Submitted URL: http://links.signaltechnet.com/ctt?kn=9&ms=MjcyMTk0OQS2&r=MTgzNDQ1OTA0NDAyS0&b=0&j=MTA4MDE3OTExNgS2&mt=1&rt=0
Effective URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Submission: On September 17 via api from US

Summary

This website contacted 32 IPs in 8 countries across 34 domains to perform 81 HTTP transactions. The main IP is 185.85.15.47, located in Russian Federation and belongs to KL-EXT, RU. The main domain is www.kaspersky.com.
TLS certificate: Issued by Thawte RSA CA 2018 on March 19th 2019. Valid for: a year.
This is the only time www.kaspersky.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 108.168.255.74 36351 (SOFTLAYER)
1 1 100.25.236.219 14618 (AMAZON-AES)
1 1 34.235.85.87 14618 (AMAZON-AES)
6 185.85.15.47 200107 (KL-EXT)
15 2600:9000:205... 16509 (AMAZON-02)
1 104.16.94.80 13335 (CLOUDFLAR...)
2 104.111.252.27 16625 (AKAMAI-AS)
10 2600:9000:205... 16509 (AMAZON-02)
1 52.218.56.120 16509 (AMAZON-02)
1 185.85.15.23 200107 (KL-EXT)
1 143.204.208.175 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f02... 32934 (FACEBOOK)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 52.212.90.74 16509 (AMAZON-02)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 2a05:f500:10:... 14413 (LINKEDIN)
1 151.101.113.140 54113 (FASTLY)
1 104.16.225.72 13335 (CLOUDFLAR...)
1 3.248.160.221 16509 (AMAZON-02)
2 66.117.29.226 15224 (OMNITURE)
1 1 66.117.28.86 15224 (OMNITURE)
4 2a03:2880:f12... 32934 (FACEBOOK)
1 104.103.102.114 16625 (AKAMAI-AS)
1 143.204.214.35 16509 (AMAZON-02)
1 143.204.207.113 16509 (AMAZON-02)
3 3 104.111.215.249 16625 (AKAMAI-AS)
2 3 37.252.172.249 29990 (ASN-APPNEXUS)
1 3.248.25.27 16509 (AMAZON-02)
1 1 35.227.248.159 15169 (GOOGLE)
6 9 18.184.89.106 16509 (AMAZON-02)
1 147.75.102.200 54825 (PACKET)
1 2 172.217.21.198 15169 (GOOGLE)
1 99.81.228.121 16509 (AMAZON-02)
2 185.31.128.129 54312 (ROCKETFUEL)
81 32
Apex Domain
Subdomains
Transfer
25 kasperskydaily.com
assets.kasperskydaily.com
media.kasperskydaily.com
921 KB
10 myvisualiq.net
vt.myvisualiq.net
t.myvisualiq.net
9 KB
7 kaspersky.com
www.kaspersky.com
media.kaspersky.com
110 KB
6 facebook.com
graph.facebook.com
www.facebook.com
staticxx.facebook.com
899 B
5 facebook.net
connect.facebook.net
177 KB
4 demdex.net
dpm.demdex.net
kaspersky.demdex.net
3 KB
3 adnxs.com
ib.adnxs.com
3 KB
3 tribalfusion.com
s.tribalfusion.com
a.tribalfusion.com
1 KB
2 rfihub.com
a.rfihub.com
20730592p.rfihub.com
634 B
2 doubleclick.net
ad.doubleclick.net
1 KB
2 adsrvr.org
js.adsrvr.org
insight.adsrvr.org
2 KB
2 omtrdc.net
kaspersky.d3.sc.omtrdc.net
1 KB
2 pingdom.net
rum-static.pingdom.net
rum-collector-2.pingdom.net
3 KB
2 googletagmanager.com
www.googletagmanager.com
106 KB
2 maxymiser.net
service.maxymiser.net
7 KB
1 exelator.com
loadus.exelator.com
124 B
1 tapad.com
tapestry.tapad.com
465 B
1 rfihub.net
c1.rfihub.net
7 KB
1 everesttech.net
cm.everesttech.net
527 B
1 algolia.com
hn.algolia.com
975 B
1 reddit.com
www.reddit.com
1 KB
1 linkedin.com
www.linkedin.com
px.ads.linkedin.com Failed
1 bizographics.com
sjs.bizographics.com
5 KB
1 google-analytics.com
www.google-analytics.com
17 KB
1 cloudfront.net
d1xnn692s7u6t6.cloudfront.net
5 KB
1 amazonaws.com
analytics-scripts.s3-eu-west-1.amazonaws.com
6 KB
1 marketo.com
app-sj06.marketo.com
58 KB
1 ziffdavisb2b.com
p.ziffdavisb2b.com
534 B
1 revenu8.com
c360.revenu8.com
280 B
1 signaltechnet.com
links.signaltechnet.com
415 B
0 xg4ken.com Failed
resources.xg4ken.com Failed
0 bing.com Failed
bat.bing.com Failed
0 google.de Failed
www.google.de Failed
0 google.com Failed
www.google.com Failed
81 34
Domain Requested by
15 assets.kasperskydaily.com www.kaspersky.com
assets.kasperskydaily.com
