URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Submission: On November 11 via api from US

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 55 HTTP transactions. The main IP is 64.185.172.247, located in United States and belongs to BITGRAVITY - BitGravity, Inc., US. The main domain is blogs.quickheal.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on January 11th 2019. Valid for: a year.
This is the only time blogs.quickheal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 59 64.185.172.247 40009 (BITGRAVITY)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
55 7
Domain Requested by
59 blogs.quickheal.com 11 redirects blogs.quickheal.com
2 www.google-analytics.com blogs.quickheal.com
2 platform.twitter.com blogs.quickheal.com
platform.twitter.com
2 maxcdn.bootstrapcdn.com blogs.quickheal.com
1 fonts.googleapis.com blogs.quickheal.com
55 5

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.linkedin.com
plus.google.com
www.youtube.com
www.quickheal.com
Subject Issuer Validity Valid
*.quickheal.com
RapidSSL TLS RSA CA G1
2019-01-11 -
2020-04-11
a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-14 -
2020-10-13
a year crt.sh
*.googleapis.com
GTS CA 1O1
2019-10-16 -
2020-01-08
3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2018-11-19 -
2019-11-27
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2019-10-16 -
2020-01-08
3 months crt.sh

This page contains 2 frames:

Primary Page: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Frame ID: 6F7668CC58C9AA9A46EE7B7152446799
Requests: 59 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html?origin=https%3A%2F%2Fblogs.quickheal.com
Frame ID: 8430813172475DA2148A2ECBB3A68D12
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

55
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

5
Subdomains

7
IPs

3
Countries

1399 kB
Transfer

1507 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Snapshot_of_infected_removal_drive-300x120.png HTTP 301
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Snapshot_of_infected_removal_drive-300x120.png
Request Chain 15
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Clean_drive_shortcut_icon.png HTTP 301
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Clean_drive_shortcut_icon.png
Request Chain 16
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Infected_drive_shortcut_icon.png HTTP 301
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Infected_drive_shortcut_icon.png
Request Chain 17
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_1_desktop_ini_file-300x223.png HTTP 301
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_1_desktop_ini_file-300x223.png
Request Chain 18
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_2_dll_file-300x208.png HTTP 301
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_2_dll_file-300x208.png
Request Chain 19
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_2_desktop_ini_file-300x255.png HTTP 301
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_2_desktop_ini_file-300x255.png
Request Chain 20
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_3_dll_file-300x109.png HTTP 301
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_3_dll_file-300x109.png
Request Chain 21
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_3_desktop_ini_file-300x255.png HTTP 301
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_3_desktop_ini_file-300x255.png
Request Chain 22
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Contents_of_desktop_ini_file_after_decryption-300x173.png HTTP 301
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Contents_of_desktop_ini_file_after_decryption-300x173.png
Request Chain 23
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Compressed_Header_written_in_registry-300x25.png HTTP 301
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Compressed_Header_written_in_registry-300x25.png
Request Chain 24
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Decompressed_Header_from_registry-300x40.png HTTP 301
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Decompressed_Header_from_registry-300x40.png

