
4 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 adlightning.com
tagan.adlightning.com
60 KB
3 manychat.com
widget.manychat.com
manychat.com
1 KB
3 apple.news
apple.news
17 KB
2 mathtag.com
pixel.mathtag.com
940 B
2 facebook.com
www.facebook.com
162 B
2 media-amazon.com
m.media-amazon.com
7 KB
2 facebook.net
connect.facebook.net
96 KB
2 quora.com
a.quora.com
q.quora.com
14 KB
2 wp.com
stats.wp.com
pixel.wp.com
3 KB
2 blogherads.com
ads.blogherads.com
351 KB
1 nr-data.net
bam-cell.nr-data.net
911 B
1 newrelic.com
js-agent.newrelic.com
12 KB
1 quantcount.com
rules.quantcount.com
1 KB
1 rlcdn.com
api.rlcdn.com
241 B
1 liadm.com
idx.liadm.com
679 B
1 quantserve.com
secure.quantserve.com
9 KB
1 googleapis.com
fonts.googleapis.com
490 B
1 googletagmanager.com
www.googletagmanager.com
32 KB
1 onetrust.com
geolocation.onetrust.com
406 B
1 indexww.com
js-sec.indexww.com
16 KB
1 adsafeprotected.com
cdn.adsafeprotected.com
7 KB
1 mccdn.me
mccdn.me
89 KB
1 trackonomics.net
cdn-magiclinks.trackonomics.net
18 KB
1 pmc.com
iabusprivacy.pmc.com
273 B
1 permutive.com
cdn.permutive.com
123 KB
0 cloudfront.net Failed
d3ezl4ajpp2zy8.cloudfront.net Failed
163 39
Domain Requested by
37 bgr.com apple.news
bgr.com
15 platform.twitter.com bgr.com
tagan.adlightning.com
platform.twitter.com
11 images.outbrainimg.com bgr.com
11 cdn.cookielaw.org bgr.com
cdn.cookielaw.org
8 www.apple.com apple.news
www.apple.com
7 widgets.outbrain.com bgr.com
widgets.outbrain.com
tagan.adlightning.com
5 mcdp-nydc1.outbrain.com widgets.outbrain.com
4 aa.agkn.com 3 redirects d.agkn.com
3 syndication.twitter.com platform.twitter.com
bgr.com
3 match.adsrvr.org 2 redirects js-sec.indexww.com
3 front.optimonk.com bgr.com
front.optimonk.com
3 sb.scorecardresearch.com 1 redirects bgr.com
3 tagan.adlightning.com bgr.com
tagan.adlightning.com
3 apple.news apple.news
2 pbs.twimg.com bgr.com
2 pixel.mathtag.com 1 redirects d.agkn.com
2 odb.outbrain.com tagan.adlightning.com
2 assoc-na.associates-amazon.com z-na.associates-amazon.com
2 p.skimresources.com bgr.com
2 t.skimresources.com bgr.com
s.skimresources.com
2 r.skimresources.com 1 redirects bgr.com
2 www.facebook.com bgr.com
connect.facebook.net
2 manychat.com mccdn.me
2 m.media-amazon.com bgr.com
2 connect.facebook.net bgr.com
connect.facebook.net
2 ads.blogherads.com bgr.com
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com bgr.com
1 cdn.syndication.twimg.com platform.twitter.com
1 mv.outbrain.com tagan.adlightning.com
1 rules.quantcount.com secure.quantserve.com
1 api.rlcdn.com js-sec.indexww.com
1 idx.liadm.com js-sec.indexww.com
1 log.outbrainimg.com widgets.outbrain.com
1 d.agkn.com js.agkn.com
1 pixel.wp.com bgr.com
1 widget-pixels.outbrain.com bgr.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 secure.quantserve.com bgr.com
1 q.quora.com bgr.com
1 fonts.googleapis.com bgr.com
1 a.quora.com bgr.com
1 www.googletagmanager.com bgr.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 js-sec.indexww.com ads.blogherads.com
1 cdn.adsafeprotected.com ads.blogherads.com
1 mccdn.me widget.manychat.com
1 stats.wp.com bgr.com
1 js.agkn.com bgr.com
1 s.skimresources.com bgr.com
1 cdn-magiclinks.trackonomics.net bgr.com
1 z-na.associates-amazon.com bgr.com
1 iabusprivacy.pmc.com bgr.com
1 video-cdn.bgr.com bgr.com
1 cdn.permutive.com bgr.com
1 widget.manychat.com bgr.com
0 d3ezl4ajpp2zy8.cloudfront.net Failed apple.news
163 57
Subject Issuer Validity Valid
c.apple.news
Apple Public Server RSA CA 12 - G1		 2021-02-11 -
2022-03-13		 a year crt.sh
www.apple.com
DigiCert SHA2 Extended Validation Server CA-3		 2020-10-07 -
2021-10-08		 a year crt.sh
bgr.com
R3		 2021-04-08 -
2021-07-07		 3 months crt.sh
widget.manychat.com
Sectigo ECC Domain Validation Secure Server CA		 2021-03-18 -
2022-04-18		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2021-03-02 -
2022-03-01		 a year crt.sh
jwplayer.com
Amazon		 2021-01-29 -
2022-02-26		 a year crt.sh
*.blogherads.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-03 -
2022-06-04		 a year crt.sh
*.pmc.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-03 -
2022-06-04		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.adlightning.com
Amazon		 2020-07-22 -
2021-08-22		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
z-na.associates-amazon.com
Amazon		 2021-05-21 -
2022-06-19		 a year crt.sh
*.trackonomics.net
Go Daddy Secure Certificate Authority - G2		 2020-12-22 -
2022-01-23		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2020-09-10 -
2021-10-12		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
mccdn.me
Cloudflare Inc ECC CA-3		 2020-06-30 -
2021-06-30		 a year crt.sh
*.adsafeprotected.com
Amazon		 2020-08-19 -
2021-09-18		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
quora.com
R3		 2021-05-09 -
2021-08-07		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
Images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2021-03-23 -
2022-03-22		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
manychat.com
Sectigo ECC Domain Validation Secure Server CA		 2021-05-03 -
2022-06-02		 a year crt.sh
*.quora.com
R3		 2021-05-09 -
2021-08-07		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.optimonk.com
AlphaSSL CA - SHA256 - G2		 2021-04-19 -
2022-05-21		 a year crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
assoc-na.associates-amazon.com
Amazon		 2020-12-14 -
2021-12-13		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.liadm.com
Amazon		 2020-11-30 -
2021-12-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2021-07-15		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-21 -
2022-04-10		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 7 frames:

Primary Page: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Frame ID: E7F05275C5784F26C9821E5BC3245D5B
Requests: 137 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.3235795878144212
Frame ID: 354AC039EEC01089F03CD9AE496F2762
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 47067E464F423855CDCE3868C779BABF
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fbgr.com
Frame ID: 79547E9A314289E2AC7ACE78078611EC
Requests: 2 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=738919107&gdpr=&gdpr_consent=&ref=https%3A%2F%2Fapple.news%2F&bpid=penskemedia&c=%7B%22bpid%22%3A%22penskemedia%22%2C%22loc%22%3A%22https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22https%3A%2F%2Fapple.news%2F%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Tech%22%2C%22brd%22%3A%22-1%22%2C%22subcategory%22%3A%22%22%7D
Frame ID: 43E91CB9F6C83558D169B315DBC0F555
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: AA0595829904E996036F1E6DC69AFE9E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=aemeek&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1395138347601854465&lang=en&origin=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&sessionId=5cda257f035afb5dd8eed6928bf464a0946b2462&siteUserId=18131006&theme=light&widgetsVersion=82e1070%3A1619632193066&width=500px
Frame ID: 5646E55A3FCADE5E05B7A15B7966C141
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://apple.news/AeDxSu97OSg2ZlEhJ9-V3YA Page URL
  2. https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-... Page URL

Page Statistics

163
Requests

99 %
HTTPS

35 %
IPv6

39
Domains

57
Subdomains

52
IPs

4
Countries

4301 kB
Transfer

9099 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apple.news/AeDxSu97OSg2ZlEhJ9-V3YA Page URL
  2. https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035310&c3=&c4=&c5=&c6=&c15=&ns__t=1622052682159&ns_c=UTF-8&cv=3.5&c8=This%20dangerous%20new%20malware%20is%20stealing%20people%E2%80%99s%20passwords%20%E2%80%93%20BGR&c7=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&c9=https%3A%2F%2Fapple.news%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035310&c3=&c4=&c5=&c6=&c15=&ns__t=1622052682159&ns_c=UTF-8&cv=3.5&c8=This%20dangerous%20new%20malware%20is%20stealing%20people%E2%80%99s%20passwords%20%E2%80%93%20BGR&c7=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&c9=https%3A%2F%2Fapple.news%2F
Request Chain 88
  • https://r.skimresources.com/api/ HTTP 307
  • https://r.skimresources.com/api/?xguid=01F6MXZF27NS67GX345EYKE3T7&persistence=1&checksum=8ca2bde555d9f2d8a4bc5bc3babbce65af9f8d0b6315371106f628e8478bec0c
Request Chain 118
  • https://aa.agkn.com/adscores/g.pixel?sid=9212293468&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adadvisor&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adadvisor&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=f718825e-4205-4e90-bcc5-9a361067523a
Request Chain 119
  • https://aa.agkn.com/adscores/g.pixel?sid=9212293438 HTTP 302
  • https://pixel.mathtag.com/sync/img?redir=https://aa.agkn.com/adscores/g.pixel%3Fsid%3D9312292258%26mt%3D%5BMM_UUID%5D HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9312292258&mt=7ec560ae-8f4b-4700-8ee7-46a1bc005bee HTTP 302
  • https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=267460603798015166896

163 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
AeDxSu97OSg2ZlEhJ9-V3YA
apple.news/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apple.news/AeDxSu97OSg2ZlEhJ9-V3YA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:486::3277 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AppleHttpServer/e81851ddfbfa /
Resource Hash
4fb9fa856726bf005283bad635c1cd71429a3fe446fc9a114671f25c6476fa65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
apple.news
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
AppleHttpServer/e81851ddfbfa
Content-Type
text/html
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-B3-TraceId
482e402e0e7e6519
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
public, no-transform, max-age=300
Date
Wed, 26 May 2021 18:11:19 GMT
Content-Length
2384
Connection
keep-alive
fonts
www.apple.com/wss/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Requested by
Host: apple.news
URL: https://apple.news/AeDxSu97OSg2ZlEhJ9-V3YA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
433ba35f0585ad9b09e08d422a99881fd47f621650587251e7f59555131d5ef9
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com www.apple.com www.instagram.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://apple.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com www.apple.com www.instagram.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com; style-src 'unsafe-inline' *.apple.com
content-encoding
gzip
x-content-type-options
nosniff
server
Apple
date
Wed, 26 May 2021 18:11:19 GMT
x-frame-options
SAMEORIGIN
x-cache
TCP_MEM_HIT from a2-16-186-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
content-type
text/css
cache-control
max-age=1635
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
content-length
913
x-xss-protection
1; mode=block
expires
Wed, 26 May 2021 18:38:34 GMT
index.css
apple.news/css/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apple.news/css/index.css
Requested by
Host: apple.news
URL: https://apple.news/AeDxSu97OSg2ZlEhJ9-V3YA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:486::3277 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AppleHttpServer/e81851ddfbfa /
Resource Hash
dee7e43b051bd156b70a40ac0e5c532f372d0f2d71632b41e79ec1f517c3c112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apple.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://apple.news/AeDxSu97OSg2ZlEhJ9-V3YA
Connection
keep-alive
Referer
https://apple.news/AeDxSu97OSg2ZlEhJ9-V3YA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-B3-TraceId
298cdfc087cd5a1b
Connection
keep-alive
Content-Length
2100
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Tue, 27 Apr 2021 23:36:26 GMT
Server
AppleHttpServer/e81851ddfbfa
X-Frame-Options
DENY
Date
Wed, 26 May 2021 18:11:19 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=0, no-cache, no-store
Accept-Ranges
bytes
Expires
Wed, 26 May 2021 18:11:19 GMT
Appicon_v6.png
apple.news/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apple.news/images/Appicon_v6.png
Requested by
Host: apple.news
URL: https://apple.news/AeDxSu97OSg2ZlEhJ9-V3YA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:486::3277 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AppleHttpServer/e81851ddfbfa /
Resource Hash
b29623f7b2ecfc69dc402ccfc1a0c73e1889ffdd4c13840a723fcc02bf550136
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apple.news
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://apple.news/AeDxSu97OSg2ZlEhJ9-V3YA
Connection
keep-alive
Referer
https://apple.news/AeDxSu97OSg2ZlEhJ9-V3YA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Tue, 27 Apr 2021 23:36:26 GMT
Server
AppleHttpServer/e81851ddfbfa
X-B3-TraceId
c7ca2c41201a4fb3
Date
Wed, 26 May 2021 18:11:19 GMT
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11329
X-XSS-Protection
1; mode=block
Expires
Wed, 26 May 2021 18:11:19 GMT
sf-pro-text_semibold.woff2
www.apple.com/wss/fonts/SF-Pro-Text/v1/ 		166 KB
167 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Text/v1/sf-pro-text_semibold.woff2
Requested by
Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
970e676c52b275a819ab9170ec4427370cc6c7033aa2e6b0b9cb71b977b72542
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com www.apple.com www.instagram.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://apple.news
Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com www.apple.com www.instagram.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
server
Apple
date
Wed, 26 May 2021 18:11:19 GMT
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT from a2-16-186-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2825
strict-transport-security
max-age=31536000; includeSubdomains
content-length
169880
x-xss-protection
1; mode=block
expires
Wed, 26 May 2021 18:58:24 GMT
sf-pro-text_regular.woff2
www.apple.com/wss/fonts/SF-Pro-Text/v1/ 		152 KB
153 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Text/v1/sf-pro-text_regular.woff2
Requested by
Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
78f1a8f3787f77f7ab4fcbb12c87f5cd412556c04991cdadaacddcd9b5a3e68a
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com www.apple.com www.instagram.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://apple.news
Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com www.apple.com www.instagram.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
server
Apple
date
Wed, 26 May 2021 18:11:19 GMT
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT from a2-16-186-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=494
strict-transport-security
max-age=31536000; includeSubdomains
content-length
155504
x-xss-protection
1; mode=block
expires
Wed, 26 May 2021 18:19:33 GMT
SFProIcons_regular.woff
www.apple.com/wss/fonts/SF-Pro-Icons/v1/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Icons/v1/SFProIcons_regular.woff
Requested by
Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
3b7d2b4c5417a697678081ed3b344955f0b25e694171178b0c01e029b4a18e8b
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com www.apple.com www.instagram.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://apple.news
Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com www.apple.com www.instagram.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
server
Apple
date
Wed, 26 May 2021 18:11:19 GMT
x-frame-options
SAMEORIGIN
x-cache
TCP_MEM_HIT from a2-16-186-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=366
strict-transport-security
max-age=31536000; includeSubdomains
content-length
10380
x-xss-protection
1; mode=block
expires
Wed, 26 May 2021 18:17:25 GMT
sf-pro-display_heavy.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_heavy.woff2
Requested by
Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com www.apple.com www.instagram.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://apple.news
Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com www.apple.com www.instagram.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
server
Apple
date
Wed, 26 May 2021 18:11:19 GMT
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT from a2-16-186-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=1789
strict-transport-security
max-age=31536000; includeSubdomains
content-length
162416
x-xss-protection
1; mode=block
expires
Wed, 26 May 2021 18:41:08 GMT
sf-pro-display_bold.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 		150 KB
151 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_bold.woff2
Requested by
Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
d373cdc98dd21157916f450a67b90653c4a5333eca71a4c0c2cba47c642ded25
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com www.apple.com www.instagram.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://apple.news
Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com www.apple.com www.instagram.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
server
Apple
date
Wed, 26 May 2021 18:11:19 GMT
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT from a2-16-186-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=655
strict-transport-security
max-age=31536000; includeSubdomains
content-length
153880
x-xss-protection
1; mode=block
expires
Wed, 26 May 2021 18:22:14 GMT
sf-pro-display_regular.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 		138 KB
139 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_regular.woff2
Requested by
Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
1cd2500f652e5f7611dc8735b1455d572a7aa1ccede57d8e375ff88023cf9ccd
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com www.apple.com www.instagram.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://apple.news
Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com www.apple.com www.instagram.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
server
Apple
date
Wed, 26 May 2021 18:11:19 GMT
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT from a2-16-186-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2186
strict-transport-security
max-age=31536000; includeSubdomains
content-length
141324
x-xss-protection
1; mode=block
expires
Wed, 26 May 2021 18:47:45 GMT
SFProIcons_semibold.woff
www.apple.com/wss/fonts/SF-Pro-Icons/v1/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Icons/v1/SFProIcons_semibold.woff
Requested by
Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
41daac81421329b7091d3ea33d91959ee08135224c28f3dcb523341fa2e90393
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com www.apple.com www.instagram.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://apple.news
Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com www.apple.com www.instagram.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
server
Apple
date
Wed, 26 May 2021 18:11:19 GMT
x-frame-options
SAMEORIGIN
x-cache
TCP_MEM_HIT from a2-16-186-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=1547
strict-transport-security
max-age=31536000; includeSubdomains
content-length
8868
x-xss-protection
1; mode=block
expires
Wed, 26 May 2021 18:37:06 GMT
Primary Request /
bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/ 		135 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Requested by
Host: apple.news
URL: https://apple.news/AeDxSu97OSg2ZlEhJ9-V3YA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
8edb00f6779a2c78a824afc1288aad9b4dd599bc56c3460304d8711108677487
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests frame-ancestors 'none'
X-Frame-Options DENY