10 media.kasperskydaily.com www.kaspersky.com
9 t.myvisualiq.net 6 redirects
6 www.kaspersky.com www.kaspersky.com
5 connect.facebook.net www.kaspersky.com
connect.facebook.net
4 www.facebook.com www.kaspersky.com
connect.facebook.net
3 ib.adnxs.com 2 redirects
3 dpm.demdex.net 1 redirects media.kaspersky.com
www.kaspersky.com
2 ad.doubleclick.net 1 redirects
2 s.tribalfusion.com 2 redirects
2 kaspersky.d3.sc.omtrdc.net media.kaspersky.com
www.kaspersky.com
2 www.googletagmanager.com www.kaspersky.com
www.googletagmanager.com
2 service.maxymiser.net www.kaspersky.com
service.maxymiser.net
1 20730592p.rfihub.com c1.rfihub.net
1 a.rfihub.com c1.rfihub.net
1 insight.adsrvr.org js.adsrvr.org
1 loadus.exelator.com
1 tapestry.tapad.com 1 redirects
1 rum-collector-2.pingdom.net rum-static.pingdom.net
1 a.tribalfusion.com 1 redirects
1 js.adsrvr.org www.googletagmanager.com
1 vt.myvisualiq.net www.googletagmanager.com
1 c1.rfihub.net www.kaspersky.com
1 staticxx.facebook.com connect.facebook.net
1 cm.everesttech.net 1 redirects
1 kaspersky.demdex.net media.kaspersky.com
1 hn.algolia.com www.kaspersky.com
1 www.reddit.com www.kaspersky.com
1 www.linkedin.com www.kaspersky.com
1 graph.facebook.com www.kaspersky.com
1 sjs.bizographics.com www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 rum-static.pingdom.net www.kaspersky.com
1 d1xnn692s7u6t6.cloudfront.net www.kaspersky.com
1 media.kaspersky.com www.kaspersky.com
1 analytics-scripts.s3-eu-west-1.amazonaws.com www.kaspersky.com
1 app-sj06.marketo.com www.kaspersky.com
1 p.ziffdavisb2b.com 1 redirects
1 c360.revenu8.com 1 redirects
1 links.signaltechnet.com 1 redirects
0 resources.xg4ken.com Failed www.kaspersky.com
0 bat.bing.com Failed www.kaspersky.com
0 px.ads.linkedin.com Failed sjs.bizographics.com
0 www.google.de Failed www.kaspersky.com
0 www.google.com Failed www.kaspersky.com
81 45
Subject Issuer Validity Valid
www.kaspersky.com
Thawte RSA CA 2018
2019-03-19 -
2020-04-10
a year crt.sh
media.kasperskydaily.com
Amazon
2019-06-28 -
2020-07-28
a year crt.sh
app-sj06.marketo.com
CloudFlare Inc ECC CA-2
2019-02-21 -
2020-02-21
a year crt.sh
*.maxymiser.net
DigiCert SHA2 Secure Server CA
2019-01-15 -
2020-04-15
a year crt.sh
*.s3-eu-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2
2018-11-08 -
2019-11-06
a year crt.sh
media.kaspersky.com
Thawte RSA CA 2018
2019-06-11 -
2020-06-10
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-08-24 -
2019-10-19
2 months crt.sh
*.pingdom.net
DigiCert SHA2 High Assurance Server CA
2018-11-19 -
2019-12-16
a year crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA
2018-01-09 -
2021-02-12
3 years crt.sh
js.bizographics.com
DigiCert SHA2 Secure Server CA
2018-04-13 -
2020-04-17
2 years crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2018-05-30 -
2020-09-01
2 years crt.sh
*.reddit.com
DigiCert SHA2 Secure Server CA
2018-08-17 -
2020-09-02
2 years crt.sh
algolia.com
CloudFlare Inc ECC CA-2
2019-01-17 -
2020-01-17
a year crt.sh
*.d3.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA
2019-04-23 -
2020-04-14
a year crt.sh
*.rfihub.net
DigiCert SHA2 Secure Server CA
2019-01-25 -
2020-04-25
a year crt.sh
*.myvisualiq.net
Amazon
2018-12-12 -
2020-01-12
a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1
2019-03-07 -
2021-04-19
2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
t.myvisualiq.net
COMODO RSA Domain Validation Secure Server CA
2017-07-05 -
2020-07-28
3 years crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2
2019-05-17 -
2021-06-25
2 years crt.sh
*.doubleclick.net
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months crt.sh
*.rfihub.com
DigiCert SHA2 Secure Server CA
2019-08-27 -
2020-08-31
a year crt.sh