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
76 KB
76 KB
Document
General
Full URL
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www / PHP/5.5.30
Resource Hash
f9b37ce36e47467ecc057d56167ecef6235a8da1d29f012b1b39991a8d449b4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
blogs.quickheal.com
:scheme
https
:path
/worm-gamarue-what-it-is-and-how-does-it-evolve/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
content-type
text/html; charset=UTF-8
date
Mon, 11 Nov 2019 14:51:38 GMT
x-powered-by
PHP/5.5.30
x-pingback
https://blogs.quickheal.com/xmlrpc.php
link
<https://blogs.quickheal.com/wp-json/>; rel="https://api.w.org/" <https://blogs.quickheal.com/?p=76504>; rel=shortlink
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
age
0
accept-ranges
bytes
server
v/6.2.3/6.2.0/v4mia1-www
x-version
1.30
x-server
v/6.2.3/v4mia1-https
multicolor-subscribe-widget.css
blogs.quickheal.com/wp-content/plugins/wp-multicolor-subscribe-widget/
1 KB
1 KB
Stylesheet
General
Full URL
https://blogs.quickheal.com/wp-content/plugins/wp-multicolor-subscribe-widget/multicolor-subscribe-widget.css?ver=4.8.3
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
1bcee1b4d83dac08181855b025b990b8ed2653996d066ef2ac79cd947f5d268e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 13:54:06 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 May 2015 07:19:43 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
543163
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
1077
x-xss-protection
1; mode=block
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/
21 KB
5 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 Nov 2019 14:51:39 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
status
200
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
5041
style.css
blogs.quickheal.com/wp-content/themes/mh_cicero/
59 KB
59 KB
Stylesheet
General
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/style.css?ver=1.0.72
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
6d3867887b5d65b2721db12ddea4ebbb79179adf475a1c7f091123ad11dece09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 13:54:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 May 2018 14:02:17 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
543163
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
59913
x-xss-protection
1; mode=block
css
fonts.googleapis.com/
13 KB
956 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Prata|Open+Sans:300,400,400italic,600,700
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d9975f28cafef89b777e9619c8592f395a5e83fbdce6e073e7bee3c1bc42a155
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 11 Nov 2019 14:51:39 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 11 Nov 2019 14:51:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 11 Nov 2019 14:51:39 GMT
wpp.css
blogs.quickheal.com/wp-content/themes/mh_cicero/
937 B
1 KB
Stylesheet
General
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/wpp.css?ver=3.3.4
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
ec9e533468bbc524beb33f6306a8ac0d4c928d4d91608d4fa01e778715c30087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:52 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 May 2015 07:19:43 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
540356
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
937
x-xss-protection
1; mode=block
sassy-social-share-public.css
blogs.quickheal.com/wp-content/plugins/sassy-social-share/public/css/
17 KB
17 KB
Stylesheet
General
Full URL
https://blogs.quickheal.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.1.10
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
369d2496911a9b267a3e0427de908dad8cf37e7f9791b3c4771aebe19723219a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Apr 2018 07:25:43 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
540356
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
17124
x-xss-protection
1; mode=block
sassy-social-share-svg.css
blogs.quickheal.com/wp-content/plugins/sassy-social-share/admin/css/
117 KB
117 KB
Stylesheet
General
Full URL
https://blogs.quickheal.com/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.1.10
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
fad1ebb29fd1405aa7b025ad8148a21b22d48a208bdd87e2572b0a0018358656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 13:54:06 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Apr 2018 07:24:03 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
540356
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
119481
x-xss-protection
1; mode=block
jquery.js
blogs.quickheal.com/wp-includes/js/jquery/
95 KB
95 KB
Script
General
Full URL
https://blogs.quickheal.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:52 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 May 2016 19:30:30 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
543073
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
97184
x-xss-protection
1; mode=block
jquery-migrate.min.js
blogs.quickheal.com/wp-includes/js/jquery/
10 KB
10 KB
Script
General
Full URL
https://blogs.quickheal.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 20 May 2016 16:41:28 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
544592
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
10056
x-xss-protection
1; mode=block
scripts.js
blogs.quickheal.com/wp-content/themes/mh_cicero/js/
36 KB
36 KB
Script
General
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/js/scripts.js?ver=4.8.3
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
2b6959ed660424d5c0cece11232fc99cf6283ed5a0d5eaecc1b29caa184366a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:52 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 May 2015 07:19:43 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
543163
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
36449
x-xss-protection
1; mode=block
scripts.js
blogs.quickheal.com/wp-content/themes/mh_cicero/js/
36 KB
36 KB
Script
General
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/js/scripts.js
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
2b6959ed660424d5c0cece11232fc99cf6283ed5a0d5eaecc1b29caa184366a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:52 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 May 2015 07:19:43 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
543073
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
36449
x-xss-protection
1; mode=block
logo.png
blogs.quickheal.com/wp-content/uploads/2016/08/
9 KB
9 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2016/08/logo.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
da83530ac61a48338aa2bb88ad594c1a43a702c951beeb1fc5c63c077bc2d8e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Aug 2016 11:39:42 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
543121
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
9079
x-xss-protection
1; mode=block
wp-emoji-release.min.js
blogs.quickheal.com/wp-includes/js/
12 KB
12 KB
Script
General
Full URL
https://blogs.quickheal.com/wp-includes/js/wp-emoji-release.min.js?ver=4.8.3
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
dba6b80aceb1267fd1ed564e08a983730d272813e9b3aff85dc365c65333dd66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 08 Nov 2017 06:39:10 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
543122
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
11915
x-xss-protection
1; mode=block
bajarang-70x70.jpg
blogs.quickheal.com/wp-content/uploads/2016/04/
3 KB
3 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2016/04/bajarang-70x70.jpg
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
d938a2c3c0ac63ef11b130b1edeb91d94e6a863252baad206c626ecaddfcc4dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Wed, 06 Nov 2019 16:39:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Apr 2016 12:00:00 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
753025
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
2601
x-xss-protection
1; mode=block
Snapshot_of_infected_removal_drive-300x120.png
blogs.quickheal.com/wp-content/uploads/2013/08/
Redirect Chain
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Snapshot_of_infected_removal_drive-300x120.png
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Snapshot_of_infected_removal_drive-300x120.png
26 KB
26 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2013/08/Snapshot_of_infected_removal_drive-300x120.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
062c8ed28d516be6a5d2cd7481aad8d19a0352ebc89899982a7622c50464c851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Mon, 11 Nov 2019 14:51:41 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Dec 2013 21:20:04 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
447111
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
26231
x-xss-protection
1; mode=block