Request headers

:method
GET
:authority
bgr.com
:scheme
https
:path
/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://apple.news/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://apple.news/

Response headers

server
nginx
date
Wed, 26 May 2021 18:11:20 GMT
content-type
text/html; charset=UTF-8
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
host-header
a9130478a60e5f9135f765b23f26593b
x-ua-compatible
IE=Edge
x-distributor
yes
content-security-policy
upgrade-insecure-requests frame-ancestors 'none'
content-security-policy-report-only
default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://bgr.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly
x-frame-options
DENY
link
<https://bgr.com/wp-json/>; rel="https://api.w.org/" <https://bgr.com/wp-json/wp/v2/posts/5927634>; rel="alternate"; type="application/json" <https://bgr.com/?p=5927634>; rel=shortlink
content-encoding
gzip
x-rq
hhn2 113 53 3231
cache-control
max-age=300, must-revalidate
age
0
x-cache
miss
vary
Accept-Encoding
accept-ranges
bytes
133848416626248.js
widget.manychat.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.manychat.com/133848416626248.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software
openresty/1.17.8.2 /
Resource Hash
045722dec366e69c7732618fb76e7a8cf77f69797548ad12632f8d8309e8752e

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:20 GMT
cache-control
no-store
server
openresty/1.17.8.2
content-encoding
gzip
content-type
text/plain; charset=utf-8
3d2fb0bd-52fc-4b75-aaf5-2d436c172540-web.js
cdn.permutive.com/ 		670 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/3d2fb0bd-52fc-4b75-aaf5-2d436c172540-web.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab454649530ba587c002c92f241558399e5de49f7dc1cb56ecb21a4ff14cfcf0

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:20 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
3d2fb0bd-52fc-4b75-aaf5-2d436c172540
age
2554
x-guploader-uploadid
ABg5-Uyj9rMmnsAKFve-bfPuctT4NU0ngHa-aakjrH-3Viyc_W5fBkuOpghFL6_0CEOiM40vjKMkhcqr49i3CxVIijGZ47iiWg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
cf-request-id
0a4b78ca5b000007460d85b000000001
last-modified
Wed, 26 May 2021 13:28:41 GMT
server
cloudflare
etag
W/"2a0e7a15a98cd7c1e435ecaa9e7898a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=ViYHBA==, md5=Kg56FamM18HkNeyqnniYog==
x-goog-generation
1622035721444029
cache-control
public, max-age=300
x-goog-stored-content-length
138950
cf-ray
6558f723cc190746-FRA
expires
Wed, 26 May 2021 18:16:20 GMT
/
bgr.com/_static/ 		162 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bgr.com/_static/??-eJydkNsOwjAIhl9IhtuFZhfGZ6kdm509pbAZ397aOGOiiQeuoPB/0B/PEXTwQl7QTRDtNBjPyKSSPiJZxWJ0TMSMnWFBnZOUn4U6iIGF4WCDPgHLxRJXzvgqj6zwCbswo9PwnPc2KDF+gNl0FFAxk3BZ8OiM52jVhdJbrhzJEeNhSNCsm3oBlDP7PMM/KcoHXhTfWtIrnUn/uKA6B3NTIEv58ZSRJKpseltti/Be3yR7t6s3Td2uc9RXwTewYQ==
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
00bf107867079ab760066daf64d9c970be13de609fb1a7eb0ce83ddb040a5cb4

Request headers

:path
/_static/??-eJydkNsOwjAIhl9IhtuFZhfGZ6kdm509pbAZ397aOGOiiQeuoPB/0B/PEXTwQl7QTRDtNBjPyKSSPiJZxWJ0TMSMnWFBnZOUn4U6iIGF4WCDPgHLxRJXzvgqj6zwCbswo9PwnPc2KDF+gNl0FFAxk3BZ8OiM52jVhdJbrhzJEeNhSNCsm3oBlDP7PMM/KcoHXhTfWtIrnUn/uKA6B3NTIEv58ZSRJKpseltti/Be3yR7t6s3Td2uc9RXwTewYQ==
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:20 GMT
content-encoding
gzip
x-rq
hhn2 112 153 3188
last-modified
Mon, 24 May 2021 23:46:42 GMT
server
nginx
age
152578
vary
Accept-Encoding
x-cache
hit
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
28296
pmc-utils.js
bgr.com/wp-content/plugins/pmc-plugins/pmc-global-functions/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bgr.com/wp-content/plugins/pmc-plugins/pmc-global-functions/js/pmc-utils.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b4df87d9d632094ba5fbede8091e97c30dc07605c3ec4220d56363fd7d8edc4d

Request headers

:path
/wp-content/plugins/pmc-plugins/pmc-global-functions/js/pmc-utils.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:20 GMT
content-encoding
gzip
x-rq
hhn2 119 98 3085
last-modified
Mon, 24 May 2021 21:24:22 GMT
server
nginx
age
152578
etag
W/"60ac1986-4dbe"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6554
expires
Thu, 26 May 2022 18:11:20 GMT
/
bgr.com/_static/ 		97 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bgr.com/_static/??/wp-includes/js/jquery/jquery.min.js,/wp-content/plugins/pmc-plugins/pmc-global-functions/js/jquery-migrate.min.js?m=1620863995j
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
40a6cf893aa27d102d75dfb0fb21cd92a422d4e2fa801c067fb986fd3e6596a7

Request headers

:path
/_static/??/wp-includes/js/jquery/jquery.min.js,/wp-content/plugins/pmc-plugins/pmc-global-functions/js/jquery-migrate.min.js?m=1620863995j
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:20 GMT
content-encoding
gzip
x-rq
hhn2 119 98 3085
last-modified
Thu, 13 May 2021 00:00:09 GMT
server
nginx
age
152578
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
34695
/
bgr.com/_static/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bgr.com/_static/??-eJydjtsKwjAQRH/IdGnx+iB+S5NuZUNuZJOU/r0pVdE369vMwDkMTEEo7xK6BMHkOzmGYJX4zGMklojQM2Ni0AzPpbHkGs07+EHiHaaYOS34K2/hA0abExVcBO+yxdAPVpRuwdnnqFDWBxi/yn+64M08kjFAlYiMKpF3wkvGWLY5Cw3o69LP9ZheNz2tvTpu9toeu/Z8afeHk34AXcCm1w==
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bbe738c77fcc965aa21aab65476f674bc537d244c3c33ef721315fa462c9699d

Request headers

:path
/_static/??-eJydjtsKwjAQRH/IdGnx+iB+S5NuZUNuZJOU/r0pVdE369vMwDkMTEEo7xK6BMHkOzmGYJX4zGMklojQM2Ni0AzPpbHkGs07+EHiHaaYOS34K2/hA0abExVcBO+yxdAPVpRuwdnnqFDWBxi/yn+64M08kjFAlYiMKpF3wkvGWLY5Cw3o69LP9ZheNz2tvTpu9toeu/Z8afeHk34AXcCm1w==
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:20 GMT
content-encoding
gzip
x-rq
hhn2 117 245 3103
last-modified
Mon, 24 May 2021 21:24:21 GMT
server
nginx
age
152578
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
13461
AuPAHJqR.js
video-cdn.bgr.com/libraries/ 		122 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-cdn.bgr.com/libraries/AuPAHJqR.js?ver=5.7.2
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:c800:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
03c413ee8a9022149607543a6eae4d920a851a2bfc488f30a5e9aadbc4cb6416

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:08:52 GMT
content-encoding
gzip
server
openresty
age
148
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
x-amz-cf-pop
DUS51-C1
content-length
40510
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
x-amz-cf-id
l_uGu2UxW5cMrcJsSoszMc-vdfsClbBaT69AY-YauJ3fh2L3YeXokg==
expires
Wed, 26 May 2021 18:08:47 GMT
header.js
ads.blogherads.com/sk/00/000/00000/26808/ 		38 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/sk/00/000/00000/26808/header.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.131 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ee24164628b530b7b8d3e300e0bcdef4f3b91e962400c9bed87873844da70a91

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:20 GMT
via
1.1 varnish
age
60685
x-cache
HIT
x-country
EU
content-encoding
br
x-amz-request-id
R993TNTZASJXY008
x-amz-id-2
Xb+dYTB+FoPx0WBv9pGw3KZ5DqrjCokPBhb9XO5uU0N4xriKzk8BgbleKkVQjWa31cigZLTkYxQ=
x-served-by
cache-hhn4077-HHN
last-modified
Wed, 05 May 2021 23:53:52 GMT
x-timer
S1622052680.284820,VS0,VE1
etag
"04313454df67ff2d8ead8671ff9bdf53"
vary
x-gdpr, accept-encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
none
x-cache-hits
1
blogherads.js
ads.blogherads.com/static/ 		812 KB
345 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/blogherads.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.131 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
beac9be3a5c9dd9f60a172ea643dd30a5b71ff48379fb07962d01c42e68047e7

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:20 GMT
via
1.1 varnish
age
35457
x-cache
HIT
x-country
EU
content-encoding
br
x-amz-request-id
B6CT8FSF767ZQ9GW
x-amz-id-2
nzyq/4QUovuqEVDgd+Br6US37fT9ZJhP3NLQWykvrdMe1eMARqjAOPTh9gm/6HE5T0TStHR02oM=
x-served-by
cache-hhn4077-HHN
last-modified
Fri, 21 May 2021 17:58:44 GMT
x-timer
S1622052680.284801,VS0,VE0
etag
"1464361a5be0a5c8c7fcb00569e37c56"
vary
x-gdpr, accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
none
x-cache-hits
163
geo-info.js
iabusprivacy.pmc.com/ 		109 B
273 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iabusprivacy.pmc.com/geo-info.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
4e326bc246c28cccdbd316a5c0817903412f23e17b048f4412797dae18c5d720

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1622052681.035495,VS0,VE0
x-served-by
cache-fra19135-FRA
x-cache
HIT
x-via
Fastly
accept-ranges
bytes
content-length
109
retry-after
0
x-cache-hits
0
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 May 2021 18:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
pE7xqZRyx6XQkryUB7ni+A==
age
4322
vary
Accept-Encoding
content-length
5801
cf-request-id
0a4b78ca5b0000c290ac3b3000000001
x-ms-lease-status
unlocked
last-modified
Mon, 24 May 2021 01:24:51 GMT
server
cloudflare
etag
0x8D91E52BA7E7D6A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2d28f1ae-701e-0070-7d48-50ab22000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6558f723cc10c290-FRA
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 May 2021 18:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YyyuJSQqC/IlFtjhtrYhpg==
age
483
vary
Accept-Encoding
cf-request-id
0a4b78ca5b0000c290a8a27000000001
x-ms-lease-status
unlocked
last-modified
Wed, 03 Mar 2021 08:12:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
092852fe-901e-00bd-3547-25ce6a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6558f723cc11c290-FRA
tcf.stub.js
cdn.cookielaw.org/consent/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/tcf.stub.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02a8cd07f9b72905689074cfd8852c03cde76a58d1ae30939ee6c05f737d47e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 May 2021 18:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wWRR1dd+iePr7uQuaw5L+w==
age
484
vary
Accept-Encoding
cf-request-id
0a4b78ca5b0000c29087941000000001
x-ms-lease-status
unlocked
last-modified
Mon, 24 May 2021 01:25:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d37ee26f-101e-0120-2a40-50f27f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6558f723cc14c290-FRA
op.js
tagan.adlightning.com/penske/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/penske/op.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-35.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
990aa53b31e38475a8d8bcd1a5d2b207bad8aef5cb8467ae35e8abbcaea52cd1

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
R_z5pW2AR7VDoKJYI9aCkw7G2h2StlAy
content-encoding
gzip
etag
"fcdc10a7b6a298fb5d5000cf8ee59742"
age
1732
x-cache
Hit from cloudfront
content-length
13614
x-amz-meta-git_commit
165eba0
last-modified
Tue, 25 May 2021 20:46:32 GMT
server
AmazonS3
date
Wed, 26 May 2021 17:42:37 GMT
content-type
application/javascript
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
JXrQPwDMWVQJkb5iiY9NXmL3-oovSFgF-Bv7P5V_E9rwrmMQjs23AA==
us-flag.png
bgr.com/wp-content/themes/bgr-2021/assets/images/header/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/themes/bgr-2021/assets/images/header/us-flag.png
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
15a09a380bbd71767ebcceb5cdefb1c319f688de77a9a4434f6711d65ad32c1f

Request headers

:path
/wp-content/themes/bgr-2021/assets/images/header/us-flag.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
x-rq
hhn2 114 22 3257
last-modified
Thu, 29 Apr 2021 21:27:41 GMT
server
nginx
age
705871
etag
"608b24cd-1316"
x-cache
hit
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4886
expires
Thu, 26 May 2022 18:11:21 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-29.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:06:45 GMT
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
276
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
4u52lOnQgKzyR-9LyVAJ9Rvfu2684xPp549yjL6t-XAnUuMFPhFUww==
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D3) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/67D3)
Age
1320
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28779
v2
z-na.associates-amazon.com/onetag/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=1e33850c-6557-44f9-8fa9-d8a945b7bb10
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.82.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-82-136.fra2.r.cloudfront.net
Software
Server /
Resource Hash
2909664ed7d5892bb358d2eaf8879c58ca825de7ceff0c560990dddf0078b11d

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 05:05:29 GMT
content-encoding
gzip
accept-charset
UTF-8
server
Server
age
47152
x-amz-rid
SCZYNDSCN92FJJRHP0TX
vary
accept-encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
permissions-policy
interest-cohort=()
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
2UemAtLZcGnoDHzNgtjpKRLjyJr9ukjuggaFBDKufiXTd7XopbJlCw==
via
1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
pmc_0aaa4_bgr.js
cdn-magiclinks.trackonomics.net/client/static/v2/ 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-magiclinks.trackonomics.net/client/static/v2/pmc_0aaa4_bgr.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:f400:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash
18d2e1848cc57c97d375fd96ad3b2278dd024d054413d170d7f1bf2b54afc740

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 13:31:53 GMT
content-encoding
gzip
last-modified
Wed, 03 Feb 2021 14:38:26 GMT
server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
age
17197
etag
W/"f8a1-5ba6f8a35599b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
ExGgYWJyscH1qLYnNk-K60TQVyDMgx_7Yq4v4RFNbzZdd-JWxrdx0Q==
via
1.1 aff6ac5c98fa897349204752e5877c81.cloudfront.net (CloudFront)
87443X1540249.skimlinks.js
s.skimresources.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/87443X1540249.skimlinks.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ca4426b0a0b5d2564cfcb0a1fb3344c530800756341e8f62b852bdf07f3b02a

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:20 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 12:10:02 GMT
server
AmazonS3
x-amz-request-id
T18Z3DN3RY32B8XZ
etag
"14b530623a696e6cdc127441c0de5fac"
x-hw
1622052680.cds168.fr8.hn,1622052680.cds278.fr8.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
13889
x-amz-id-2
/OBnKSr6UXlID6UcPuL0XHxWt8Ss1CCK16IgjJRWWP/I6jXBMtSZFmx2KJWT9jS/vTlwxiLn4XI=
tag.js
js.agkn.com/prod/v0/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.agkn.com/prod/v0/tag.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1c00:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 16:18:01 GMT
via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified
Tue, 22 Oct 2019 20:22:52 GMT
server
AmazonS3
age
7367
etag
"f53f55cbab099be3a970b446a66c496a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
3167
x-amz-cf-id
BcX802je7fIr0PaYrgdQcYXgEdzCBpTPeaAHF01VhANal_6BDMHzuQ==
/
bgr.com/_static/ 		174 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bgr.com/_static/??-eJytkttOwzAMhl+ILNuQKnaBeBY3McUldUqc9PD2eC2aQCqCIu4SH77/jx079obYheJRbCu2sMckLiY8dMSHVu6sVrjIGTnbPpSGWGzfOfP5PJDHqBGYMV0p6x28/BbQiglUJ0ikNgZkH9MafyuYZoOTdgtFrT4djtuZPX635D6AxAPhuMh8iezBNzE2AU1hGnSYEAwwhDmTW0aMKphNTuBeiZv/48aS9UnE5u8CzyFC1p51oRZEMC/sW6Id1y1vUbtygwlCci8WA4ja6xOKWE+SFxY4pRpxifq8xx34zgznK2KpnHLREXxv52dMHWOHCbixdaHgLennnxTz1D2eqvPxobq/XKr2HaDlLi4=
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b2b024f5d18666e32b46e4a1f027a70de2301c360a4655d657c22c10bf9f42a4

Request headers

:path
/_static/??-eJytkttOwzAMhl+ILNuQKnaBeBY3McUldUqc9PD2eC2aQCqCIu4SH77/jx079obYheJRbCu2sMckLiY8dMSHVu6sVrjIGTnbPpSGWGzfOfP5PJDHqBGYMV0p6x28/BbQiglUJ0ikNgZkH9MafyuYZoOTdgtFrT4djtuZPX635D6AxAPhuMh8iezBNzE2AU1hGnSYEAwwhDmTW0aMKphNTuBeiZv/48aS9UnE5u8CzyFC1p51oRZEMC/sW6Id1y1vUbtygwlCci8WA4ja6xOKWE+SFxY4pRpxifq8xx34zgznK2KpnHLREXxv52dMHWOHCbixdaHgLennnxTz1D2eqvPxobq/XKr2HaDlLi4=
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
content-encoding
gzip
x-rq
hhn2 113 53 3231
last-modified
Wed, 12 May 2021 23:59:56 GMT
server
nginx
age
152578
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
58826
outbrain.js
widgets.outbrain.com/ 		174 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js?ver=5.7.2
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ea4fdcc21a72f6a6fa9cd48fa73465ace247e65936e63d25713858398a62e148