This page contains 6 frames:

Primary Page: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Frame ID: 18DD10FA411112C4168613962D2D59C1
Requests: 76 HTTP requests in this frame

Frame: https://kaspersky.demdex.net/dest5.html?d_nsid=0
Frame ID: 34E48EB166F61368AAA2F6AACC081AF7
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 86A62E3793BAF49103FAA93699093F6A
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3flza28&ref=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE&upid=5jbt2zb&upv=1.1.0
Frame ID: A9D29C804055F0B4B00D0411FA2D1529
Requests: 1 HTTP requests in this frame

Frame: https://20730592p.rfihub.com/ca.html?rfiidc=1582804165409402715&rfiaid=ef09f930775149338bfaf2b0a4c0b690&ver=9&rb=20707&ca=20730592&pe=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE&pf=&ra=1641268522028878
Frame ID: 56E4083BFCB1FA498994D2F1C137464C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 37565F479A5326B4FC4BA0A81A0A4993
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://links.signaltechnet.com/ctt?kn=9&ms=MjcyMTk0OQS2&r=MTgzNDQ1OTA0NDAyS0&b=0&j=MTA4MDE3OTExNgS2&mt=1&rt=0 HTTP 302
    https://c360.revenu8.com/clicks?action=click&property=RIQ&channel=newsletter&campaign_id=RIQ-031SCL-1... HTTP 303
    https://p.ziffdavisb2b.com/clicks?action=click&property=RIQ&channel=newsletter&campaign_id=RIQ-031SCL-1... HTTP 302
    https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