Redirect headers

Location
https://blogs.quickheal.com/wp-content/uploads/2013/08/Snapshot_of_infected_removal_drive-300x120.png
X-Version
23.s
Date
Mon, 11 Nov 2019 14:51:39 GMT
Server
Varnish
Connection
keep-alive
Content-Length
0
X-Varnish
176154530
Clean_drive_shortcut_icon.png
blogs.quickheal.com/wp-content/uploads/2013/08/
Redirect Chain
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Clean_drive_shortcut_icon.png
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Clean_drive_shortcut_icon.png
2 KB
3 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2013/08/Clean_drive_shortcut_icon.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
a26610680f925733a4d8aa0f4a6d407af846968a4ddf270e0ffce4c2e8aa266b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Mon, 11 Nov 2019 14:51:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Dec 2013 21:16:50 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
0
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
2382
x-xss-protection
1; mode=block

Redirect headers

Location
https://blogs.quickheal.com/wp-content/uploads/2013/08/Clean_drive_shortcut_icon.png
X-Version
23.s
Date
Mon, 11 Nov 2019 14:51:39 GMT
Server
Varnish
Connection
keep-alive
Content-Length
0
X-Varnish
424322962
Infected_drive_shortcut_icon.png
blogs.quickheal.com/wp-content/uploads/2013/08/
Redirect Chain
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Infected_drive_shortcut_icon.png
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Infected_drive_shortcut_icon.png
3 KB
4 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2013/08/Infected_drive_shortcut_icon.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
e9e31cdd510128893f9fc14169e13e8918b4723f0d68f535bf60b425b00c79e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Mon, 11 Nov 2019 14:51:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Dec 2013 21:17:50 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
0
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
3456
x-xss-protection
1; mode=block

Redirect headers

Location
https://blogs.quickheal.com/wp-content/uploads/2013/08/Infected_drive_shortcut_icon.png
X-Version
23.s
Date
Mon, 11 Nov 2019 14:51:39 GMT
Server
Varnish
Connection
keep-alive
Content-Length
0
X-Varnish
440877059
Stage_1_desktop_ini_file-300x223.png
blogs.quickheal.com/wp-content/uploads/2013/08/
Redirect Chain
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_1_desktop_ini_file-300x223.png
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_1_desktop_ini_file-300x223.png
79 KB
79 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_1_desktop_ini_file-300x223.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
b3c13b818202b779e84d71479d4f4aa62a108a59fdb50374f8247715bb99fc9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Mon, 11 Nov 2019 14:51:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Dec 2013 21:20:08 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
0
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
80851
x-xss-protection
1; mode=block

Redirect headers

Location
https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_1_desktop_ini_file-300x223.png
X-Version
23.s
Date
Mon, 11 Nov 2019 14:51:39 GMT
Server
Varnish
Connection
keep-alive
Content-Length
0
X-Varnish
418937395
Stage_2_dll_file-300x208.png
blogs.quickheal.com/wp-content/uploads/2013/08/
Redirect Chain
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_2_dll_file-300x208.png
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_2_dll_file-300x208.png
39 KB
39 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_2_dll_file-300x208.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
f7875d0fd49c04946d32368342effbdaf4913c01323373801f54372656f76061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Mon, 11 Nov 2019 14:51:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Dec 2013 21:20:16 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
0
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
39578
x-xss-protection
1; mode=block

Redirect headers

Location
https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_2_dll_file-300x208.png
X-Version
23.s
Date
Mon, 11 Nov 2019 14:51:39 GMT
Server
Varnish
Connection
keep-alive
Content-Length
0
X-Varnish
233470188
Stage_2_desktop_ini_file-300x255.png
blogs.quickheal.com/wp-content/uploads/2013/08/
Redirect Chain
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_2_desktop_ini_file-300x255.png
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_2_desktop_ini_file-300x255.png
76 KB
76 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_2_desktop_ini_file-300x255.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
4b16e447848003da30ba414981d5c7aec83ad96ad3b727bad7d8567b7ce8802f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Mon, 11 Nov 2019 14:51:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Dec 2013 21:20:12 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
0
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
77864
x-xss-protection
1; mode=block

Redirect headers

Location
https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_2_desktop_ini_file-300x255.png
X-Version
23.s
Date
Mon, 11 Nov 2019 14:51:39 GMT
Server
Varnish
Connection
keep-alive
Content-Length
0
X-Varnish
314702933
Stage_3_dll_file-300x109.png
blogs.quickheal.com/wp-content/uploads/2013/08/
Redirect Chain
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_3_dll_file-300x109.png
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_3_dll_file-300x109.png
30 KB
30 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_3_dll_file-300x109.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
69df84d1b3a6b31710699e319f32ee688d2adcb53342ea8106f963e6ff531b38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Mon, 11 Nov 2019 14:51:41 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Dec 2013 21:20:20 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
0
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
30669
x-xss-protection
1; mode=block