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
content-encoding
gzip
last-modified
Wed, 26 May 2021 12:54:02 GMT
etag
W/"2b776-RHJJn4U+Px/ltzWqgszzBvQbbJ4"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
cb0bccfe0a174eec46222e89c3708d06
timing-allow-origin
*, *
content-length
58950
expires
Wed, 26 May 2021 22:11:21 GMT
e-202121.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202121.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn
date
Wed, 26 May 2021 18:11:21 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 15 May 2022 18:07:02 GMT
widget.js
mccdn.me/assets/js/ 		386 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mccdn.me/assets/js/widget.js
Requested by
Host: widget.manychat.com
URL: https://widget.manychat.com/133848416626248.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:486c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b06819f67294d9dfdd59b3ed6c41d8ae356a915851b2e0951a534086dc958579

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 May 2021 15:05:08 GMT
server
cloudflare
age
5679
etag
W/"60abc0a4-60900"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VctqZ6BWkJ6U%2Bnl2Cra%2FxrNl%2BmsB4MIbq7K6ehrP9FcRc%2FFxGd0YYbMFxvKOWyeanOgXCImds7nYDeKxCtlsi7Zkbwe7dqipExDfyfqnB531Kwor67LNTyTC7yup1HeCrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=7200
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6558f72ae9050631-FRA
cf-request-id
0a4b78ced5000006316dbd5000000001
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-116.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 22:35:20 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 08 Jul 2020 20:34:30 GMT
Server
AmazonS3
Age
156962
ETag
W/"a8663f72a1dbe614b19f167a59af368d"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
er20Nz00WbN1TCbHgke8J7ynelbhGn7Hwdorw5V2hIngDyIo6FLikQ==
183734-148898461760049.js
js-sec.indexww.com/ht/p/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183734-148898461760049.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.98 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-225-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
290741ca9009a234685a84590c6c74d834a0e8a348056514e86d8bf54cc3c849

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 May 2021 17:25:14 GMT
Server
Apache
ETag
"90212d-bde9-5c33eecfd4297"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=964
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
15804
Expires
Wed, 26 May 2021 18:27:25 GMT
16a54367-bca8-47c3-89fe-1ebefbc8c0e5.json
cdn.cookielaw.org/consent/16a54367-bca8-47c3-89fe-1ebefbc8c0e5/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/16a54367-bca8-47c3-89fe-1ebefbc8c0e5/16a54367-bca8-47c3-89fe-1ebefbc8c0e5.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07f0dfe5c1f3785ecc343e2404a797c7b59a74a22be9011d0858940dfe655e07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 May 2021 18:11:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OY/RRXzywtwxqVFifiQjvQ==
age
6613
vary
Accept-Encoding
content-length
1332
cf-request-id
0a4b78ce8c00004e971f17b000000001
x-ms-lease-status
unlocked
last-modified
Tue, 16 Mar 2021 22:41:25 GMT
server
cloudflare
etag
0x8D8E8CCA184C601
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
730005f8-301e-00ff-2f1d-33e57e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6558f72a7e234e97-FRA
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		162 B
406 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6558f72bba2e4a5c-FRA
cf-request-id
0a4b78cf5700004a5cfc3ca000000001
gtm.js
www.googletagmanager.com/ 		84 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KBGHR3
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4aebcdce1860509b72407d9a99c5a7a259772f4893ba3314e734c83b4a8339cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32641
x-xss-protection
0
expires
Wed, 26 May 2021 18:11:21 GMT
qevents.js
a.quora.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.quora.com/qevents.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding
gzip
etag
"f32ebb1e93a72c0a57add6d07f688510"
age
3926
x-cache
HIT, HIT
content-length
13681
x-amz-id-2
8+2n5Cc0lyNcCc4AaeyRGWsmmFU/xh7/tdYgOAo3r7WHIeejE+Eo2fS8B1ryPNUGtCFrq2CGDII=
x-served-by
cache-bwi5151-BWI, cache-hhn4062-HHN
last-modified
Fri, 25 Oct 2019 19:28:38 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer
S1622052682.553596,VS0,VE0
date
Wed, 26 May 2021 18:11:21 GMT
vary
Accept-Encoding
x-amz-request-id
S81BNW8TKYEPJPW4
via
1.1 varnish, 1.1 varnish
cache-control
max-age=7200
accept-ranges
bytes
content-type
text/plain
x-cache-hits
1, 1045
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24156
x-fb-rlafr
0
pragma
public
x-fb-debug
t7TuVk1yTJh9lIqkEtChyaAWEPPYgRbhdEe8Lgf4jbEyYZmdJBYCv/PjfgpyJI5gK3B7uaDL4tw1aZ4dbfTubg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 26 May 2021 18:11:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
noto-sans-regular.ttf
bgr.com/wp-content/themes/bgr-2021/assets/fonts/noto-sans/ 		390 KB
210 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bgr.com/wp-content/themes/bgr-2021/assets/fonts/noto-sans/noto-sans-regular.ttf
Requested by
Host: bgr.com
URL: https://bgr.com/_static/??-eJydkNsOwjAIhl9IhtuFZhfGZ6kdm509pbAZ397aOGOiiQeuoPB/0B/PEXTwQl7QTRDtNBjPyKSSPiJZxWJ0TMSMnWFBnZOUn4U6iIGF4WCDPgHLxRJXzvgqj6zwCbswo9PwnPc2KDF+gNl0FFAxk3BZ8OiM52jVhdJbrhzJEeNhSNCsm3oBlDP7PMM/KcoHXhTfWtIrnUn/uKA6B3NTIEv58ZSRJKpseltti/Be3yR7t6s3Td2uc9RXwTewYQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2ddeaed07f6483f7831b23faa32cf85a04c3406eb4bb2925530894805a05d4fb

Request headers

:path
/wp-content/themes/bgr-2021/assets/fonts/noto-sans/noto-sans-regular.ttf
pragma
no-cache
origin
https://bgr.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
bgr.com
referer
https://bgr.com/_static/??-eJydkNsOwjAIhl9IhtuFZhfGZ6kdm509pbAZ397aOGOiiQeuoPB/0B/PEXTwQl7QTRDtNBjPyKSSPiJZxWJ0TMSMnWFBnZOUn4U6iIGF4WCDPgHLxRJXzvgqj6zwCbswo9PwnPc2KDF+gNl0FFAxk3BZ8OiM52jVhdJbrhzJEeNhSNCsm3oBlDP7PMM/KcoHXhTfWtIrnUn/uKA6B3NTIEv58ZSRJKpseltti/Be3yR7t6s3Td2uc9RXwTewYQ==
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://bgr.com
Referer
https://bgr.com/_static/??-eJydkNsOwjAIhl9IhtuFZhfGZ6kdm509pbAZ397aOGOiiQeuoPB/0B/PEXTwQl7QTRDtNBjPyKSSPiJZxWJ0TMSMnWFBnZOUn4U6iIGF4WCDPgHLxRJXzvgqj6zwCbswo9PwnPc2KDF+gNl0FFAxk3BZ8OiM52jVhdJbrhzJEeNhSNCsm3oBlDP7PMM/KcoHXhTfWtIrnUn/uKA6B3NTIEv58ZSRJKpseltti/Be3yR7t6s3Td2uc9RXwTewYQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
content-encoding
gzip
age
1819
x-cache
grace
content-length
214937
x-rq
hhn2 117 245 3103
last-modified
Thu, 29 Apr 2021 21:27:42 GMT
server
nginx
etag
W/"608b24ce-61678"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 26 May 2022 18:11:21 GMT
noto-sans-bold.ttf
bgr.com/wp-content/themes/bgr-2021/assets/fonts/noto-sans/ 		389 KB
209 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bgr.com/wp-content/themes/bgr-2021/assets/fonts/noto-sans/noto-sans-bold.ttf
Requested by
Host: bgr.com
URL: https://bgr.com/_static/??-eJydkNsOwjAIhl9IhtuFZhfGZ6kdm509pbAZ397aOGOiiQeuoPB/0B/PEXTwQl7QTRDtNBjPyKSSPiJZxWJ0TMSMnWFBnZOUn4U6iIGF4WCDPgHLxRJXzvgqj6zwCbswo9PwnPc2KDF+gNl0FFAxk3BZ8OiM52jVhdJbrhzJEeNhSNCsm3oBlDP7PMM/KcoHXhTfWtIrnUn/uKA6B3NTIEv58ZSRJKpseltti/Be3yR7t6s3Td2uc9RXwTewYQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f9a6bd489df560f7a925b43d5b48d4536fa24589332e53702b63fc0072898f86

Request headers

:path
/wp-content/themes/bgr-2021/assets/fonts/noto-sans/noto-sans-bold.ttf
pragma
no-cache
origin
https://bgr.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
bgr.com
referer
https://bgr.com/_static/??-eJydkNsOwjAIhl9IhtuFZhfGZ6kdm509pbAZ397aOGOiiQeuoPB/0B/PEXTwQl7QTRDtNBjPyKSSPiJZxWJ0TMSMnWFBnZOUn4U6iIGF4WCDPgHLxRJXzvgqj6zwCbswo9PwnPc2KDF+gNl0FFAxk3BZ8OiM52jVhdJbrhzJEeNhSNCsm3oBlDP7PMM/KcoHXhTfWtIrnUn/uKA6B3NTIEv58ZSRJKpseltti/Be3yR7t6s3Td2uc9RXwTewYQ==
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://bgr.com
Referer
https://bgr.com/_static/??-eJydkNsOwjAIhl9IhtuFZhfGZ6kdm509pbAZ397aOGOiiQeuoPB/0B/PEXTwQl7QTRDtNBjPyKSSPiJZxWJ0TMSMnWFBnZOUn4U6iIGF4WCDPgHLxRJXzvgqj6zwCbswo9PwnPc2KDF+gNl0FFAxk3BZ8OiM52jVhdJbrhzJEeNhSNCsm3oBlDP7PMM/KcoHXhTfWtIrnUn/uKA6B3NTIEv58ZSRJKpseltti/Be3yR7t6s3Td2uc9RXwTewYQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
content-encoding
gzip
age
348
x-cache
hit
content-length
213285
x-rq
hhn2 119 98 3085
last-modified
Thu, 29 Apr 2021 21:27:36 GMT
server
nginx
etag
W/"608b24c8-6153c"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 26 May 2022 18:11:21 GMT
bedsheets-e1610142875597.jpg
bgr.com/wp-content/uploads/2021/01/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2021/01/bedsheets-e1610142875597.jpg?resize=150,84
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ad6a00d137c18483b001c9491c1067a7d6951e64eb12fcd05faebfa5a004d0d8

Request headers

:path
/wp-content/uploads/2021/01/bedsheets-e1610142875597.jpg?resize=150,84
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
x-rq
hhn2 109 196 443
last-modified
Wed, 26 May 2021 16:58:00 GMT
server
nginx
etag
"a39581ebe517bcb8"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2500
expires
Thu, 26 May 2022 16:58:00 GMT
amazon-boxes-deals-sign.jpg
bgr.com/wp-content/uploads/2020/09/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2020/09/amazon-boxes-deals-sign.jpg?resize=150,100
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
41c43d3a5c89ba288f7f94993b225b6889c5e320b171793cc82f24ceb7181441

Request headers

:path
/wp-content/uploads/2020/09/amazon-boxes-deals-sign.jpg?resize=150,100
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
x-rq
hhn2 109 86 443
last-modified
Tue, 18 May 2021 14:43:53 GMT
server
nginx
etag
"bde98ab4c44c4e5a"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5536
expires
Wed, 18 May 2022 14:43:53 GMT
modern-house-smart-home-garage.jpg
bgr.com/wp-content/uploads/2021/05/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2021/05/modern-house-smart-home-garage.jpg?resize=150,91
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f9b899a83a8599fd4b4c026567649b656540965037d920d2194ccef130ebf47d

Request headers

:path
/wp-content/uploads/2021/05/modern-house-smart-home-garage.jpg?resize=150,91
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
x-rq
hhn2 109 196 443
last-modified
Thu, 20 May 2021 12:22:32 GMT
server
nginx
etag
"28b81267d76cc1b9"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7336
expires
Fri, 20 May 2022 12:22:32 GMT
amazon-sign-black-friday-deals.jpg
bgr.com/wp-content/uploads/2019/11/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2019/11/amazon-sign-black-friday-deals.jpg?resize=150,86
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fed723f5ac5b6df333c7b91eb3873317610479c386f795c403a462185b1647cb

Request headers

:path
/wp-content/uploads/2019/11/amazon-sign-black-friday-deals.jpg?resize=150,86
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
x-rq
hhn2 109 142 443
last-modified
Thu, 20 May 2021 12:38:04 GMT
server
nginx
etag
"ad9c598700dccb9c"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4228
expires
Fri, 20 May 2022 12:38:04 GMT
Snaptain-S5C-2K-Camera-Drone.jpg
bgr.com/wp-content/uploads/2021/04/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2021/04/Snaptain-S5C-2K-Camera-Drone.jpg?resize=150,99
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ae923e0a5e1e6ec2102bc44f3cb72c5ce2d3ea2730d338f978ac8071f653bc2f

Request headers

:path
/wp-content/uploads/2021/04/Snaptain-S5C-2K-Camera-Drone.jpg?resize=150,99
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
x-rq
hhn2 109 30 443
last-modified
Tue, 25 May 2021 18:36:11 GMT
server
nginx
etag
"f0424648c535a1a8"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8958
expires
Wed, 25 May 2022 18:36:11 GMT
andy-meek_s150.jpg
bgr.com/wp-content/themes/bgr-2021/assets/images/avatars/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/themes/bgr-2021/assets/images/avatars/andy-meek_s150.jpg
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a5825a1267bc847e696f3ab56a03f80c087b4a1f708a935df45a4d19dd4873a3

Request headers

:path
/wp-content/themes/bgr-2021/assets/images/avatars/andy-meek_s150.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
x-rq
hhn2 113 53 3231
last-modified
Thu, 13 May 2021 12:35:33 GMT
server
nginx
age
704889
etag
"609d1d15-8807"
x-cache
hit
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
34823
expires
Thu, 26 May 2022 18:11:21 GMT
rsz_adobestock_297841435.jpg
bgr.com/wp-content/uploads/2021/05/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2021/05/rsz_adobestock_297841435.jpg?resize=720,405
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4437d230727b562eaa51b3243d993f0d37fc1813fb893441bbb237b159a9d949

Request headers

:path
/wp-content/uploads/2021/05/rsz_adobestock_297841435.jpg?resize=720,405
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
x-rq
hhn2 109 142 443
last-modified
Tue, 18 May 2021 14:06:04 GMT
server
nginx
etag
"e7797368fcfb8314"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
113332
expires
Wed, 18 May 2022 14:06:04 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.10.0/ 		356 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 May 2021 18:11:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Bh9exWOPGIwRshWljrtlEw==
age
1071495
vary
Accept-Encoding
content-length
79698
cf-request-id
0a4b78cfae0000c290d5184000000001
x-ms-lease-status
unlocked
last-modified
Thu, 03 Dec 2020 02:43:00 GMT
server
cloudflare
etag
0x8D89735260901BC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4ceaee23-e01e-0090-6d9b-484daa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6558f72c4c3fc290-FRA
expires
Thu, 03 Jun 2021 18:11:21 GMT
noto-sans-italic.ttf
bgr.com/wp-content/themes/bgr-2021/assets/fonts/noto-sans/ 		268 KB
161 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bgr.com/wp-content/themes/bgr-2021/assets/fonts/noto-sans/noto-sans-italic.ttf
Requested by
Host: bgr.com
URL: https://bgr.com/_static/??-eJydkNsOwjAIhl9IhtuFZhfGZ6kdm509pbAZ397aOGOiiQeuoPB/0B/PEXTwQl7QTRDtNBjPyKSSPiJZxWJ0TMSMnWFBnZOUn4U6iIGF4WCDPgHLxRJXzvgqj6zwCbswo9PwnPc2KDF+gNl0FFAxk3BZ8OiM52jVhdJbrhzJEeNhSNCsm3oBlDP7PMM/KcoHXhTfWtIrnUn/uKA6B3NTIEv58ZSRJKpseltti/Be3yR7t6s3Td2uc9RXwTewYQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5e66ad6eba3f6eb2e5dd69045dfcb676d489bf2bef92186e4a08e1b6f77d39b6

Request headers

:path
/wp-content/themes/bgr-2021/assets/fonts/noto-sans/noto-sans-italic.ttf
pragma
no-cache
origin
https://bgr.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
bgr.com
referer
https://bgr.com/_static/??-eJydkNsOwjAIhl9IhtuFZhfGZ6kdm509pbAZ397aOGOiiQeuoPB/0B/PEXTwQl7QTRDtNBjPyKSSPiJZxWJ0TMSMnWFBnZOUn4U6iIGF4WCDPgHLxRJXzvgqj6zwCbswo9PwnPc2KDF+gNl0FFAxk3BZ8OiM52jVhdJbrhzJEeNhSNCsm3oBlDP7PMM/KcoHXhTfWtIrnUn/uKA6B3NTIEv58ZSRJKpseltti/Be3yR7t6s3Td2uc9RXwTewYQ==
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://bgr.com
Referer
https://bgr.com/_static/??-eJydkNsOwjAIhl9IhtuFZhfGZ6kdm509pbAZ397aOGOiiQeuoPB/0B/PEXTwQl7QTRDtNBjPyKSSPiJZxWJ0TMSMnWFBnZOUn4U6iIGF4WCDPgHLxRJXzvgqj6zwCbswo9PwnPc2KDF+gNl0FFAxk3BZ8OiM52jVhdJbrhzJEeNhSNCsm3oBlDP7PMM/KcoHXhTfWtIrnUn/uKA6B3NTIEv58ZSRJKpseltti/Be3yR7t6s3Td2uc9RXwTewYQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
content-encoding
gzip
age
503
x-cache
hit
content-length
164525
x-rq
hhn2 112 153 3188
last-modified
Thu, 29 Apr 2021 21:27:37 GMT
server
nginx
etag
W/"608b24c9-430c0"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 26 May 2022 18:11:21 GMT
31gtbqaQ1nL._SL160_.jpg
m.media-amazon.com/images/I/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/31gtbqaQ1nL._SL160_.jpg
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ac00:1d:d7f6:39cf:a761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
09b94865bcb2bef64df19d1526f08f8ccf1e850eee04e92596359f9f62553f25