81
Requests

91 %
HTTPS

27 %
IPv6

34
Domains

45
Subdomains

32
IPs

8
Countries

1438 kB
Transfer

3546 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.signaltechnet.com/ctt?kn=9&ms=MjcyMTk0OQS2&r=MTgzNDQ1OTA0NDAyS0&b=0&j=MTA4MDE3OTExNgS2&mt=1&rt=0 HTTP 302
    https://c360.revenu8.com/clicks?action=click&property=RIQ&channel=newsletter&campaign_id=RIQ-031SCL-160919&esp=IBM%20Watson&exid=80&email_id=dale.zondlak@cmsenergy.com&redirect_url=https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE HTTP 303
    https://p.ziffdavisb2b.com/clicks?action=click&property=RIQ&channel=newsletter&campaign_id=RIQ-031SCL-160919&esp=IBM%20Watson&exid=80&email_id=dale.zondlak@cmsenergy.com&redirect_url=https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE HTTP 302
    https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=290036097&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE&dp=%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE&ul=en-us&de=UTF-8&dt=Top%204%20dangerous%20attachments%20in%20spam%20e-mails%20%7C%20Kaspersky%20official%20blog&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=2092269208&gjid=221360578&cid=2056159826.1568725820&tid=UA-63997723-2&_gid=733635809.1568725820&_r=1&gtm=2wg941WZ7LJ3&cd6=&cd7=&cd8=&cd9=&cd13=siteid%3DRIQSITE&cd37=0&cd40=0&cd16=2056159826.1568725820&z=2019686027 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63997723-2&cid=2056159826.1568725820&jid=2092269208&_gid=733635809.1568725820&gjid=221360578&_v=j79&z=2019686027 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63997723-2&cid=2056159826.1568725820&jid=2092269208&_v=j79&z=2019686027
Request Chain 37
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=290036097&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE&ul=en-us&de=UTF-8&dt=Top%204%20dangerous%20attachments%20in%20spam%20e-mails%20%7C%20Kaspersky%20official%20blog&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDACEABB~&jid=408225857&gjid=1884708083&cid=2056159826.1568725820&tid=UA-35676203-1&_gid=733635809.1568725820&_r=1&gtm=2wg941K974KNN&cd2=27147&cd3=2019-05-31&cd4=Tips&cd5=email%2C%20malicious%20attachments%2C%20spam%2C%20tips%2C%20WinRAR&cd6=spam&cd7=&cd1=Leonid%20Grustniy&z=477682690 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35676203-1&cid=2056159826.1568725820&jid=408225857&_gid=733635809.1568725820&gjid=1884708083&_v=j79&z=477682690 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-1&cid=2056159826.1568725820&jid=408225857&_v=j79&z=477682690
Request Chain 48
  • https://cm.everesttech.net/cm/dd?d_uuid=58106956871428546384165664644690711126 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XYDbOwAAFEtvAzx0
Request Chain 62
  • https://s.tribalfusion.com/i.cid?c=705083&ev=0&page=Global HTTP 302
  • https://s.tribalfusion.com/z/i.cid?c=705083&ev=0&page=Global HTTP 302
  • https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db26%26u%3D%24UID%26redirect%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D305%2526code%253D%2524TF_USER_ID_ENC%2524 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b26&u=6476465516730328384&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://ib.adnxs.com/setuid?entity=305&code=18072662391058255894
Request Chain 64
  • https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D HTTP 302
  • https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_801a9b41-d94c-11e9-9473-42834b516757
Request Chain 65
  • https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fprid%253DAOEPNR1%2526ao%253D0%2526pruuid%253D%2524%257BDD_UUID%257D%250A HTTP 302
  • https://t.myvisualiq.net/ul_cb/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fprid%253DAOEPNR1%2526ao%253D0%2526pruuid%253D%2524%257BDD_UUID%257D%250A HTTP 302
  • https://dpm.demdex.net/ibs:dpid=125310&dpuuid=b967600f-d8b2-4e8b-95b3-f67536d507a9&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_UUID%7D HTTP 302
  • https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=58106956871428546384165664644690711126
Request Chain 66
  • https://t.myvisualiq.net/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D HTTP 302
  • https://loadus.exelator.com/load/?p=204&g=1260&buid=0-7e1e2468-b9e8-42d3-8dd2-3c8f188f559f
Request Chain 67
  • https://t.myvisualiq.net/sync?prid=Test&ao=0&red=https%253A%252F%252Fad.doubleclick.net%252Fddm%252Ftrackimp%252FN408002.2426714VISUALIQ%252FB10122619.135787232%253Bdc_trk_aid%253D308320322%253Bdc_trk_cid%253D72964178%253Bsz%253D1x1%253Bu%253Dsiteid%25253DRIQSITE-https%25253A%25252F%25252Fwww.kaspersky.com%25252Fblog%25252Ftop4-dangerous-attachments-2019%25252F27147%25252F%25253Fsiteid%25253DRIQSITE%7CVIQ_%24%7BUUID%7D%7C%3Bord%3D5472172 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122619.135787232;dc_trk_aid=308320322;dc_trk_cid=72964178;sz=1x1;u=siteid%3DRIQSITE-https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE%7CVIQ_0-81e7221a-1831-4120-817f-d0e7b636a1fa%7C;ord=5472172 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122619.135787232;dc_pre=CJWUjYr31-QCFVgr4AodH28Evg;dc_trk_aid=308320322;dc_trk_cid=72964178;sz=1x1;u=siteid%3DRIQSITE-https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE%7CVIQ_0-81e7221a-1831-4120-817f-d0e7b636a1fa%7C;ord=5472172
Request Chain 69
  • https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D238727726635232%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D HTTP 302
  • https://t.myvisualiq.net/ul_cb/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D238727726635232%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D HTTP 302
  • https://www.facebook.com/tr?id=238727726635232&ev=PageView&cd[order_id]=b967600f-d8b2-4e8b-95b3-f67536d507a9