Redirect headers

Location
https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_3_dll_file-300x109.png
X-Version
23.s
Date
Mon, 11 Nov 2019 14:51:40 GMT
Server
Varnish
Connection
keep-alive
Content-Length
0
X-Varnish
320406441
Stage_3_desktop_ini_file-300x255.png
blogs.quickheal.com/wp-content/uploads/2013/08/
Redirect Chain
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_3_desktop_ini_file-300x255.png
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_3_desktop_ini_file-300x255.png
96 KB
97 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_3_desktop_ini_file-300x255.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
fc3898e6df62f71644c03cfa25e727e52b2b0c27f66da401d9506328c91cf2fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Mon, 11 Nov 2019 14:51:41 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Dec 2013 21:20:20 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
0
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
98683
x-xss-protection
1; mode=block

Redirect headers

Location
https://blogs.quickheal.com/wp-content/uploads/2013/08/Stage_3_desktop_ini_file-300x255.png
X-Version
23.s
Date
Mon, 11 Nov 2019 14:51:40 GMT
Server
Varnish
Connection
keep-alive
Content-Length
0
X-Varnish
314702942
Contents_of_desktop_ini_file_after_decryption-300x173.png
blogs.quickheal.com/wp-content/uploads/2013/08/
Redirect Chain
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Contents_of_desktop_ini_file_after_decryption-300x173.png
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Contents_of_desktop_ini_file_after_decryption-300x173.png
60 KB
60 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2013/08/Contents_of_desktop_ini_file_after_decryption-300x173.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
d8f6df69c95f772b3286959d0e491e3c08aab53abcf037a871cb4bf306d5c156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Mon, 11 Nov 2019 14:51:41 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Dec 2013 21:17:00 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
0
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
61181
x-xss-protection
1; mode=block

Redirect headers

Location
https://blogs.quickheal.com/wp-content/uploads/2013/08/Contents_of_desktop_ini_file_after_decryption-300x173.png
X-Version
23.s
Date
Mon, 11 Nov 2019 14:51:40 GMT
Server
Varnish
Connection
keep-alive
Content-Length
0
X-Varnish
380630963
Compressed_Header_written_in_registry-300x25.png
blogs.quickheal.com/wp-content/uploads/2013/08/
Redirect Chain
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Compressed_Header_written_in_registry-300x25.png
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Compressed_Header_written_in_registry-300x25.png
13 KB
13 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2013/08/Compressed_Header_written_in_registry-300x25.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
a180681ff6a2060c2f3a9eae8d5a47e46d2d4c6d314de270d5c23a48bcfe7d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Mon, 11 Nov 2019 14:51:41 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Dec 2013 21:16:52 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
0
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
13428
x-xss-protection
1; mode=block

Redirect headers

Location
https://blogs.quickheal.com/wp-content/uploads/2013/08/Compressed_Header_written_in_registry-300x25.png
X-Version
23.s
Date
Mon, 11 Nov 2019 14:51:40 GMT
Server
Varnish
Connection
keep-alive
Content-Length
0
X-Varnish
317270081
Decompressed_Header_from_registry-300x40.png
blogs.quickheal.com/wp-content/uploads/2013/08/
Redirect Chain
  • http://blogs.quickheal.com/wp-content/uploads/2013/08/Decompressed_Header_from_registry-300x40.png
  • https://blogs.quickheal.com/wp-content/uploads/2013/08/Decompressed_Header_from_registry-300x40.png
21 KB
22 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2013/08/Decompressed_Header_from_registry-300x40.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
5ebd5d10dc86d485ab666014123fb0b87f1ea104c4297c87f966c5463916f00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Mon, 11 Nov 2019 14:51:41 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Dec 2013 21:17:30 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
0
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
21936
x-xss-protection
1; mode=block