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 06:20:19 GMT
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
age
10274684
edge-cache-tag
x-cache-571,/images/I/31gtbqaQ1nL
x-cache
Hit from cloudfront
content-length
2211
surrogate-key
x-cache-571 /images/I/31gtbqaQ1nL
last-modified
Mon, 11 Nov 2019 16:18:27 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
992873bd-a4c9-4b46-9e49-4e3354c56f3c
x-amz-cf-pop
DUS51-C1
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
-d9jFm9W342RtUKLj9KhPWMZ5uyF1vdhmztPb8jui1RDCTLt2FFO8Q==
expires
Sun, 12 Aug 2040 20:28:41 GMT
prime-logo.png
bgr.com/wp-content/themes/bgr-2021/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/themes/bgr-2021/assets/images/prime-logo.png
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
87dcef2abb4e531715da06878b3638d23e9bf225391f62a9cfede3283e946f85

Request headers

:path
/wp-content/themes/bgr-2021/assets/images/prime-logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
x-rq
hhn2 117 245 3103
last-modified
Thu, 29 Apr 2021 21:27:42 GMT
server
nginx
age
705867
etag
"608b24ce-ca2"
x-cache
hit
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3234
expires
Thu, 26 May 2022 18:11:21 GMT
truncated
/ 		277 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62757a3202b4dabc8cf4612490e9632516b8dad77c5536e25b71225763094924

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
noto-sans-semibold.ttf
bgr.com/wp-content/themes/bgr-2021/assets/fonts/noto-sans/ 		306 KB
171 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bgr.com/wp-content/themes/bgr-2021/assets/fonts/noto-sans/noto-sans-semibold.ttf
Requested by
Host: bgr.com
URL: https://bgr.com/_static/??-eJydkNsOwjAIhl9IhtuFZhfGZ6kdm509pbAZ397aOGOiiQeuoPB/0B/PEXTwQl7QTRDtNBjPyKSSPiJZxWJ0TMSMnWFBnZOUn4U6iIGF4WCDPgHLxRJXzvgqj6zwCbswo9PwnPc2KDF+gNl0FFAxk3BZ8OiM52jVhdJbrhzJEeNhSNCsm3oBlDP7PMM/KcoHXhTfWtIrnUn/uKA6B3NTIEv58ZSRJKpseltti/Be3yR7t6s3Td2uc9RXwTewYQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
43207822e8e2f03f8d25f80b886eecec7cff3dd3f8a8b1df640590b86697582a

Request headers

:path
/wp-content/themes/bgr-2021/assets/fonts/noto-sans/noto-sans-semibold.ttf
pragma
no-cache
origin
https://bgr.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
bgr.com
referer
https://bgr.com/_static/??-eJydkNsOwjAIhl9IhtuFZhfGZ6kdm509pbAZ397aOGOiiQeuoPB/0B/PEXTwQl7QTRDtNBjPyKSSPiJZxWJ0TMSMnWFBnZOUn4U6iIGF4WCDPgHLxRJXzvgqj6zwCbswo9PwnPc2KDF+gNl0FFAxk3BZ8OiM52jVhdJbrhzJEeNhSNCsm3oBlDP7PMM/KcoHXhTfWtIrnUn/uKA6B3NTIEv58ZSRJKpseltti/Be3yR7t6s3Td2uc9RXwTewYQ==
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://bgr.com
Referer
https://bgr.com/_static/??-eJydkNsOwjAIhl9IhtuFZhfGZ6kdm509pbAZ397aOGOiiQeuoPB/0B/PEXTwQl7QTRDtNBjPyKSSPiJZxWJ0TMSMnWFBnZOUn4U6iIGF4WCDPgHLxRJXzvgqj6zwCbswo9PwnPc2KDF+gNl0FFAxk3BZ8OiM52jVhdJbrhzJEeNhSNCsm3oBlDP7PMM/KcoHXhTfWtIrnUn/uKA6B3NTIEv58ZSRJKpseltti/Be3yR7t6s3Td2uc9RXwTewYQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:21 GMT
content-encoding
gzip
age
898
x-cache
hit
content-length
174942
x-rq
hhn2 114 22 3257
last-modified
Fri, 07 May 2021 00:36:44 GMT
server
nginx
etag
W/"60948b9c-4c97c"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 26 May 2022 18:11:21 GMT
41SbCZ8U52L._SL160_.jpg
m.media-amazon.com/images/I/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/41SbCZ8U52L._SL160_.jpg
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ac00:1d:d7f6:39cf:a761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3c7ac95f992fa068b509eda38902d24e0747f7168efcfbd74532cc1e30637a42

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:08:20 GMT
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
age
3814739
edge-cache-tag
x-cache-983,/images/I/41SbCZ8U52L
x-cache
Hit from cloudfront
content-length
3808
surrogate-key
x-cache-983 /images/I/41SbCZ8U52L
last-modified
Tue, 12 Nov 2019 15:47:24 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
280c43ad-0f75-48be-bac4-35edce71b6bb
x-amz-cf-pop
DUS51-C1
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
mTCyW_qCbFnwtpUjX0gnbuQhMASuYrRMrvIXKYha-agFIlAlKTX_Xg==
expires
Sun, 07 Apr 2041 14:32:23 GMT
iphone-12-2.jpg
bgr.com/wp-content/uploads/2021/04/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2021/04/iphone-12-2.jpg?quality=70&strip=all&w=720&h=405&crop=1
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a676406b7b7d030315587a725465701422973945f916cf58e74652c801574893

Request headers

:path
/wp-content/uploads/2021/04/iphone-12-2.jpg?quality=70&strip=all&w=720&h=405&crop=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 88 443
last-modified
Tue, 18 May 2021 14:34:12 GMT
server
nginx
etag
"d231eb21c4d81d3e"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6488
expires
Wed, 18 May 2022 14:34:12 GMT
enternals-first-trailer-official.jpg
bgr.com/wp-content/uploads/2021/05/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2021/05/enternals-first-trailer-official.jpg?quality=70&strip=all&w=350&h=203&crop=1
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
af345949ee08313eb0c612d4a7df07ca4a0892776526eec3ff4189d46587d374

Request headers

:path
/wp-content/uploads/2021/05/enternals-first-trailer-official.jpg?quality=70&strip=all&w=350&h=203&crop=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 32 443
last-modified
Mon, 24 May 2021 21:33:26 GMT
server
nginx
etag
"27b98a9f5d31d023"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6510
expires
Tue, 24 May 2022 21:33:26 GMT
modern-house-smart-home-garage.jpg
bgr.com/wp-content/uploads/2021/05/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2021/05/modern-house-smart-home-garage.jpg?quality=70&strip=all&w=350&h=203&crop=1
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2e28652e2cfba8ced64253dbd3be1b2786eca218d26f0161cd1f491da7ef73d5

Request headers

:path
/wp-content/uploads/2021/05/modern-house-smart-home-garage.jpg?quality=70&strip=all&w=350&h=203&crop=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 196 443
last-modified
Thu, 20 May 2021 14:41:49 GMT
server
nginx
etag
"23d6cad951d8799e"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14428
expires
Fri, 20 May 2022 14:41:49 GMT
rsz_adobestock_334809261.jpg
bgr.com/wp-content/uploads/2020/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2020/08/rsz_adobestock_334809261.jpg?resize=250,250
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
90c847b7259c0359f6990d79d7fa02ed58d80539d5fe8b08a87423caaf0954be

Request headers

:path
/wp-content/uploads/2020/08/rsz_adobestock_334809261.jpg?resize=250,250
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 200 443
last-modified
Wed, 26 May 2021 17:17:49 GMT
server
nginx
etag
"b62e7c6ee710eba6"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10256
expires
Thu, 26 May 2022 17:17:49 GMT
rsz_adobestock_400019449.jpg
bgr.com/wp-content/uploads/2021/04/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2021/04/rsz_adobestock_400019449.jpg?resize=250,250
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
960e3b41d6216502c8dbaa8aab3f3aa90f83f3535ebc7d50969c6e43d2e14f22

Request headers

:path
/wp-content/uploads/2021/04/rsz_adobestock_400019449.jpg?resize=250,250
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 27 443
last-modified
Tue, 18 May 2021 15:30:54 GMT
server
nginx
etag
"c30e1438801663da"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
22430
expires
Wed, 18 May 2022 15:30:54 GMT
rsz_adobestock_396916168-Cropped.jpg
bgr.com/wp-content/uploads/2021/05/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2021/05/rsz_adobestock_396916168-Cropped.jpg?resize=250,250
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3547d7cb0d0127fd5fb3d8dd939921adc2127fcf43dd20ee22b0fd20464dc9ef

Request headers

:path
/wp-content/uploads/2021/05/rsz_adobestock_396916168-Cropped.jpg?resize=250,250
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 200 443
last-modified
Tue, 18 May 2021 17:28:32 GMT
server
nginx
etag
"d9f4acf397339f69"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
27422
expires
Wed, 18 May 2022 17:28:32 GMT
Black-Widow.jpg
bgr.com/wp-content/uploads/2020/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2020/09/Black-Widow.jpg?resize=250,250
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d3fd6f41480f66e099475b75cfd8a20a63bccf6560c699d23d557a94853daab2

Request headers

:path
/wp-content/uploads/2020/09/Black-Widow.jpg?resize=250,250
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 32 443
last-modified
Tue, 25 May 2021 19:05:19 GMT
server
nginx
etag
"dd12e4dda185017f"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6028
expires
Wed, 25 May 2022 19:05:19 GMT
rsz_adobestock_341162423.jpg
bgr.com/wp-content/uploads/2020/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2020/09/rsz_adobestock_341162423.jpg?resize=250,250
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b063d97688b0ae65ffa31a1829cc70b2a64362fff0bcfb336347e120509aa263

Request headers

:path
/wp-content/uploads/2020/09/rsz_adobestock_341162423.jpg?resize=250,250
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 86 443
last-modified
Mon, 24 May 2021 19:51:48 GMT
server
nginx
etag
"cdb86d2b735f8130"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10060
expires
Tue, 24 May 2022 19:51:48 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035310&c3=&c4=&c5=&c6=&c15=&ns__t=1622052682159&ns_c=UTF-8&cv=3.5&c8=This%20dangerous%20new%20malware%20is%20stealing%20people%E2%80%99s%20passwords%20%E...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035310&c3=&c4=&c5=&c6=&c15=&ns__t=1622052682159&ns_c=UTF-8&cv=3.5&c8=This%20dangerous%20new%20malware%20is%20stealing%20people%E2%80%99s%20passwords%20%...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035310&c3=&c4=&c5=&c6=&c15=&ns__t=1622052682159&ns_c=UTF-8&cv=3.5&c8=This%20dangerous%20new%20malware%20is%20stealing%20people%E2%80%99s%20passwords%20%E2%80%93%20BGR&c7=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&c9=https%3A%2F%2Fapple.news%2F
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-29.fra6.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
12mX8LF4F56Tjj_GcL9MPwOAR_CBs_0gJdL6CHr9jqMFjQoJc0uxDg==

Redirect headers

date
Wed, 26 May 2021 18:11:22 GMT
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035310&c3=&c4=&c5=&c6=&c15=&ns__t=1622052682159&ns_c=UTF-8&cv=3.5&c8=This%20dangerous%20new%20malware%20is%20stealing%20people%E2%80%99s%20passwords%20%E2%80%93%20BGR&c7=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&c9=https%3A%2F%2Fapple.news%2F
content-length
390
x-amz-cf-id
cK-W8wlClncl4WO6b17JYvdo4YuBGqah2sdWjghSrSLZ4PtYWe07qQ==
2048158068807929
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2048158068807929?v=2.9.40&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9c68983ab5933a4a94e0c3fe2e435c7500c66ad57045e4e70ad9ce5b3325f7cf
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
74110
x-fb-rlafr
0
pragma
public
x-fb-debug
WCwBRHWDAoAGfuQFxrW9pPHnO3L/pmDmJl2TR0V+g7rymUY1Q7LGeSGXTLlMaYDiyp+WZrgmxPZB/eipwrmJrw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 26 May 2021 18:11:22 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bedsheets-e1610142875597.jpg
bgr.com/wp-content/uploads/2021/01/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2021/01/bedsheets-e1610142875597.jpg?resize=250,250
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2984a495025071565e785b40324f6f308f019dc403552f769b0d3f1d6b9d2cfb

Request headers

:path
/wp-content/uploads/2021/01/bedsheets-e1610142875597.jpg?resize=250,250
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 196 443
last-modified
Wed, 26 May 2021 16:58:01 GMT
server
nginx
etag
"d68c11e657bf1f3e"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6230
expires
Thu, 26 May 2022 16:58:01 GMT
amazon-boxes-deals-sign.jpg
bgr.com/wp-content/uploads/2020/09/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2020/09/amazon-boxes-deals-sign.jpg?resize=250,250
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fca71b82e14846b996860a4f291a3ce2954db3fe8257b04375be9fc31980984f

Request headers

:path
/wp-content/uploads/2020/09/amazon-boxes-deals-sign.jpg?resize=250,250
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 86 443
last-modified
Wed, 19 May 2021 06:16:16 GMT
server
nginx
etag
"4136eb2e7bd0f3df"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18912
expires
Thu, 19 May 2022 06:16:16 GMT
modern-house-smart-home-garage.jpg
bgr.com/wp-content/uploads/2021/05/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2021/05/modern-house-smart-home-garage.jpg?resize=250,250
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
179969794d5f25a2d570153df7f62889e46286b7fb23f87888f08f7b69265156

Request headers

:path
/wp-content/uploads/2021/05/modern-house-smart-home-garage.jpg?resize=250,250
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 196 443
last-modified
Thu, 20 May 2021 12:22:32 GMT
server
nginx
etag
"6af72ad0e28a14e7"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
23842
expires
Fri, 20 May 2022 12:22:32 GMT
amazon-sign-black-friday-deals.jpg
bgr.com/wp-content/uploads/2019/11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2019/11/amazon-sign-black-friday-deals.jpg?resize=250,250
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
61744f224b58cba3fc7653d9cb9e0175c1e24172d1d804b32b3eecd1159be7bd

Request headers

:path
/wp-content/uploads/2019/11/amazon-sign-black-friday-deals.jpg?resize=250,250
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 142 443
last-modified
Thu, 20 May 2021 12:38:04 GMT
server
nginx
etag
"1eac3ef8f02c3724"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10334
expires
Fri, 20 May 2022 12:38:04 GMT
Snaptain-S5C-2K-Camera-Drone.jpg
bgr.com/wp-content/uploads/2021/04/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2021/04/Snaptain-S5C-2K-Camera-Drone.jpg?resize=250,250
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36ae32429e17d6399d9dc5e25cd65cd7034ea218b5ff091809dcfa8f9e7df91e