Redirect headers

Location
https://blogs.quickheal.com/wp-content/uploads/2013/08/Decompressed_Header_from_registry-300x40.png
X-Version
23.s
Date
Mon, 11 Nov 2019 14:51:40 GMT
Server
Varnish
Connection
keep-alive
Content-Length
0
X-Varnish
483920451
bajarang-120x150.jpg
blogs.quickheal.com/wp-content/uploads/2016/04/
6 KB
6 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2016/04/bajarang-120x150.jpg
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
c028c09454526a4bf084d06384c16cafca6225b045d7ff6d60d495ce513a0d3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Wed, 06 Nov 2019 16:39:28 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Apr 2016 12:00:00 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
752973
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
5994
x-xss-protection
1; mode=block
noimage-small.png
blogs.quickheal.com/wp-content/themes/mh_cicero/images/
1015 B
1 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/images/noimage-small.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
fd09ab4eec55a10a86eef53501e719fb62d82737dbabc24a9f8bb2db16f423eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Wed, 06 Nov 2019 03:00:18 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Mar 2016 07:49:04 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
536752
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
1015
x-xss-protection
1; mode=block
securimage_show.php
blogs.quickheal.com/wp-content/plugins/si-captcha-for-wordpress/captcha/
5 KB
6 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/plugins/si-captcha-for-wordpress/captcha/securimage_show.php?si_form_id=com&prefix=ScZwloW3M34psmpX
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www / PHP/5.5.30
Resource Hash
42e5169e22831fdc8da595aa46ec93d76bbb007831953f76cf7dda195e7af419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
1.30
date
Mon, 11 Nov 2019 14:51:40 GMT
x-content-type-options
nosniff
age
0
x-powered-by
PHP/5.5.30
status
200
content-length
5465
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 11 Nov 2019 14:51:40GMT
server
v/6.2.3/6.2.0/v4mia1-www
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
expires
Mon, 26 Jul 1997 05:00:00 GMT
refresh.png
blogs.quickheal.com/wp-content/plugins/si-captcha-for-wordpress/captcha/images/
1 KB
1 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/plugins/si-captcha-for-wordpress/captcha/images/refresh.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
7efa72f5d3878a1f7145d552d8d2186bac3942fce7b3d7e3a51550c3bc9ab3cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 May 2015 10:55:15 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
544572
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
1106
x-xss-protection
1; mode=block
Google-Chrome_Update-now-80x81.png
blogs.quickheal.com/wp-content/uploads/2019/11/
5 KB
5 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2019/11/Google-Chrome_Update-now-80x81.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
e42f6441d735d8ebbc4d6009f76a6fadcb923e34f6059b8c59ac1e2ec2d02d20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Wed, 06 Nov 2019 16:54:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Nov 2019 10:37:36 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
424874
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
4613
x-xss-protection
1; mode=block
Bluekeep-attack-2-80x81.jpg
blogs.quickheal.com/wp-content/uploads/2019/11/
3 KB
3 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2019/11/Bluekeep-attack-2-80x81.jpg
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
5e3a47705883761a075db715a81bc12b784c0b3242059a08a02eda84ef258292
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Mon, 11 Nov 2019 12:31:30 GMT
x-content-type-options
nosniff
last-modified
Fri, 08 Nov 2019 09:50:03 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
11126
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
2756
x-xss-protection
1; mode=block
Blog_Post-80x81.png
blogs.quickheal.com/wp-content/uploads/2019/09/
11 KB
11 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2019/09/Blog_Post-80x81.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
b8cb0a599ce2ad66f799a2bbe0e84ee58a4524b3dfd9ec1de9d98921d6115dae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Wed, 06 Nov 2019 00:59:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 09 Sep 2019 11:50:10 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
543120
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
10866
x-xss-protection
1; mode=block
Bluekeep-attack-2-81x80.jpg
blogs.quickheal.com/wp-content/uploads/2019/11/
3 KB
3 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2019/11/Bluekeep-attack-2-81x80.jpg
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
bf66bff86dda7bff436bf4807f40a8436028bab3bcde1fd39ccd6d9e67f43f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Mon, 11 Nov 2019 12:11:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 11 Nov 2019 11:45:55 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
10797
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
2948
x-xss-protection
1; mode=block
Google-Chrome_Update-now-81x80.png
blogs.quickheal.com/wp-content/uploads/2019/11/
5 KB
5 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2019/11/Google-Chrome_Update-now-81x80.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
ba450b7e7a66d790364d5d36735278f60100a244094f2ff905d8a764babf5369
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Mon, 11 Nov 2019 11:00:39 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Nov 2019 10:41:02 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
14586
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
5260
x-xss-protection
1; mode=block
KKNPP-81x80.jpg
blogs.quickheal.com/wp-content/uploads/2019/11/
2 KB
2 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2019/11/KKNPP-81x80.jpg
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
012db38a4ce66b417351e0a170293d2ae5758d7ec1b269eb12d563d1b7bf425c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Mon, 11 Nov 2019 06:47:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Nov 2019 06:12:04 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
31157
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
2285
x-xss-protection
1; mode=block
SK_Photo12-80x81.jpg
blogs.quickheal.com/wp-content/uploads/2016/04/
3 KB
3 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2016/04/SK_Photo12-80x81.jpg
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
06ae3e94b415d410ff333f9e6bb2a39d0c8b00f3e9a2be1b1d64281abc183fcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Wed, 06 Nov 2019 02:58:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Apr 2016 11:01:10 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
543120
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
2678
x-xss-protection
1; mode=block
sushmita-80x81.jpg
blogs.quickheal.com/wp-content/uploads/2018/09/
2 KB
2 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/uploads/2018/09/sushmita-80x81.jpg
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
eb2941f84979ccd0bbe36c5a42686ccbca956fc89d8dec5ca191c5d7362e28d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Wed, 06 Nov 2019 02:58:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Sep 2018 12:52:40 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
543605
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
2092
x-xss-protection
1; mode=block
si_captcha.js
blogs.quickheal.com/wp-content/plugins/si-captcha-for-wordpress/captcha/
685 B
960 B
Script
General
Full URL
https://blogs.quickheal.com/wp-content/plugins/si-captcha-for-wordpress/captcha/si_captcha.js?ver=1.0
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
c52d8ecaada50da7a9739ca285872b431fad51042eccf398e2c2ecad8013880b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 May 2015 10:55:15 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
541009
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
685
x-xss-protection
1; mode=block
slickQuiz.css
blogs.quickheal.com/wp-content/plugins/slickquiz/slickquiz/css/
908 B
1 KB
Stylesheet
General
Full URL
https://blogs.quickheal.com/wp-content/plugins/slickquiz/slickquiz/css/slickQuiz.css?ver=4.8.3
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
48d1d7078b27223c895b4a9604916429879cc4e00e3a8772d64c76aa406711f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Jan 2017 07:41:05 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
544588
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
908
x-xss-protection
1; mode=block
front.css
blogs.quickheal.com/wp-content/plugins/slickquiz/css/
3 KB
4 KB
Stylesheet
General
Full URL
https://blogs.quickheal.com/wp-content/plugins/slickquiz/css/front.css?ver=4.8.3
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
0f8a76154e9d4d4f95724c6fa01caa18d4511ad594363004e03055859da90ccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 Mar 2017 09:07:15 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
543370
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
3421
x-xss-protection
1; mode=block
comment-reply.min.js
blogs.quickheal.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://blogs.quickheal.com/wp-includes/js/comment-reply.min.js?ver=4.8.3
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 19 Nov 2015 06:45:28 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
543123
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
1078
x-xss-protection
1; mode=block
sassy-social-share-public.js
blogs.quickheal.com/wp-content/plugins/sassy-social-share/public/js/
45 KB
45 KB
Script
General
Full URL
https://blogs.quickheal.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.1.10
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
86bb773770347257179bdd98683530f8ecc9faf0cacaf1253a6b3ec5576973e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:53 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Apr 2018 07:25:47 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
543370
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
45640
x-xss-protection
1; mode=block
wp-embed.min.js
blogs.quickheal.com/wp-includes/js/
1 KB
2 KB
Script
General
Full URL
https://blogs.quickheal.com/wp-includes/js/wp-embed.min.js?ver=4.8.3
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 08 Nov 2017 06:39:10 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
540355
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
1398
x-xss-protection
1; mode=block
form.js
blogs.quickheal.com/wp-content/plugins/akismet/_inc/
700 B
975 B
Script
General
Full URL
https://blogs.quickheal.com/wp-content/plugins/akismet/_inc/form.js?ver=4.0.8
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Jul 2018 10:15:37 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
544572
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
700
x-xss-protection
1; mode=block
slickQuiz.js
blogs.quickheal.com/wp-content/plugins/slickquiz/slickquiz/js/
37 KB
38 KB
Script
General
Full URL
https://blogs.quickheal.com/wp-content/plugins/slickquiz/slickquiz/js/slickQuiz.js?ver=4.8.3
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
5ac7017782855b44f36da92da024c5de980002bd06ca9c94dc631e8c26e9b57c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Jan 2017 07:41:24 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
543368
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
38279
x-xss-protection
1; mode=block
widgets.js
platform.twitter.com/
95 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js?ver=4.8.3
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A4) /
Resource Hash
f5b5ac5fdb8870504505be0a9522061f905e5c1b25a927f877303785129cb3f9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 11 Nov 2019 14:51:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Oct 2019 23:03:20 GMT
Server
ECS (fcn/41A4)
Etag
"dbb5834a50c19a7a8e3ad3ae8f1c1329+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28705
admin-ajax.php
blogs.quickheal.com/wp-admin/
41 B
463 B
XHR
General
Full URL
https://blogs.quickheal.com/wp-admin/admin-ajax.php
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www / PHP/5.5.30
Resource Hash
2c9fbdf4345e96b2c776b92761c500a520347ace485f19ec8131f1b938a73799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-version
1.30
date
Mon, 11 Nov 2019 14:51:40 GMT
x-content-type-options
nosniff
age
0
x-powered-by
PHP/5.5.30
status
200
content-length
41
x-xss-protection
1; mode=block
accept-ranges
bytes
server
v/6.2.3/6.2.0/v4mia1-www
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://blogs.quickheal.com
cache-control
no-cache, must-revalidate, max-age=0
x-server
v/6.2.3/v4mia1-https
access-control-allow-credentials
true
x-robots-tag
noindex
expires
Mon, 11 Nov 2019 14:51:40 GMT
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1082
date
Mon, 11 Nov 2019 14:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Mon, 11 Nov 2019 16:33:37 GMT
home-menu.png
blogs.quickheal.com/wp-content/themes/mh_cicero/images/
1 KB
1 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/images/home-menu.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
fc1aa11cc7fa74d9ea88dc49ac8769a4f5fa0a1415f972fac10e61e7ed23f213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/style.css?ver=1.0.72
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Wed, 06 Nov 2019 02:58:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 May 2015 07:19:43 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
533025
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
1169
x-xss-protection
1; mode=block
truncated
/
302 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
682 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
425 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54c9560cb0117d8d1f955aefe0f88b843517964e118512d8f1a224a8a9b662f4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
436 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2662e0eef0f270830358bb255f079f695da71794ecbe8ba0825200862d8e9746