Request headers

:path
/wp-content/uploads/2021/04/Snaptain-S5C-2K-Camera-Drone.jpg?resize=250,250
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 30 443
last-modified
Tue, 25 May 2021 18:36:12 GMT
server
nginx
etag
"977d50b2124e729a"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
25188
expires
Wed, 25 May 2022 18:36:12 GMT
logEvent
manychat.com/pixel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://manychat.com/pixel/logEvent
Protocol
H2
Server
18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://bgr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
openresty/1.17.8.2
date
Wed, 26 May 2021 18:11:22 GMT
access-control-allow-origin
https://bgr.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
css
fonts.googleapis.com/ 		1 KB
490 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:600,500,400,300
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
257dd6cd74a3c887e83a1f454cb446ffb19d25882760a47f886f3e01f42987fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 May 2021 16:12:29 GMT
server
ESF
date
Wed, 26 May 2021 18:11:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 May 2021 18:11:22 GMT
logEvent
manychat.com/pixel/ 		15 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://manychat.com/pixel/logEvent
Requested by
Host: mccdn.me
URL: https://mccdn.me/assets/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software
openresty/1.17.8.2 /
Resource Hash
52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 26 May 2021 18:11:22 GMT
content-encoding
gzip
server
openresty/1.17.8.2
content-type
application/json
pixel
q.quora.com/_/ad/1013bc3efebd417594984a1c0f0298eb/ 		43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/1013bc3efebd417594984a1c0f0298eb/pixel?j=1&u=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&tag=ViewContent&ts=1622052682428
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.194.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:22 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Q-Stat
,ce5775dd02c5914c008a0a59228f6b33,10.0.0.64,55722,144.76.109.30,,88954088869,1,1622052682.808,0.001,,.,0,0,0.000,0.004,-,0,0,203,191,95,10,26847,,,,,,-,
Content-Type
image/gif
en.json
cdn.cookielaw.org/consent/16a54367-bca8-47c3-89fe-1ebefbc8c0e5/c67b4f0f-b201-4ce5-ba95-9cc97c2ef9a0/ 		53 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/16a54367-bca8-47c3-89fe-1ebefbc8c0e5/c67b4f0f-b201-4ce5-ba95-9cc97c2ef9a0/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9c410790f8e75384f2ff6b95c2eb18a26052e6ced2e4a21a82620cfc9b2b010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 May 2021 18:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
4ysjHqFv1DxoUbTT/Wzbtg==
age
6368
vary
Accept-Encoding
content-length
13851
cf-request-id
0a4b78d2cc00004e974930e000000001
x-ms-lease-status
unlocked
last-modified
Tue, 16 Mar 2021 22:41:32 GMT
server
cloudflare
etag
0x8D8E8CCA5922F6B
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
733e0ce3-a01e-017d-0e9e-35027b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6558f731498b4e97-FRA
iab2Data.json
cdn.cookielaw.org/vendorlist/ 		247 KB
34 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4241410f8455b20467d69e23721cf15b0683c57bc2cfeb494d3aea97588f84ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 May 2021 18:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
RU9XCkPcrH+b9GdGh4lx2w==
age
11547
vary
Accept-Encoding
content-length
34950
cf-request-id
0a4b78d2d200004e9711223000000001
x-ms-lease-status
unlocked
last-modified
Wed, 26 May 2021 13:00:02 GMT
server
cloudflare
etag
0x8D920462D2BED58
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7c4d20f0-b01e-0083-413f-52784b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6558f731499c4e97-FRA
otTCF.js
cdn.cookielaw.org/scripttemplates/6.10.0/ 		67 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.10.0/otTCF.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 May 2021 18:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
iXlp8PB9nD0YCMZBaEfbOQ==
age
5605816
vary
Accept-Encoding
content-length
14815
cf-request-id
0a4b78d2ce0000c290f8354000000001
x-ms-lease-status
unlocked
last-modified
Thu, 03 Dec 2020 02:42:58 GMT
server
cloudflare
etag
0x8D89735251FD523
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
261eccb7-c01e-00a5-175e-1fe3ff000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6558f7314d70c290-FRA
expires
Thu, 03 Jun 2021 18:11:22 GMT
theinternetworksltd-technology_tag.js
d3ezl4ajpp2zy8.cloudfront.net/ 		0
0
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2048158068807929&ev=ViewContent&dl=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&rl=https%3A%2F%2Fapple.news%2F&if=false&ts=1622052682695&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.1.1622052682658.1813399158&it=1622052682193&coo=false&exp=l1&rqm=GET
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 26 May 2021 18:11:22 GMT
Narwal-T10-Mop-Robot.jpg
bgr.com/wp-content/uploads/2021/05/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2021/05/Narwal-T10-Mop-Robot.jpg?resize=500,500
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
502c750321d488f614e93073821f7aa1e927544911b586e9f69fd192b22ee1db

Request headers

:path
/wp-content/uploads/2021/05/Narwal-T10-Mop-Robot.jpg?resize=500,500
pragma
no-cache
cookie
usprivacy=1---; _fbp=fb.1.1622052682658.1813399158
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 196 443
last-modified
Tue, 18 May 2021 13:46:02 GMT
server
nginx
etag
"657f05534dc99331"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
22296
expires
Wed, 18 May 2022 13:46:02 GMT
Loki.jpg
bgr.com/wp-content/uploads/2021/02/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2021/02/Loki.jpg?resize=500,500
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3ae4e9e4a4696091675ebbecf55f7133da51513cab70c150333d78bcedc3ca12

Request headers

:path
/wp-content/uploads/2021/02/Loki.jpg?resize=500,500
pragma
no-cache
cookie
usprivacy=1---; _fbp=fb.1.1622052682658.1813399158
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 198 443
last-modified
Fri, 21 May 2021 16:05:29 GMT
server
nginx
etag
"273db7b09a54341b"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
65148
expires
Sat, 21 May 2022 16:05:29 GMT
rsz_adobestock_334809261.jpg
bgr.com/wp-content/uploads/2020/08/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2020/08/rsz_adobestock_334809261.jpg?resize=500,500
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a576c13cade726061ca762a634838b616793ed6b7200e5c9cbbb775f316afd58

Request headers

:path
/wp-content/uploads/2020/08/rsz_adobestock_334809261.jpg?resize=500,500
pragma
no-cache
cookie
usprivacy=1---; _fbp=fb.1.1622052682658.1813399158
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 200 443
last-modified
Wed, 26 May 2021 16:51:16 GMT
server
nginx
etag
"d1899af9d9bbbf62"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
29298
expires
Thu, 26 May 2022 16:51:16 GMT
bedsheets-e1610142875597.jpg
bgr.com/wp-content/uploads/2021/01/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2021/01/bedsheets-e1610142875597.jpg?resize=500,500
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0610610e48dc9032b0fd2aba0f154bf8eb2c5d0f8b9289f33e1769f5137e8987

Request headers

:path
/wp-content/uploads/2021/01/bedsheets-e1610142875597.jpg?resize=500,500
pragma
no-cache
cookie
usprivacy=1---; _fbp=fb.1.1622052682658.1813399158
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 196 443
last-modified
Wed, 26 May 2021 16:18:36 GMT
server
nginx
etag
"77d49f5764be306a"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
17328
expires
Thu, 26 May 2022 16:18:36 GMT
Screen-Shot-2021-05-25-at-8.53.45-PM.jpg
bgr.com/wp-content/uploads/2021/05/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgr.com/wp-content/uploads/2021/05/Screen-Shot-2021-05-25-at-8.53.45-PM.jpg?resize=500,500
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.208 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
aba65aa6fd47b35f3eab75ee07c8bf15270d4e362754aa3c4fa0cc4e73ef846e

Request headers

:path
/wp-content/uploads/2021/05/Screen-Shot-2021-05-25-at-8.53.45-PM.jpg?resize=500,500
pragma
no-cache
cookie
usprivacy=1---; _fbp=fb.1.1622052682658.1813399158
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bgr.com
referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
x-rq
hhn2 109 32 443
last-modified
Wed, 26 May 2021 15:43:32 GMT
server
nginx
etag
"6bb16ce5b82a513f"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11954
expires
Thu, 26 May 2022 15:43:32 GMT
/
r.skimresources.com/api/
Redirect Chain
  • https://r.skimresources.com/api/
  • https://r.skimresources.com/api/?xguid=01F6MXZF27NS67GX345EYKE3T7&persistence=1&checksum=8ca2bde555d9f2d8a4bc5bc3babbce65af9f8d0b6315371106f628e8478bec0c
173 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?xguid=01F6MXZF27NS67GX345EYKE3T7&persistence=1&checksum=8ca2bde555d9f2d8a4bc5bc3babbce65af9f8d0b6315371106f628e8478bec0c
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
52bc123dc38de0b18c3493b692eb7ea05379f2c6365d780c329a7fd2897f8450
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://bgr.com
vary
Accept-Encoding
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google

Redirect headers

date
Wed, 26 May 2021 18:11:22 GMT
via
1.1 google
server
openresty/1.11.2.5
access-control-allow-origin
https://bgr.com
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://r.skimresources.com/api/?xguid=01F6MXZF27NS67GX345EYKE3T7&persistence=1&checksum=8ca2bde555d9f2d8a4bc5bc3babbce65af9f8d0b6315371106f628e8478bec0c
access-control-allow-credentials
true
content-type
text/html
alt-svc
clear
content-length
193
robots.txt
t.skimresources.com/api/v2/ Frame 354A 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.3235795878144212
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=7.387263916235861
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=7.387263916235861
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
content-encoding
gzip
etag
"WhyxmPkT7L77qVDcrjxwGw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 02 Jun 2021 18:11:22 GMT
preload.js
front.optimonk.com/public/98385/js/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://front.optimonk.com/public/98385/js/preload.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
5daaa8d4f0a5735fe5b43861e68e711f33c5035ee4223d43e7f9c04edfb70441
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
etag
W/"77f7-mG/cAWGkTXotPH2fx/S74Ukp2CE"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1350
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 4706 		416 B
797 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=5.7.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/put.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bgr.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bgr.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1622034857.42166"
last-modified
Wed, 26 May 2021 12:53:20 GMT
server
AkamaiNetStorage
content-length
416
cache-control
max-age=345600
date
Wed, 26 May 2021 18:11:22 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1622052682~rv=47~id=7ec3f88fe0898eddf1755a1222bfdccb; path=/; Expires=Wed, 26 May 2021 18:11:22 GMT; Secure; SameSite=None
YmdyLmNvbQ==
tcheck.outbrainimg.com/tcheck/check/ 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/YmdyLmNvbQ==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=5.7.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.161.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-161-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:22 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=20515
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
9604a97f900e9a37518dcefe85f5e655
Content-Length
16
Expires
Wed, 26 May 2021 23:53:17 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=10.920623380609294
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:22 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Fri, 25 Jun 2021 18:11:22 GMT
b-165eba0-c60bd435.js
tagan.adlightning.com/penske/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/penske/b-165eba0-c60bd435.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/penske/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-35.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50819e2aca8fe3acccd0d0bbd70ede9f7dbabc790c1a0d8ac2ee2c488d4d48c9

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 18:42:35 GMT
content-encoding
gzip
age
1294129
x-cache
Hit from cloudfront
content-length
22423
x-amz-meta-git_commit
165eba0
last-modified
Tue, 11 May 2021 18:42:19 GMT
server
AmazonS3
etag
"0dc2eb2f23282059df21c76bed37001d"
x-amz-version-id
LjYZ0lltVjl.Amzi_bCH2C7qmd_TYCyW
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
H-1nsOKmQR6X3HWPeB7uNxPybrkJH0Rkh2Vk51fcW4D9bBE6Pe09mQ==
bl-165eba0-8de34732.js
tagan.adlightning.com/penske/ 		62 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/penske/bl-165eba0-8de34732.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/penske/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-35.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13c1a45c0dc29b00f992a55af04e8eec8199474583752aa82a0ad0aa92b18578

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:12:01 GMT
content-encoding
gzip
age
75563
x-cache
Hit from cloudfront
content-length
24052
x-amz-meta-git_commit
165eba0
last-modified
Tue, 25 May 2021 20:45:51 GMT
server
AmazonS3
etag
"567a978791f0500b32a1448a5b176598"
x-amz-version-id
mDO3x9Mf9HpTjCxhADlbYEv5x_Dsjyd_
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
kwF-y7xvqFMd026LwJBILwyl_q35VqHTR33-s1fohSnOsTjFnHFvhw==
g.gif
pixel.wp.com/ 		50 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.7&blog=178925331&post=5927634&tz=-4&srv=bgr.com&host=bgr.com&ref=https%3A%2F%2Fapple.news%2F&fcp=2164&rand=0.972155569089401
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:23 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame 7954 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fbgr.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/penske/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bgr.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bgr.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1109026
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 26 May 2021 18:11:23 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67BA)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
andoncord
assoc-na.associates-amazon.com/onetag/ 		16 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assoc-na.associates-amazon.com/onetag/andoncord
Requested by
Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=1e33850c-6557-44f9-8fa9-d8a945b7bb10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.243.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:23 GMT
Server
Server
x-amz-rid
SCSFN87GE80S2DNS65CN
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
https://bgr.com
Access-Control-Allow-Credentials
true
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
16
Cookie set /
d.agkn.com/iframe/8613/ Frame 43E9 		481 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d.agkn.com/iframe/8613/?che=738919107&gdpr=&gdpr_consent=&ref=https%3A%2F%2Fapple.news%2F&bpid=penskemedia&c=%7B%22bpid%22%3A%22penskemedia%22%2C%22loc%22%3A%22https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22https%3A%2F%2Fapple.news%2F%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Tech%22%2C%22brd%22%3A%22-1%22%2C%22subcategory%22%3A%22%22%7D
Requested by
Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.172.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
33028b306202787af41768dacb7fbc2b20a84f3a1f026cc0893d177af270fccd

Request headers

Host
d.agkn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bgr.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bgr.com/

Response headers

Cache-Control
no-cache, must-revalidate
Content-Type
text/html;charset=UTF-8
Date
Wed, 26 May 2021 18:11:22 GMT
Expires
Sat, 01 Jan 2000 00:00:00 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Server
Apache-Coyote/1.1
Set-Cookie
ab=0001%3AoBvQCw8k65pfeZc0zVAPhDk4WD3Bw2P9;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure u=C|0AEAoQUvLKEFLywAAAAAAAg1RAQCADVIBAIA;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
Content-Length
481
Connection
keep-alive
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1622052683102&sessionId=3c2d0095-b295-1a69-c31e-3ed9b7e46a72&url=bgr.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=5.7.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 18:11:23 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
6fac0dabae3f58e963567ded4a8a9c43
Content-Length
4
Expires
0
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/6.10.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
452ee2471448cc6b716090a014cf7fc9cc515998bda9dcc334aa073a72a591e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 May 2021 18:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
SH1nUCPouc1JVrHnvxpQbg==
age
3222003
vary
Accept-Encoding
content-length
2857
cf-request-id
0a4b78d6be00004e974223d000000001
x-ms-lease-status
unlocked
last-modified
Thu, 03 Dec 2020 02:42:51 GMT
server
cloudflare
etag
0x8D89735210A49EB
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
47ac6f86-a01e-015f-200c-356c4d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6558f7379acb4e97-FRA
expires
Thu, 03 Jun 2021 18:11:23 GMT
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.10.0/assets/ 		62 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad092aad6edc5a35ceae773fdaa5bdbac93698c70ff67b229f657c5b5697665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 May 2021 18:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
EmYCDnUevXSilDmkLpibsQ==
age
3531135
vary
Accept-Encoding
content-length
14932
cf-request-id
0a4b78d6bf00004e97231fb000000001
x-ms-lease-status
unlocked
last-modified
Thu, 03 Dec 2020 02:42:51 GMT
server
cloudflare
etag
0x8D8973520EF1BA5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f597d057-801e-0143-4b3c-32b45a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6558f7379acd4e97-FRA
expires
Thu, 03 Jun 2021 18:11:23 GMT
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/6.10.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 May 2021 18:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
0TIfq4DA+dnrjtaD3i6fiw==
age
3222003
vary
Accept-Encoding
content-length
2178
cf-request-id
0a4b78d6c700004e9745ae5000000001
x-ms-lease-status
unlocked
last-modified
Thu, 03 Dec 2020 02:42:52 GMT
server
cloudflare
etag
0x8D8973521BF3D68
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
ae6d6567-a01e-0139-580c-35de17000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6558f7379ae24e97-FRA
expires
Thu, 03 Jun 2021 18:11:23 GMT
onetag
assoc-na.associates-amazon.com/ 		64 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22b0c55-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F%22%7D&u=https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Requested by
Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=1e33850c-6557-44f9-8fa9-d8a945b7bb10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.243.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
daa7df99e5d206165747cc3520f264664454b83e88660a089bcbca7c3d8eb74d

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:23 GMT
Server
Server
x-amz-rid
SAN0FPA91SZ3MCA4R98A
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
https://bgr.com
Access-Control-Allow-Credentials
true
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
64
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarycKXEFYE7dK8kuD4P

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Wed, 26 May 2021 18:11:23 GMT
content-type
text/plain
access-control-allow-origin
https://bgr.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
get
odb.outbrain.com/utils/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&srcUrl=https%3A%2F%2Fbgr.com%2Ffeed%2F&idx=0&rand=65742&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=150&py=3073&vpd=1873&cw=976&settings=true&recs=true&version=2000361&sig=Kc9vwKg7&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPG0ZjxPG0ZjxAcABBENBbCgAAAAAAAAACiQAAAAAAAA.YAAAAAAAAAAA&cmpStat=1&ccpa=1---&ccpaStat=1&wdr-natlaz=true&ref=https%3A%2F%2Fapple.news%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/penske/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
da2a8ddf4e24d32b958ab8dc971251fbffcc5358789cfd28df2078877d4ea968

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:23 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.117.37
x-cache-hits
0, 0
x-traceid
d28fdc5f9bda40e273db19ae3af40c33
content-encoding
gzip
content-length
13798
x-served-by
cache-lga21937-LGA, cache-hhn4037-HHN
x-timer
S1622052684.615058,VS0,VE270
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
rid
match.adsrvr.org/track/ 		63 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183734&gdpr=1&gdpr_consent=CPG0ZjxPG0ZjxAcABBENBbCgAAAAAAAAACiQAAAAAAAA.YAAAAAAAAAAA
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183734-148898461760049.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
983736f25b9a341a675693770364c9e032d60601961184936b8be954f957f4e0

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 26 May 2021 18:11:23 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bgr.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 25 Jun 2021 18:11:23 GMT
any
idx.liadm.com/idex/ie/ 		206 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/ie/any
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183734-148898461760049.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.207.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-207-23.compute-1.amazonaws.com
Software
/
Resource Hash
349b6f8a4172449b2ccf91f569f7208e37bd9cf1b5b39c922bbde2e8763440ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 26 May 2021 18:11:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/json
Access-Control-Allow-Origin
https://bgr.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
trace-id
e782ae1a9c9665d3
Content-Length
206
identity
api.rlcdn.com/api/ 		0
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope&cv=CPG0ZjxPG0ZjxAcABBENBbCgAAAAAAAAACiQAAAAAAAA.YAAAAAAAAAAA&ct=4
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183734-148898461760049.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 26 May 2021 18:11:23 GMT
via
1.1 google
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://bgr.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
clear
rules-p-31f3D02tYU8zY.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-31f3D02tYU8zY.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ca00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e10bc1a40f841f371c35a63210db07484bffc8cf0c4d72f2a14fa0d8f5ae0c22