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
327 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d31374e862fe63f0cfabb3f4cebf0723e3ee46c70589a8576daa1643cebdd651

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
NotoSans.woff
blogs.quickheal.com/wp-content/themes/mh_cicero/fonts/
216 KB
216 KB
Font
General
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/fonts/NotoSans.woff
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
4c18e3eba036f6f3bd81c06f1b034cfaeb01672589535ef00eaa05fb701d269d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/style.css?ver=1.0.72
Origin
https://blogs.quickheal.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
1.30
date
Mon, 11 Nov 2019 14:51:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jun 2015 07:32:24 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
0
x-frame-options
SAMEORIGIN
content-type
text/plain
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
221000
x-xss-protection
1; mode=block
searchIcon.png
blogs.quickheal.com/wp-content/themes/mh_cicero/images/background/
1 KB
1 KB
Image
General
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/images/background/searchIcon.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.172.247 , United States, ASN40009 (BITGRAVITY - BitGravity, Inc., US),
Reverse DNS
unknown.mia1.bitgravity.com
Software
v/6.2.3/6.2.0/v4mia1-www /
Resource Hash
5c6e50d63a5c993134f11c22e25569c6c52abfba8c8fb729fe4dec27d2df318e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/style.css?ver=1.0.72
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
23.s
date
Tue, 05 Nov 2019 14:38:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Dec 2015 09:34:32 GMT
server
v/6.2.3/6.2.0/v4mia1-www
age
542104
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-server
v/6.2.3/v4mia1-https
accept-ranges
bytes
content-length
1180
x-xss-protection
1; mode=block
fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/
64 KB
64 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Sec-Fetch-Mode
cors
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Origin
https://blogs.quickheal.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 Nov 2019 14:51:39 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:44 GMT
status
200
etag
"1544639744"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
65464
collect
www.google-analytics.com/r/
35 B
110 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=521763111&t=pageview&_s=1&dl=https%3A%2F%2Fblogs.quickheal.com%2Fworm-gamarue-what-it-is-and-how-does-it-evolve%2F&ul=en-us&de=UTF-8&dt=Worm.Gamarue%20%E2%80%93%20What%20it%20is%20and%20How%20does%20it%20Evolve%3F&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=41965934&gjid=658507125&cid=678179392.1573483900&tid=UA-2934888-6&_gid=619684491.1573483900&_r=1&z=252426810
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Nov 2019 14:51:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html
platform.twitter.com/widgets/ Frame 8430
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html?origin=https%3A%2F%2Fblogs.quickheal.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=4.8.3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4185) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Nov 2019 14:51:39 GMT
Etag
"7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified
Tue, 22 Oct 2019 22:27:25 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/4185)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5816

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| heateorSssLoadEvent string| heateorSssSharingAjaxUrl string| heateorSssCloseIconPath string| heateorSssPluginIconPath number| heateorSssHorizontalSharingCountEnable number| heateorSssVerticalSharingCountEnable number| heateorSssSharingOffset number| heateorSssMobileStickySharingEnabled string| heateorSssCopyLinkMessage object| heateorSssUrlCountFetched string| heateorSssSharesText string| heateorSssShareText function| heateorSssPopup object| _wpemojiSettings undefined| $ function| jQuery object| twemoji object| wp object| html5 object| Modernizr function| yepnope object| jQuery112406774281288355812 number| sampling_active number| sampling_rate boolean| do_request undefined| num object| xhr string| url string| params string| GoogleAnalyticsObject function| ga string| subbox_text function| subscribeSubmit object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| si_captcha_refresh object| addComment function| heateorSssCallAjax function| heateorSssGetScript function| heateorSssMoreSharingPopup function| heateorSssFilterSharing object| heateorSssFacebookTargetUrls function| heateorSssGetSharingCounts function| heateorSssFetchFacebookShares function| heateorSssFBShareJSONCall function| heateorSssSaveFacebookShares function| heateorSssCalculateApproxCount function| heateorSssCalculateActualCount function| heateorSssCapitaliseFirstLetter function| heateorSssHideSharing object| __twttrll object| twttr object| __twttr object| data object| ak_js object| commentForm undefined| replyRowContainer undefined| children

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://blogs.quickheal.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://blogs.quickheal.com/worm-gamarue-what-it-is-and-how-does-it-evolve/(Line 171)
Message:
WPP: OK. Execution time: 0.001794 seconds