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:00:56 GMT
content-encoding
gzip
age
644
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 19 Mar 2018 22:30:11 GMT
server
AmazonS3
etag
W/"2884aedddb218d2bea034b61c24ecfbd"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
kQU7pugmo_qefqjdH1ug7DkndvEtNR8BoblzEsAoieNtNa81rkqDqw==
log
front.optimonk.com/error/ 		0
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://front.optimonk.com/error/log
Requested by
Host: front.optimonk.com
URL: https://front.optimonk.com/public/98385/js/preload.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 May 2021 18:11:23 GMT
x-content-type-options
nosniff
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
log
front.optimonk.com/error/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://front.optimonk.com/error/log
Requested by
Host: front.optimonk.com
URL: https://front.optimonk.com/public/98385/js/preload.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 May 2021 18:11:23 GMT
x-content-type-options
nosniff
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 4706 		610 B
992 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/test.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
thirdparty=yes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges
bytes
content-type
text/html
etag
"48053d50141031b1511dbd30f9a31288:1622034858.122559"
last-modified
Wed, 26 May 2021 12:53:20 GMT
server
AkamaiNetStorage
content-length
610
cache-control
max-age=345600
date
Wed, 26 May 2021 18:11:23 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1622052683~rv=20~id=65d47b13f32be497b6f4325968db3541; path=/; Expires=Wed, 26 May 2021 18:11:23 GMT; Secure; SameSite=None
page
t.skimresources.com/api/v2/ 		22 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/87443X1540249.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 May 2021 18:11:23 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://bgr.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
g.pixel
aa.agkn.com/adscores/ Frame 43E9
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212293468&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adadvisor&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adadvisor&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=f718825e-4205-4e90-bcc5-9a361067523a
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=f718825e-4205-4e90-bcc5-9a361067523a
Requested by
Host: d.agkn.com
URL: https://d.agkn.com/iframe/8613/?che=738919107&gdpr=&gdpr_consent=&ref=https%3A%2F%2Fapple.news%2F&bpid=penskemedia&c=%7B%22bpid%22%3A%22penskemedia%22%2C%22loc%22%3A%22https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22https%3A%2F%2Fapple.news%2F%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Tech%22%2C%22brd%22%3A%22-1%22%2C%22subcategory%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.29.5 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-29-5.eu-west-2.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://d.agkn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 18:11:24 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 18:11:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=f718825e-4205-4e90-bcc5-9a361067523a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
217
/
pixel.mathtag.com/sync/img/ Frame 43E9
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212293438
  • https://pixel.mathtag.com/sync/img?redir=https://aa.agkn.com/adscores/g.pixel%3Fsid%3D9312292258%26mt%3D%5BMM_UUID%5D
  • https://aa.agkn.com/adscores/g.pixel?sid=9312292258&mt=7ec560ae-8f4b-4700-8ee7-46a1bc005bee
  • https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=267460603798015166896
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=267460603798015166896
Requested by
Host: d.agkn.com
URL: https://d.agkn.com/iframe/8613/?che=738919107&gdpr=&gdpr_consent=&ref=https%3A%2F%2Fapple.news%2F&bpid=penskemedia&c=%7B%22bpid%22%3A%22penskemedia%22%2C%22loc%22%3A%22https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22https%3A%2F%2Fapple.news%2F%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Tech%22%2C%22brd%22%3A%22-1%22%2C%22subcategory%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3736 915c305 master zrh-pixel-x31 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://d.agkn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:24 GMT
Server
MT3 3736 915c305 master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 26 May 2021 18:11:23 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 May 2021 18:11:24 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=267460603798015166896
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
settings
syndication.twitter.com/ Frame 7954 		256 B
441 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=5cda257f035afb5dd8eed6928bf464a0946b2462
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fbgr.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:24 GMT
content-encoding
gzip
last-modified
Wed, 26 May 2021 18:11:25 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
5af3d1952dc5360a064a0e57a0680b1b09b21c7c01c4ada58f0c3f02c980156f
content-length
176
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:24 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1613570897.992119"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Fri, 25 Jun 2021 18:11:24 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:24 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Fri, 25 Jun 2021 18:11:24 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
291 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=4093d6264eda78c34efd7d5c4a36a0e3_7486_1622052683822&tm=1595&eT=0&widgetWidth=976&widgetHeight=607&widgetX=150&widgetY=3073&wRV=2000361&pVis=1&lsd=-1&eIdx=&ccpa=1---&cnsntV2=CPG0ZjxPG0ZjxAcABBENBbCgAAAAAAAAACiQAAAAAAAA.YAAAAAAAAAAA&cheq=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=5.7.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 26 May 2021 18:11:25 GMT
content-encoding
gzip
X-TraceId
c6be17fd341e53895f11da639e2f1dd
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame AA05 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/penske/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5bdf881868ac7b463d2c26adb5b2191eec0ca3dcf013741fec60d7968b4c5e2b

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/widgetOBUserSync/obUserSync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bgr.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bgr.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"978c043087ae13e54442ade6ea7cf2e1:1621941737.600191"
last-modified
Tue, 25 May 2021 11:22:06 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=86400
expires
Thu, 27 May 2021 18:11:25 GMT
date
Wed, 26 May 2021 18:11:25 GMT
content-length
5461
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1622052685~rv=49~id=73ca9782f836eb2f7a068bfaac6cf91d; path=/; Expires=Wed, 26 May 2021 18:11:25 GMT; Secure; SameSite=None
streamFeed.js
widgets.outbrain.com/nanoWidget/2000361/module/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000361/module/streamFeed.js?e=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/penske/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.215 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-225-215.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c751558042cd242729945cadeca90d2513d71ae7811992be768a07751266fa0a

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:24 GMT
content-encoding
gzip
last-modified
Wed, 26 May 2021 12:53:20 GMT
server
AkamaiNetStorage
etag
"fb72f6a69adbce506f05d59b699bcc5f:1622034778.651015"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=345600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
17520
get
odb.outbrain.com/utils/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&srcUrl=https%3A%2F%2Fbgr.com%2Ffeed%2F&idx=1&rand=92751&key=NANOWDGT01&widgetJSId=AR_2&va=true&et=true&format=html&pdobuid=-1&t=NDA5M2Q2MjY0ZWRhNzhjMzRlZmQ3ZDVjNGEzNmEwZTM=&adblck=false&abwl=false&px=150&py=3699&vpd=2499&cw=976&settings=true&recs=true&version=2000361&sig=Kc9vwKg7&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPG0ZjxPG0ZjxAcABBENBbCgAAAAAAAAACiQAAAAAAAA.YAAAAAAAAAAA&cmpStat=1&ccpa=1---&ccpaStat=1&wdr-natlaz=true&ref=https%3A%2F%2Fapple.news%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/penske/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f49220ab18ff82c2339b4800187c368792c3ed60c4cbe7317eec90e5068bb3f8

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:24 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1622052685.607037,VS0,VE98
accept-ranges
bytes
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
backend-ip
157.52.117.30
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits
0, 0
x-traceid
a3141b290fd09227b7ba1a116716ac40
content-encoding
gzip
content-length
1216
x-served-by
cache-lga21930-LGA, cache-hhn4037-HHN
eyJpdSI6IjNiZjlhODY5OWIwMTk5OWMxMmMxMDdiMzZiNmU4NjU5MmY5ODA1MTFmODZkMmE1YjlhNzNiNDM2OWY0N2E2NzgiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNiZjlhODY5OWIwMTk5OWMxMmMxMDdiMzZiNmU4NjU5MmY5ODA1MTFmODZkMmE1YjlhNzNiNDM2OWY0N2E2NzgiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.161.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-161-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
77bf21aeec3b199020201f1722dbce7ab9d382c6bd5d60202e33a723d3b3a073

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:25 GMT
cache-control
max-age=1754743
last-modified
Thu, 08 Apr 2021 12:10:00 GMT
x-traceid
fa229cf0248279b3745a6c777b77db94
timing-allow-origin
*
content-length
68054
content-type
image/webp
eyJpdSI6ImYzNWUyZDQ5ZmZkNjIxZTU4YjU2M2JkYzQwNWU0NGMwZGUzMjM4ZTQ3NjMzOGIzZjJjMDk1Mjc5MWUzOTY4NjMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImYzNWUyZDQ5ZmZkNjIxZTU4YjU2M2JkYzQwNWU0NGMwZGUzMjM4ZTQ3NjMzOGIzZjJjMDk1Mjc5MWUzOTY4NjMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.161.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-161-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0a9b8de347117ae272874ee0794532b1b5dd27c9569c52df4535f8b7c122606f

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:25 GMT
cache-control
max-age=1829058
last-modified
Tue, 23 Mar 2021 07:52:14 GMT
x-traceid
27c91394bb259e3ce6e0a572dce2fd88
timing-allow-origin
*
content-length
39954
content-type
image/webp
eyJpdSI6IjUyYzQ0NTNjYjdjMDc5ZTE5NTc1MjI5YjI4MjRhZWFhNDQxMTYyZjg1NTU5NGM5YmVhM2I3ZGYxMDg2ZGI2MGIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjUyYzQ0NTNjYjdjMDc5ZTE5NTc1MjI5YjI4MjRhZWFhNDQxMTYyZjg1NTU5NGM5YmVhM2I3ZGYxMDg2ZGI2MGIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.161.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-161-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
579bc78ae1b468691de42c7d2df2da745f8ef8a7ef9b209483c8cd4afbb61554

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:25 GMT
cache-control
max-age=1750030
last-modified
Fri, 09 Apr 2021 21:03:53 GMT
x-traceid
13f8eeec5f578e05f232fc5b3646b544
timing-allow-origin
*
content-length
24178
content-type
image/webp
eyJpdSI6IjQ1N2I3ODZkMDA1Mzg1YzZiOWFiNjhkMmMwYTU1NWFmM2YzN2U3MDQwODNiMWEyOTc2ODQ4MTkyYzM4MDI3OWYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQ1N2I3ODZkMDA1Mzg1YzZiOWFiNjhkMmMwYTU1NWFmM2YzN2U3MDQwODNiMWEyOTc2ODQ4MTkyYzM4MDI3OWYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.161.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-161-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
499e22ab9cf04814864fdcef6cfb1fe4c631d43b966ee26b560e2e368406efbe

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:25 GMT
cache-control
max-age=1138458
last-modified
Tue, 11 May 2021 10:21:23 GMT
x-traceid
fe45d7964900c234b8865aa477f8d394
timing-allow-origin
*
content-length
21400
content-type
image/webp
eyJpdSI6IjE1ODI5ZTYwOTU1YTEwZmZkNDMwMDhhMjkwYjA5ZGZkNmRmZjYzZjBlOThkN2VhYTVkYjc5YzBkMGFkMjA0OGUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE1ODI5ZTYwOTU1YTEwZmZkNDMwMDhhMjkwYjA5ZGZkNmRmZjYzZjBlOThkN2VhYTVkYjc5YzBkMGFkMjA0OGUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.161.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-161-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9187fba341ca0c57d86df8d74ea13f0691a63a4ddb38fe6fd857462d46103f0b

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:25 GMT
cache-control
max-age=1347382
last-modified
Thu, 13 May 2021 14:36:34 GMT
x-traceid
a779dfd04da2da342170f726af13bae4
timing-allow-origin
*
content-length
21672
content-type
image/webp
eyJpdSI6ImY3MTU0NGE4ZjQ2ZTdiNjU0MDczNzM2ZDI1MzcwMTFhZDk4ZDYyMWU1ZGI2MjY0YTUzMGQ2NTA3MmQzNGZkYTMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY3MTU0NGE4ZjQ2ZTdiNjU0MDczNzM2ZDI1MzcwMTFhZDk4ZDYyMWU1ZGI2MjY0YTUzMGQ2NTA3MmQzNGZkYTMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.161.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-161-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
31798da61280c92ee918958b793b3127747146f65718fc2a709a1215242d574a

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:25 GMT
cache-control
max-age=532767
last-modified
Mon, 03 May 2021 13:35:42 GMT
x-traceid
c0e0cc83ba6fabba006419971d66c649
timing-allow-origin
*
content-length
14330
content-type
image/webp
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=269b2afaf1b197ffc478e118be5fe398_7486_1622052684652&tm=2249&eT=6&wRV=2000361&pVis=0&lsd=-1&eIdx=&ccpa=1---&cnsntV2=CPG0ZjxPG0ZjxAcABBENBbCgAAAAAAAAACiQAAAAAAAA.YAAAAAAAAAAA&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=5.7.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 26 May 2021 18:11:25 GMT
content-encoding
gzip
X-TraceId
d2faa136443f194997c8f62a882e1670
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
get
mv.outbrain.com/Multivac/api/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&settings=true&recs=true&widgetJSId=AR_1&key=NANOWDGT01&version=2000361&apv=true&sig=Kc9vwKg7&format=html&rand=15881&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=1&cnsntv2=CPG0ZjxPG0ZjxAcABBENBbCgAAAAAAAAACiQAAAAAAAA.YAAAAAAAAAAA&ccpa=1---&ccpaStat=1&srcUrl=https%3A%2F%2Fbgr.com%2Ffeed%2F&scrW=1600&scrH=1200&t=NDA5M2Q2MjY0ZWRhNzhjMzRlZmQ3ZDVjNGEzNmEwZTM=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=1&lastCardIdx=0&fAB=11523-77045&layeredTestInfo=11523-77045-&pcer=p%3D109F984jmmynsSnAe0HIQJQBfeDRT7799Ivm3_cGFWg%26c%3D811564ad%26v%3D3&dpr=1&cw=976&wdr-natlaz=true&ref=https%3A%2F%2Fapple.news%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/penske/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6e6cfd3737502c5f7f2e958a3e630dcac66aecdc0e2f058fc082462260940d15

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:25 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.117.55
x-cache-hits
0, 0
x-traceid
5406d87026fc57ecbd33cefb86b9b4a1
content-encoding
gzip
content-length
22987
x-served-by
cache-lga21955-LGA, cache-hhn4037-HHN
x-timer
S1622052685.235012,VS0,VE611
vary
Accept-Encoding, User-Agent
content-type
application/json; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
horizon_tweet.2bd42981e3af03ce9186a5655508da28.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.2bd42981e3af03ce9186a5655508da28.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/penske/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
263627ec362c25037d69022de008fad33cf85ec7267604a5ae5c8e6fe4ad9e38

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:56:41 GMT
Server
ECS (frb/669E)
Age
1109029
Etag
"43544c32afe87494042045e40e7b3213+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2436
Tweet.html
platform.twitter.com/embed/ Frame 5646 		487 B
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=aemeek&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1395138347601854465&lang=en&origin=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&sessionId=5cda257f035afb5dd8eed6928bf464a0946b2462&siteUserId=18131006&theme=light&widgetsVersion=82e1070%3A1619632193066&width=500px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
6a76f4bba8f5f4895c3aa44d243a16e8b3ae0d9b53a2cefa06b10480c5df6575

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bgr.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bgr.com/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Age
1362
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Wed, 26 May 2021 18:11:25 GMT
Etag
"269cf10e2a7312e6a00f34db0a9547f0"
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6724)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
embed.runtime.e903d38956688915ba03.js
platform.twitter.com/embed/ Frame 5646 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=aemeek&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1395138347601854465&lang=en&origin=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&sessionId=5cda257f035afb5dd8eed6928bf464a0946b2462&siteUserId=18131006&theme=light&widgetsVersion=82e1070%3A1619632193066&width=500px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6713) /
Resource Hash
7b5a69f728a7160605b396d9e4411856db9e4d9bbcd4b830cd946da9aee455af

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=aemeek&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1395138347601854465&lang=en&origin=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&sessionId=5cda257f035afb5dd8eed6928bf464a0946b2462&siteUserId=18131006&theme=light&widgetsVersion=82e1070%3A1619632193066&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/6713)
Age
1109029
Etag
"327f4c83fe34cb71a7f1d17e1ecff998+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
3500
embed.modules.ff962fc355c6a950595b.js
platform.twitter.com/embed/ Frame 5646 		501 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.ff962fc355c6a950595b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=aemeek&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1395138347601854465&lang=en&origin=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&sessionId=5cda257f035afb5dd8eed6928bf464a0946b2462&siteUserId=18131006&theme=light&widgetsVersion=82e1070%3A1619632193066&width=500px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6772) /
Resource Hash
7519e61aea4f2c775a819496a69370040c9fdbf229fd19e5be139e79be481a23

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=aemeek&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1395138347601854465&lang=en&origin=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&sessionId=5cda257f035afb5dd8eed6928bf464a0946b2462&siteUserId=18131006&theme=light&widgetsVersion=82e1070%3A1619632193066&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/6772)
Age
1109028
Etag
"a66126f3a79b85f4c0c4507611cea855+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
163501
embed.i18n.7474183ca0815ae94d99.js
platform.twitter.com/embed/ Frame 5646 		146 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.7474183ca0815ae94d99.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=aemeek&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1395138347601854465&lang=en&origin=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&sessionId=5cda257f035afb5dd8eed6928bf464a0946b2462&siteUserId=18131006&theme=light&widgetsVersion=82e1070%3A1619632193066&width=500px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
db75b790206a2694094f8cae3da3176a7086f929e4f41c3fafe6e07490dc4a87

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=aemeek&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1395138347601854465&lang=en&origin=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&sessionId=5cda257f035afb5dd8eed6928bf464a0946b2462&siteUserId=18131006&theme=light&widgetsVersion=82e1070%3A1619632193066&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:25 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/67DF)
Age
1109029
Etag
"e6c6cbe873374a156f56ded129f56d5f"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
146
embed.Tweet.1f1e232812574df49967.js
platform.twitter.com/embed/ Frame 5646 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.1f1e232812574df49967.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=aemeek&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1395138347601854465&lang=en&origin=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&sessionId=5cda257f035afb5dd8eed6928bf464a0946b2462&siteUserId=18131006&theme=light&widgetsVersion=82e1070%3A1619632193066&width=500px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669F) /
Resource Hash
ce609a18ff66b8f8d0318be227f176f99e3de7ee383253b1b4e9a1caa230afac

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=aemeek&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1395138347601854465&lang=en&origin=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&sessionId=5cda257f035afb5dd8eed6928bf464a0946b2462&siteUserId=18131006&theme=light&widgetsVersion=82e1070%3A1619632193066&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/669F)
Age
1109029
Etag
"fbf967b3f220fece471a4e4129f0cc4f+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5558
embed.vendors~ondemand.horizon-web.en-js.1b1ac18d747389819c25.js
platform.twitter.com/embed/ Frame 5646 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.1b1ac18d747389819c25.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6763) /
Resource Hash
d309618347368b498f6cd50c4110fbaaafafed5ba9fd992ff1bbcf45df8a0b2d

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=aemeek&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1395138347601854465&lang=en&origin=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&sessionId=5cda257f035afb5dd8eed6928bf464a0946b2462&siteUserId=18131006&theme=light&widgetsVersion=82e1070%3A1619632193066&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:46 GMT
Server
ECS (frb/6763)
Age
1109029
Etag
"38647a0ff28c7b912391b716ba0f8c16+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
7047
embed.ondemand.i18n.en-js.cb63759befa0dfd78a30.js
platform.twitter.com/embed/ Frame 5646 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.cb63759befa0dfd78a30.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
e0cdcd18df62db5dab7fc26e2f03e5835191e4015f30c7b27783c49c9023273e

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=aemeek&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1395138347601854465&lang=en&origin=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&sessionId=5cda257f035afb5dd8eed6928bf464a0946b2462&siteUserId=18131006&theme=light&widgetsVersion=82e1070%3A1619632193066&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:46 GMT
Server
ECS (frb/674C)
Age
1109029
Etag
"616b7fcc3d03d63c086daa26449f6e1c+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
1631
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.a5abf0628fba95cb8815.js
platform.twitter.com/embed/ Frame 5646 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.a5abf0628fba95cb8815.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
2e84aaf06139c7610a7c716bb9fd310dea3e427aa77c678719f34b8d14d569ef

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=aemeek&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1395138347601854465&lang=en&origin=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&sessionId=5cda257f035afb5dd8eed6928bf464a0946b2462&siteUserId=18131006&theme=light&widgetsVersion=82e1070%3A1619632193066&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/67A7)
Age
1109029
Etag
"d35adddaf762aff633594466ee574ed5+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2872
embed.vendors~ondemand.TimelineList~ondemand.Tweet.bc5c84d1d066f0f68a3e.js
platform.twitter.com/embed/ Frame 5646 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.Tweet.bc5c84d1d066f0f68a3e.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
8a533b2f001d4d30d190e2cbf285dc6ca675eb533976ac5f22f165ba24fce6bc

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=aemeek&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1395138347601854465&lang=en&origin=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&sessionId=5cda257f035afb5dd8eed6928bf464a0946b2462&siteUserId=18131006&theme=light&widgetsVersion=82e1070%3A1619632193066&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/674C)
Age
1109029
Etag
"ad23ef62af2a45b4d83cc9a361ec2bfb+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
14567
embed.vendors~loader.UserAvatar~ondemand.Tweet.a1f0e159954fc47fc771.js
platform.twitter.com/embed/ Frame 5646 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~loader.UserAvatar~ondemand.Tweet.a1f0e159954fc47fc771.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C1) /
Resource Hash
f061c6836f4de43ab0b492cce4b4a22af4ea18b03c195343cbb447ebb2b167f7

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=aemeek&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1395138347601854465&lang=en&origin=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&sessionId=5cda257f035afb5dd8eed6928bf464a0946b2462&siteUserId=18131006&theme=light&widgetsVersion=82e1070%3A1619632193066&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:46 GMT
Server
ECS (frb/67C1)
Age
1109029
Etag
"bd7d724b5ac47ef77222a8eb6b034c62+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
8215
embed.vendors~ondemand.Tweet.aa2683674807aadbdc67.js
platform.twitter.com/embed/ Frame 5646 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.aa2683674807aadbdc67.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
23da523a0ffff334fe2ed33b683579bc44b55c457ab79e4934a1873c7e5e0541

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=aemeek&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1395138347601854465&lang=en&origin=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&sessionId=5cda257f035afb5dd8eed6928bf464a0946b2462&siteUserId=18131006&theme=light&widgetsVersion=82e1070%3A1619632193066&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/673A)
Age
1109029
Etag
"75f6870caaa381ebd7edd1fc5b3e57b9+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
14477
embed.ondemand.Tweet.8cdfb8847ece18c4acd4.js
platform.twitter.com/embed/ Frame 5646 		58 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.8cdfb8847ece18c4acd4.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
acc146648ca4f22a5e4083944c3eb3962982ac57cb5043ee75b78edaa987d1ff

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=aemeek&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1395138347601854465&lang=en&origin=https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F&sessionId=5cda257f035afb5dd8eed6928bf464a0946b2462&siteUserId=18131006&theme=light&widgetsVersion=82e1070%3A1619632193066&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:46 GMT
Server
ECS (frb/669E)
Age
1109028
Etag
"286fa669ad82b8498fb87084901ca093+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
13932
tweet
cdn.syndication.twimg.com/ Frame 5646 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_tweet_embed_clickability_12102%3Acontrol&id=1395138347601854465&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.ff962fc355c6a950595b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) / Express
Resource Hash
c363b5c497ecbb98199c434594c10327c97df4c13b8b0172ab12bd5e6f8cada0
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"55e-1PGzWTzBh8eLZTgMVWZF7ZQWyfw"
age
42
x-powered-by
Express
x-cache
HIT
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
content-length
759
x-xss-protection
0
last-modified
Wed, 26 May 2021 18:09:40 GMT
server
ECS (frb/6711)
x-frame-options
SAMEORIGIN
date
Wed, 26 May 2021 18:11:25 GMT
vary
Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
72349d0567c06404bdf0cfcbea130771f36da750e9baec6c683348af7f78f345
accept-ranges
bytes
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
jot
syndication.twitter.com/i/ Frame 5646 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1622052685915%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%2218131006%22%2C%22widget_creator_screen_name%22%3A%22aemeek%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%220be74e80%3A1620761712411%22%2C%22item_ids%22%3A%5B%221395138347601854465%22%5D%2C%22item_details%22%3A%7B%221395138347601854465%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 26 May 2021 18:11:25 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
5af3d1952dc5360a064a0e57a0680b1b09b21c7c01c4ada58f0c3f02c980156f
x-transaction
868367b81c7fa195
expires
Tue, 31 Mar 1981 05:00:00 GMT
a2naHzbe_normal.png
pbs.twimg.com/profile_images/1268200269277351936/ Frame 5646 		769 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1268200269277351936/a2naHzbe_normal.png
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
ff5ec5d1ad5a45da4b7984e8fe29e8fed999915f4abab760aafa9ede76694347
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:26 GMT
x-content-type-options
nosniff
age
535761
x-cache
HIT
content-length
769
x-response-time
122
surrogate-key
profile_images profile_images/bucket/3 profile_images/1268200269277351936
last-modified
Wed, 03 Jun 2020 15:16:00 GMT
server
ECS (frb/668B)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
35a14f0ed548929c4d6acd0bd3e8304f41770c51bf527cc1e32c04dced1962be
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
E1yGcFhVcAAZFkL
pbs.twimg.com/media/ Frame 5646 		143 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/E1yGcFhVcAAZFkL?format=png&name=small
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6713) /
Resource Hash
9d2d15b5655b1b6280ab474f7edca6046f712479b8e6f4343ee52b64c043c11e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:26 GMT
x-content-type-options
nosniff
age
590807
x-cache
HIT
content-length
146773
surrogate-key
media media/bucket/3 media/1395137801654464512
last-modified
Wed, 19 May 2021 22:00:26 GMT
server
ECS (frb/6713)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b72d9d9ceab43fc5f14a9a314e08f68b604e25f24c546e480c528c1a5141a3a4
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=3fc5bef92d9046bcb51ddb7258ba3d54_7486_1622052685489&tm=3400&eT=0&widgetWidth=976&widgetHeight=379&widgetX=150&widgetY=3710&tpcs=0&wRV=2000361&pVis=1&lsd=-1&eIdx=&ccpa=1---&cnsntV2=CPG0ZjxPG0ZjxAcABBENBbCgAAAAAAAAACiQAAAAAAAA.YAAAAAAAAAAA&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=5.7.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 26 May 2021 18:11:26 GMT
content-encoding
gzip
X-TraceId
119dd4c0cfe2010eaab5daa8b71fc1b5
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=28924c719f4159deb21bb58ee4a59738_7486_1622052685630&tm=3413&eT=0&widgetWidth=976&widgetHeight=268&widgetX=150&widgetY=4109&wRV=2000361&pVis=1&lsd=-1&eIdx=&ccpa=1---&cnsntV2=CPG0ZjxPG0ZjxAcABBENBbCgAAAAAAAAACiQAAAAAAAA.YAAAAAAAAAAA&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=5.7.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 26 May 2021 18:11:26 GMT
content-encoding
gzip
X-TraceId
775ce0fc6b160a935b6f8b57c17e3508
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=93f2053c9a925ffe0f17e90e58c306c2_7486_1622052685774&tm=3414&eT=0&widgetWidth=976&widgetHeight=556&widgetX=150&widgetY=4397&wRV=2000361&pVis=1&lsd=-1&eIdx=&ccpa=1---&cnsntV2=CPG0ZjxPG0ZjxAcABBENBbCgAAAAAAAAACiQAAAAAAAA.YAAAAAAAAAAA&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=5.7.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 26 May 2021 18:11:26 GMT
content-encoding
gzip
X-TraceId
f179eec57ebb866d3aea59e4451029b2
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
nr-1208.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1208.min.js
Requested by
Host: bgr.com
URL: https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding
gzip
etag
"1a71e4208296f97b465116492f59124d"
x-amz-request-id
WF368HHBCV4BPDPP
x-cache
HIT
content-length
11777
x-amz-id-2
Sju0Kn3tkH0pRSC0aE2XQRhlBx2SQ4e1b8nxTLXRSNXFVWWWpTDNMV6sXkQ3nbajK11ElnEOwuw=
x-served-by
cache-hhn4073-HHN
last-modified
Wed, 10 Mar 2021 16:24:28 GMT
server
AmazonS3
x-timer
S1622052686.493963,VS0,VE0
date
Wed, 26 May 2021 18:11:26 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
26817
eyJpdSI6IjRiZGQzNWEzNjM1MTcxZDc0NjczY2FlZjQ3Y2JiNDBkNjBlNDE4MzExYjk5NzFjNDM5NGYyY2VhNDNhMmMxMGYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjRiZGQzNWEzNjM1MTcxZDc0NjczY2FlZjQ3Y2JiNDBkNjBlNDE4MzExYjk5NzFjNDM5NGYyY2VhNDNhMmMxMGYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.161.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-161-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d0936df38333e1898238ffe134c075b2067756a1edae7b3a452e9e9f2d61561

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:26 GMT
cache-control
max-age=1750801
last-modified
Thu, 25 Feb 2021 15:02:02 GMT
x-traceid
997ec50ddd81a0b96c5d292a7de16cac
timing-allow-origin
*
content-length
34542
content-type
image/webp
eyJpdSI6ImU1NzcyMDA2YmFjYTQ4NTVkMDM4MmZmYjNiMDZkOWE2ZTNlYzE3YjQ4YTliNDY1ZTM4ZjVjOTA3NGVlYzllNzAiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImU1NzcyMDA2YmFjYTQ4NTVkMDM4MmZmYjNiMDZkOWE2ZTNlYzE3YjQ4YTliNDY1ZTM4ZjVjOTA3NGVlYzllNzAiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.161.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-161-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8e1857afbcaa8e2a21ba396a6610f6aae3c9223cd74f1afbd30a3843bb251c5f

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:26 GMT
cache-control
max-age=2269995
last-modified
Thu, 20 May 2021 09:56:53 GMT
x-traceid
23b345fb2994b2adcee7e6c39797e8b3
timing-allow-origin
*
content-length
15718
content-type
image/webp
eyJpdSI6ImM2ZTkwOTM4MTVlNzEzMmVjMTU0YzgwYTBiMzk5MGYzNTFhZDU3ZmE2M2IxY2IwY2JmZmNhYjc5MDIwZjM4MDciLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImM2ZTkwOTM4MTVlNzEzMmVjMTU0YzgwYTBiMzk5MGYzNTFhZDU3ZmE2M2IxY2IwY2JmZmNhYjc5MDIwZjM4MDciLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.161.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-161-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f67474a3745149597d8942f091f3948e03496d6faea6653d605bc164d981daec

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:26 GMT
cache-control
max-age=1758395
last-modified
Mon, 12 Apr 2021 07:29:55 GMT
x-traceid
644c6d6d5667db1f2c72d7dcc6fea091
timing-allow-origin
*
content-length
23562
content-type
image/webp
eyJpdSI6IjE1MDg1YjA1Mjk0MGIwMTY1ZTk3MDAxMzhiMTZiN2I4MzRhNTAxYTc1ZjI0NDNmY2NiNzhlOWQxNWI4YmNlNzYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE1MDg1YjA1Mjk0MGIwMTY1ZTk3MDAxMzhiMTZiN2I4MzRhNTAxYTc1ZjI0NDNmY2NiNzhlOWQxNWI4YmNlNzYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.161.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-161-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
49532b4503cdd428bf14dea3bfa2bc129fa377014e42210e33e08be756b12fcc

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:26 GMT
cache-control
max-age=2027039
last-modified
Fri, 21 May 2021 15:58:49 GMT
x-traceid
7c8cafe10ce22f737f062961bdd4ca08
timing-allow-origin
*
content-length
30480
content-type
image/webp
eyJpdSI6IjRkNWU4NDkxOTFkYTU1NWU5NDAyNDFjMTE4M2YyYTljMTZhNWQ3NTk4ZTRiMWE0NzI2YzY1NjJlNDcyMzRiYjEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjRkNWU4NDkxOTFkYTU1NWU5NDAyNDFjMTE4M2YyYTljMTZhNWQ3NTk4ZTRiMWE0NzI2YzY1NjJlNDcyMzRiYjEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.161.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-161-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929bf592400dbd7661b676eb67232337d3d6c2986727b560a8ef8a61bcc35b3f

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:26 GMT
cache-control
max-age=2439725
last-modified
Thu, 29 Apr 2021 14:38:38 GMT
x-traceid
fd19bf36c99074a8b5e6ee5119586b61
timing-allow-origin
*
content-length
24798
content-type
image/webp
jot
syndication.twitter.com/i/ Frame 5646 		43 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1622052686590%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fbgr.com%2Ftech%2Fmalware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%2218131006%22%2C%22widget_creator_screen_name%22%3A%22aemeek%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%220be74e80%3A1620761712411%22%2C%22item_ids%22%3A%5B%221395138347601854465%22%5D%2C%22item_details%22%3A%7B%221395138347601854465%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1254.8999977111816%7D&dnt=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 18:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 26 May 2021 18:11:26 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
5af3d1952dc5360a064a0e57a0680b1b09b21c7c01c4ada58f0c3f02c980156f
x-transaction
cea9fb04d9cdb494
expires
Tue, 31 Mar 1981 05:00:00 GMT
c8454aa091
bam-cell.nr-data.net/1/ 		49 B
911 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/c8454aa091?a=457080277&v=1208.49599aa&to=ZwYHYhBRC0JWURILX15MMEQLHwxfU1ceTEBYEw%3D%3D&rst=7120&ck=1&ref=https://bgr.com/tech/malware-attack-microsoft-identifies-phishing-campaign-malware-stealing-passwords-5927634/&ap=531&be=761&fe=6922&dc=3525&perf=%7B%22timing%22:%7B%22of%22:1622052679479,%22n%22:0,%22f%22:1,%22dn%22:3,%22dne%22:4,%22c%22:4,%22s%22:9,%22ce%22:17,%22rq%22:17,%22rp%22:721,%22rpe%22:738,%22dl%22:734,%22di%22:3497,%22ds%22:3525,%22de%22:3552,%22dc%22:6922,%22l%22:6922,%22le%22:6923%7D,%22navigation%22:%7B%7D%7D&fp=2164&fcp=2164&at=S0EQFFhLGB0VU0RYS00e&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Referer
https://bgr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 18:11:26 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlRaCAMIU1RUFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoDClAOVXRMB05WAhtDBFsMBQlVUFZVUwdeV1UFCkBKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
6558f74b7bed2b89-FRA
cf-request-id
0a4b78e32900002b898a17e000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d3ezl4ajpp2zy8.cloudfront.net
URL
https://d3ezl4ajpp2zy8.cloudfront.net/theinternetworksltd-technology_tag.js