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogs.quickheal.com
fonts.googleapis.com
maxcdn.bootstrapcdn.com
platform.twitter.com
www.google-analytics.com
2001:4de0:ac19::1:b:3a
2001:4de0:ac19::1:b:3b
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:808::200e
2a00:1450:4001:820::200a
64.185.172.247
012db38a4ce66b417351e0a170293d2ae5758d7ec1b269eb12d563d1b7bf425c
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
062c8ed28d516be6a5d2cd7481aad8d19a0352ebc89899982a7622c50464c851
06ae3e94b415d410ff333f9e6bb2a39d0c8b00f3e9a2be1b1d64281abc183fcc
0f8a76154e9d4d4f95724c6fa01caa18d4511ad594363004e03055859da90ccf
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
1bcee1b4d83dac08181855b025b990b8ed2653996d066ef2ac79cd947f5d268e
2662e0eef0f270830358bb255f079f695da71794ecbe8ba0825200862d8e9746
2b6959ed660424d5c0cece11232fc99cf6283ed5a0d5eaecc1b29caa184366a9
2c9fbdf4345e96b2c776b92761c500a520347ace485f19ec8131f1b938a73799
369d2496911a9b267a3e0427de908dad8cf37e7f9791b3c4771aebe19723219a
42e5169e22831fdc8da595aa46ec93d76bbb007831953f76cf7dda195e7af419
48d1d7078b27223c895b4a9604916429879cc4e00e3a8772d64c76aa406711f6
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b16e447848003da30ba414981d5c7aec83ad96ad3b727bad7d8567b7ce8802f
4c18e3eba036f6f3bd81c06f1b034cfaeb01672589535ef00eaa05fb701d269d
54c9560cb0117d8d1f955aefe0f88b843517964e118512d8f1a224a8a9b662f4
5ac7017782855b44f36da92da024c5de980002bd06ca9c94dc631e8c26e9b57c
5c6e50d63a5c993134f11c22e25569c6c52abfba8c8fb729fe4dec27d2df318e
5e3a47705883761a075db715a81bc12b784c0b3242059a08a02eda84ef258292
5ebd5d10dc86d485ab666014123fb0b87f1ea104c4297c87f966c5463916f00e
69df84d1b3a6b31710699e319f32ee688d2adcb53342ea8106f963e6ff531b38
6d3867887b5d65b2721db12ddea4ebbb79179adf475a1c7f091123ad11dece09
7efa72f5d3878a1f7145d552d8d2186bac3942fce7b3d7e3a51550c3bc9ab3cb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86bb773770347257179bdd98683530f8ecc9faf0cacaf1253a6b3ec5576973e8
a180681ff6a2060c2f3a9eae8d5a47e46d2d4c6d314de270d5c23a48bcfe7d99
a26610680f925733a4d8aa0f4a6d407af846968a4ddf270e0ffce4c2e8aa266b
b3c13b818202b779e84d71479d4f4aa62a108a59fdb50374f8247715bb99fc9f
b8cb0a599ce2ad66f799a2bbe0e84ee58a4524b3dfd9ec1de9d98921d6115dae
b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed
ba450b7e7a66d790364d5d36735278f60100a244094f2ff905d8a764babf5369
bf66bff86dda7bff436bf4807f40a8436028bab3bcde1fd39ccd6d9e67f43f04
c028c09454526a4bf084d06384c16cafca6225b045d7ff6d60d495ce513a0d3a
c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7
c52d8ecaada50da7a9739ca285872b431fad51042eccf398e2c2ecad8013880b
d31374e862fe63f0cfabb3f4cebf0723e3ee46c70589a8576daa1643cebdd651
d8f6df69c95f772b3286959d0e491e3c08aab53abcf037a871cb4bf306d5c156
d938a2c3c0ac63ef11b130b1edeb91d94e6a863252baad206c626ecaddfcc4dd
d9975f28cafef89b777e9619c8592f395a5e83fbdce6e073e7bee3c1bc42a155
da83530ac61a48338aa2bb88ad594c1a43a702c951beeb1fc5c63c077bc2d8e0
dba6b80aceb1267fd1ed564e08a983730d272813e9b3aff85dc365c65333dd66
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e42f6441d735d8ebbc4d6009f76a6fadcb923e34f6059b8c59ac1e2ec2d02d20
e9e31cdd510128893f9fc14169e13e8918b4723f0d68f535bf60b425b00c79e2
eb2941f84979ccd0bbe36c5a42686ccbca956fc89d8dec5ca191c5d7362e28d8
ec9e533468bbc524beb33f6306a8ac0d4c928d4d91608d4fa01e778715c30087
f5b5ac5fdb8870504505be0a9522061f905e5c1b25a927f877303785129cb3f9
f7875d0fd49c04946d32368342effbdaf4913c01323373801f54372656f76061
f9b37ce36e47467ecc057d56167ecef6235a8da1d29f012b1b39991a8d449b4f
fad1ebb29fd1405aa7b025ad8148a21b22d48a208bdd87e2572b0a0018358656
fc1aa11cc7fa74d9ea88dc49ac8769a4f5fa0a1415f972fac10e61e7ed23f213
fc3898e6df62f71644c03cfa25e727e52b2b0c27f66da401d9506328c91cf2fe
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fd09ab4eec55a10a86eef53501e719fb62d82737dbabc24a9f8bb2db16f423eb