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require object| _comscore object| permutive object| dataLayer object| pmc_meta object| pmc boolean| pmc_do_analytics_pagecount object| pmc_common_urls function| loadGA string| GoogleAnalyticsObject function| ga undefined| $ function| jQuery function| add_filter function| apply_filters object| pmc_permutive_data object| pmc_jwplayer_options object| pmc_onetrust function| Frisbee object| sbjs function| pmc_jwplayer function| pmcjwplayer object| mcwidget object| jwDefaults object| webpackJsonpjwplayer function| jwplayer object| blogherads object| googletag object| MoatUA object| regeneratorRuntime object| gMmARNGrJPmOpBrkosl5RhOv object| _pbjsGlobals object| pmc_fastly_geo_data object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| OneTrustTCFStub function| __tcfapi object| OneTrust function| OptanonWrapper object| pmc_site_config object| pmc_krux function| qp function| fbq function| _fbq object| leaderboard object| otStubData object| __twttrll object| twttr object| __twttr function| udm_ object| ns_p object| COMSCORE object| diagPixSentCodes object| __iasPET object| __iasAdRefreshConfig object| google_tag_manager object| MC_PIXEL object| headertag object| qevents object| __otccpaooLocation object| _mag object| pmc_video_player_event_tracking object| consentUiEl function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI function| setUpAgknTag object| _qevents function| OptiMonkOnReady object| ccpa object| gdpr object| ca_privacy_link object| pmc_video_player_ads object| pmc_ga_event_tracking object| pmcFloatingVideoOptions object| pmc_floating_player object| pmc_contextual_player function| _ object| pmc_admanager object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| _stq object| Q4S90a function| Q4S90b object| xop function| st_go function| linktracker_init object| wpcom function| isAnExcludedLink object| trx function| agknTagBuilder object| _agknTag string| _agknTagName object| _agknEchoTag number| _isAgknTagSet object| pmc_video_ads object| otIabModule object| Optanon function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| ns object| OptiMonk object| OptiMonkRegistry object| y4CZ4a function| y4CZ4b function| xblocker object| b6wA3a function| b6wA3b object| xblacklist string| pubcidCookie

0 Cookies

6 Console Messages

Source Level URL
Text
console-api log URL: https://bgr.com/_static/??/wp-includes/js/jquery/jquery.min.js,/wp-content/plugins/pmc-plugins/pmc-global-functions/js/jquery-migrate.min.js?m=1620863995j(Line 5)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api warning URL: https://cdn.permutive.com/3d2fb0bd-52fc-4b75-aaf5-2d436c172540-web.js(Line 1)
Message:
Permutive was not initialized. localStorage not supported
console-api error URL: https://front.optimonk.com/public/98385/js/preload.js(Line 37)
Message:
TypeError: Cannot read property 'getItem' of null [object Object]
console-api log URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/pmc_0aaa4_bgr.js(Line 2)
Message:
FunnelRelay:: TypeError: Cannot read property 'getItem' of null
console-api error URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/pmc_0aaa4_bgr.js(Line 2)
Message:
Magic Links 'init' procedure fail! Details: TypeError: Cannot read property 'length' of null
console-api error URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/pmc_0aaa4_bgr.js(Line 2)
Message:
TypeError: Cannot read property 'length' of null at trx.MagicLinks.retransmit_sotrage_items (https://cdn-magiclinks.trackonomics.net/client/static/v2/pmc_0aaa4_bgr.js:2:21561) at trx.MagicLinks.init (https://cdn-magiclinks.trackonomics.net/client/static/v2/pmc_0aaa4_bgr.js:2:18569) at new trx.MagicLinks (https://cdn-magiclinks.trackonomics.net/client/static/v2/pmc_0aaa4_bgr.js:2:2821) at https://cdn-magiclinks.trackonomics.net/client/static/v2/pmc_0aaa4_bgr.js:2:63429

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
aa.agkn.com
ads.blogherads.com
api.rlcdn.com
apple.news
assoc-na.associates-amazon.com
bam-cell.nr-data.net
bgr.com
cdn-magiclinks.trackonomics.net
cdn.adsafeprotected.com
cdn.cookielaw.org
cdn.permutive.com
cdn.syndication.twimg.com
connect.facebook.net
d.agkn.com
d3ezl4ajpp2zy8.cloudfront.net
fonts.googleapis.com
front.optimonk.com
geolocation.onetrust.com
iabusprivacy.pmc.com
idx.liadm.com
images.outbrainimg.com
js-agent.newrelic.com
js-sec.indexww.com
js.agkn.com
log.outbrainimg.com
m.media-amazon.com
manychat.com
match.adsrvr.org
mccdn.me
mcdp-nydc1.outbrain.com
mv.outbrain.com
odb.outbrain.com
p.skimresources.com
pbs.twimg.com
pixel.mathtag.com
pixel.wp.com
platform.twitter.com
q.quora.com
r.skimresources.com
rules.quantcount.com
s.skimresources.com
sb.scorecardresearch.com
secure.quantserve.com
stats.wp.com
syndication.twitter.com
t.skimresources.com
tagan.adlightning.com
tcheck.outbrainimg.com
video-cdn.bgr.com
widget-pixels.outbrain.com
widget.manychat.com
widgets.outbrain.com
www.apple.com
www.facebook.com
www.googletagmanager.com
z-na.associates-amazon.com
d3ezl4ajpp2zy8.cloudfront.net
104.107.161.205
104.19.150.54
104.244.42.136
13.225.74.116
13.225.82.136
13.226.159.35
151.101.113.131
151.101.113.2
151.101.114.110
151.101.114.132
151.101.130.217
151.139.128.11
162.247.243.146
167.99.251.246
18.185.191.84
18.195.172.136
192.0.66.208
192.0.76.3
2.18.233.201
2600:9000:20eb:1c00:15:efbc:e300:93a1
2600:9000:211e:f400:1d:8c8c:47c0:93a1
2600:9000:2182:ac00:1d:d7f6:39cf:a761
2600:9000:2182:c800:1:a3fa:7cc0:93a1
2600:9000:2182:ca00:6:44e3:f8c0:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:b944
2606:4700:20::ac43:486c
2606:4700::6810:9540
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200a
2a02:26f0:10c:486::3277
2a02:26f0:6c00:2a2::1aca
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f130:83:face:b00c:0:25de
3.11.29.5
3.224.194.150
34.120.133.55
35.190.59.101
35.190.91.160
35.201.67.47
52.94.243.89
54.227.207.23
64.202.112.127
70.42.32.31
72.247.225.215
72.247.225.98
76.223.111.131
99.86.2.29
00bf107867079ab760066daf64d9c970be13de609fb1a7eb0ce83ddb040a5cb4
02a8cd07f9b72905689074cfd8852c03cde76a58d1ae30939ee6c05f737d47e4
03c413ee8a9022149607543a6eae4d920a851a2bfc488f30a5e9aadbc4cb6416
045722dec366e69c7732618fb76e7a8cf77f69797548ad12632f8d8309e8752e
0610610e48dc9032b0fd2aba0f154bf8eb2c5d0f8b9289f33e1769f5137e8987
07f0dfe5c1f3785ecc343e2404a797c7b59a74a22be9011d0858940dfe655e07
09b94865bcb2bef64df19d1526f08f8ccf1e850eee04e92596359f9f62553f25
0a9b8de347117ae272874ee0794532b1b5dd27c9569c52df4535f8b7c122606f
0ad092aad6edc5a35ceae773fdaa5bdbac93698c70ff67b229f657c5b5697665
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13c1a45c0dc29b00f992a55af04e8eec8199474583752aa82a0ad0aa92b18578
13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848
15a09a380bbd71767ebcceb5cdefb1c319f688de77a9a4434f6711d65ad32c1f
179969794d5f25a2d570153df7f62889e46286b7fb23f87888f08f7b69265156
18d2e1848cc57c97d375fd96ad3b2278dd024d054413d170d7f1bf2b54afc740
1cd2500f652e5f7611dc8735b1455d572a7aa1ccede57d8e375ff88023cf9ccd
23da523a0ffff334fe2ed33b683579bc44b55c457ab79e4934a1873c7e5e0541
257dd6cd74a3c887e83a1f454cb446ffb19d25882760a47f886f3e01f42987fb
263627ec362c25037d69022de008fad33cf85ec7267604a5ae5c8e6fe4ad9e38
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
290741ca9009a234685a84590c6c74d834a0e8a348056514e86d8bf54cc3c849
2909664ed7d5892bb358d2eaf8879c58ca825de7ceff0c560990dddf0078b11d
2984a495025071565e785b40324f6f308f019dc403552f769b0d3f1d6b9d2cfb
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2ddeaed07f6483f7831b23faa32cf85a04c3406eb4bb2925530894805a05d4fb
2e28652e2cfba8ced64253dbd3be1b2786eca218d26f0161cd1f491da7ef73d5
2e84aaf06139c7610a7c716bb9fd310dea3e427aa77c678719f34b8d14d569ef
31798da61280c92ee918958b793b3127747146f65718fc2a709a1215242d574a
33028b306202787af41768dacb7fbc2b20a84f3a1f026cc0893d177af270fccd
349b6f8a4172449b2ccf91f569f7208e37bd9cf1b5b39c922bbde2e8763440ad
3547d7cb0d0127fd5fb3d8dd939921adc2127fcf43dd20ee22b0fd20464dc9ef
36ae32429e17d6399d9dc5e25cd65cd7034ea218b5ff091809dcfa8f9e7df91e
3ae4e9e4a4696091675ebbecf55f7133da51513cab70c150333d78bcedc3ca12
3b7d2b4c5417a697678081ed3b344955f0b25e694171178b0c01e029b4a18e8b
3c7ac95f992fa068b509eda38902d24e0747f7168efcfbd74532cc1e30637a42
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
40a6cf893aa27d102d75dfb0fb21cd92a422d4e2fa801c067fb986fd3e6596a7
40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49
41c43d3a5c89ba288f7f94993b225b6889c5e320b171793cc82f24ceb7181441
41daac81421329b7091d3ea33d91959ee08135224c28f3dcb523341fa2e90393
4241410f8455b20467d69e23721cf15b0683c57bc2cfeb494d3aea97588f84ac
43207822e8e2f03f8d25f80b886eecec7cff3dd3f8a8b1df640590b86697582a
433ba35f0585ad9b09e08d422a99881fd47f621650587251e7f59555131d5ef9
4437d230727b562eaa51b3243d993f0d37fc1813fb893441bbb237b159a9d949
452ee2471448cc6b716090a014cf7fc9cc515998bda9dcc334aa073a72a591e7
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
49532b4503cdd428bf14dea3bfa2bc129fa377014e42210e33e08be756b12fcc
499e22ab9cf04814864fdcef6cfb1fe4c631d43b966ee26b560e2e368406efbe
4aebcdce1860509b72407d9a99c5a7a259772f4893ba3314e734c83b4a8339cd
4e326bc246c28cccdbd316a5c0817903412f23e17b048f4412797dae18c5d720
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4fb9fa856726bf005283bad635c1cd71429a3fe446fc9a114671f25c6476fa65
502c750321d488f614e93073821f7aa1e927544911b586e9f69fd192b22ee1db
50819e2aca8fe3acccd0d0bbd70ede9f7dbabc790c1a0d8ac2ee2c488d4d48c9
52bc123dc38de0b18c3493b692eb7ea05379f2c6365d780c329a7fd2897f8450
52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
579bc78ae1b468691de42c7d2df2da745f8ef8a7ef9b209483c8cd4afbb61554
5bdf881868ac7b463d2c26adb5b2191eec0ca3dcf013741fec60d7968b4c5e2b
5ca4426b0a0b5d2564cfcb0a1fb3344c530800756341e8f62b852bdf07f3b02a
5daaa8d4f0a5735fe5b43861e68e711f33c5035ee4223d43e7f9c04edfb70441
5e66ad6eba3f6eb2e5dd69045dfcb676d489bf2bef92186e4a08e1b6f77d39b6
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
61744f224b58cba3fc7653d9cb9e0175c1e24172d1d804b32b3eecd1159be7bd
62757a3202b4dabc8cf4612490e9632516b8dad77c5536e25b71225763094924
6a76f4bba8f5f4895c3aa44d243a16e8b3ae0d9b53a2cefa06b10480c5df6575
6e6cfd3737502c5f7f2e958a3e630dcac66aecdc0e2f058fc082462260940d15
7519e61aea4f2c775a819496a69370040c9fdbf229fd19e5be139e79be481a23
77bf21aeec3b199020201f1722dbce7ab9d382c6bd5d60202e33a723d3b3a073
78f1a8f3787f77f7ab4fcbb12c87f5cd412556c04991cdadaacddcd9b5a3e68a
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
7b5a69f728a7160605b396d9e4411856db9e4d9bbcd4b830cd946da9aee455af
7d0936df38333e1898238ffe134c075b2067756a1edae7b3a452e9e9f2d61561
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
87dcef2abb4e531715da06878b3638d23e9bf225391f62a9cfede3283e946f85
8a533b2f001d4d30d190e2cbf285dc6ca675eb533976ac5f22f165ba24fce6bc
8e1857afbcaa8e2a21ba396a6610f6aae3c9223cd74f1afbd30a3843bb251c5f
8edb00f6779a2c78a824afc1288aad9b4dd599bc56c3460304d8711108677487
8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b
90c847b7259c0359f6990d79d7fa02ed58d80539d5fe8b08a87423caaf0954be
9187fba341ca0c57d86df8d74ea13f0691a63a4ddb38fe6fd857462d46103f0b
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
929bf592400dbd7661b676eb67232337d3d6c2986727b560a8ef8a61bcc35b3f
960e3b41d6216502c8dbaa8aab3f3aa90f83f3535ebc7d50969c6e43d2e14f22
970e676c52b275a819ab9170ec4427370cc6c7033aa2e6b0b9cb71b977b72542
983736f25b9a341a675693770364c9e032d60601961184936b8be954f957f4e0
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
990aa53b31e38475a8d8bcd1a5d2b207bad8aef5cb8467ae35e8abbcaea52cd1
9c68983ab5933a4a94e0c3fe2e435c7500c66ad57045e4e70ad9ce5b3325f7cf
9d2d15b5655b1b6280ab474f7edca6046f712479b8e6f4343ee52b64c043c11e
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a576c13cade726061ca762a634838b616793ed6b7200e5c9cbbb775f316afd58
a5825a1267bc847e696f3ab56a03f80c087b4a1f708a935df45a4d19dd4873a3
a676406b7b7d030315587a725465701422973945f916cf58e74652c801574893
ab454649530ba587c002c92f241558399e5de49f7dc1cb56ecb21a4ff14cfcf0
aba65aa6fd47b35f3eab75ee07c8bf15270d4e362754aa3c4fa0cc4e73ef846e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acc146648ca4f22a5e4083944c3eb3962982ac57cb5043ee75b78edaa987d1ff
ad6a00d137c18483b001c9491c1067a7d6951e64eb12fcd05faebfa5a004d0d8
ae923e0a5e1e6ec2102bc44f3cb72c5ce2d3ea2730d338f978ac8071f653bc2f
af345949ee08313eb0c612d4a7df07ca4a0892776526eec3ff4189d46587d374
b063d97688b0ae65ffa31a1829cc70b2a64362fff0bcfb336347e120509aa263
b06819f67294d9dfdd59b3ed6c41d8ae356a915851b2e0951a534086dc958579
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29623f7b2ecfc69dc402ccfc1a0c73e1889ffdd4c13840a723fcc02bf550136
b2b024f5d18666e32b46e4a1f027a70de2301c360a4655d657c22c10bf9f42a4
b4df87d9d632094ba5fbede8091e97c30dc07605c3ec4220d56363fd7d8edc4d
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bbe738c77fcc965aa21aab65476f674bc537d244c3c33ef721315fa462c9699d
beac9be3a5c9dd9f60a172ea643dd30a5b71ff48379fb07962d01c42e68047e7
c363b5c497ecbb98199c434594c10327c97df4c13b8b0172ab12bd5e6f8cada0
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c751558042cd242729945cadeca90d2513d71ae7811992be768a07751266fa0a
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d
ce609a18ff66b8f8d0318be227f176f99e3de7ee383253b1b4e9a1caa230afac
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d309618347368b498f6cd50c4110fbaaafafed5ba9fd992ff1bbcf45df8a0b2d
d373cdc98dd21157916f450a67b90653c4a5333eca71a4c0c2cba47c642ded25
d3fd6f41480f66e099475b75cfd8a20a63bccf6560c699d23d557a94853daab2
da2a8ddf4e24d32b958ab8dc971251fbffcc5358789cfd28df2078877d4ea968
daa7df99e5d206165747cc3520f264664454b83e88660a089bcbca7c3d8eb74d
db75b790206a2694094f8cae3da3176a7086f929e4f41c3fafe6e07490dc4a87
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dee7e43b051bd156b70a40ac0e5c532f372d0f2d71632b41e79ec1f517c3c112
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
e0cdcd18df62db5dab7fc26e2f03e5835191e4015f30c7b27783c49c9023273e
e10bc1a40f841f371c35a63210db07484bffc8cf0c4d72f2a14fa0d8f5ae0c22
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c410790f8e75384f2ff6b95c2eb18a26052e6ced2e4a21a82620cfc9b2b010
ea4fdcc21a72f6a6fa9cd48fa73465ace247e65936e63d25713858398a62e148
ee24164628b530b7b8d3e300e0bcdef4f3b91e962400c9bed87873844da70a91
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f061c6836f4de43ab0b492cce4b4a22af4ea18b03c195343cbb447ebb2b167f7
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f49220ab18ff82c2339b4800187c368792c3ed60c4cbe7317eec90e5068bb3f8
f67474a3745149597d8942f091f3948e03496d6faea6653d605bc164d981daec
f9a6bd489df560f7a925b43d5b48d4536fa24589332e53702b63fc0072898f86
f9b899a83a8599fd4b4c026567649b656540965037d920d2194ccef130ebf47d
fca71b82e14846b996860a4f291a3ce2954db3fe8257b04375be9fc31980984f
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fed723f5ac5b6df333c7b91eb3873317610479c386f795c403a462185b1647cb
ff5ec5d1ad5a45da4b7984e8fe29e8fed999915f4abab760aafa9ede76694347