81 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/
Redirect Chain
  • http://links.signaltechnet.com/ctt?kn=9&ms=MjcyMTk0OQS2&r=MTgzNDQ1OTA0NDAyS0&b=0&j=MTA4MDE3OTExNgS2&mt=1&rt=0
  • https://c360.revenu8.com/clicks?action=click&property=RIQ&channel=newsletter&campaign_id=RIQ-031SCL-160919&esp=IBM%20Watson&exid=80&email_id=dale.zondlak@cmsenergy.com&redirect_url=https://www.kasp...
  • https://p.ziffdavisb2b.com/clicks?action=click&property=RIQ&channel=newsletter&campaign_id=RIQ-031SCL-160919&esp=IBM%20Watson&exid=80&email_id=dale.zondlak@cmsenergy.com&redirect_url=https://www.ka...
  • https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
107 KB
26 KB
Document
General
Full URL
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.85.15.47 , Russian Federation, ASN200107 (KL-EXT, RU),
Reverse DNS
Software
nginx /
Resource Hash
be3f65897da44ad09ea808e643ebfeabe954da9c1a282b807d0b6abc0b872906
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://*.3gl.net https://*.abmr.net https://*.demdex.net https://*.everesttech.net https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.com https://*.infogram.com https://*.kaspersky.com https://*.mail.ru https://*.marketlinc.com https://*.maxymiser.net https://*.mktoresp.com https://*.omtrdc.net https://*.optimizely.com https://*.pingdom.net https://*.reddit.com https://*.veinteractive.com https://*.yandex.ru https://*.youtube.com https://cdn.securelist.com https://hn.algolia.com https://kaspersky.admo.tv:9999 https://maxymiser.net https://media.kasperskydaily.com https://tagmanager.google.com https://www.kaspersky.com/blog https://www.opinionstage.com https://www.riddle.com https://www.tag4arm.com wss://kaspersky.admo.tv:9999; default-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://www.kaspersky.com/blog https://www.riddle.com; font-src 'self' data: https://*.cloudfront.net https://*.gstatic.com https://*.kaspersky.com https://*.maxymiser.net https://*.slideshare.net https://*.slidesharecdn.com https://*.wp.com https://assets.kasperskydaily.com https://cdn.securelist.com https://fonts.googleapis.com https://fonts.gstatic.com https://maxymiser.net https://media.kasperskydaily.com https://www.kaspersky.com/blog https://www.riddle.com; frame-src 'self' https://*.addthis.com https://*.adsrvr.org https://*.ampproject.net https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.infogram.com https://*.instagram.com https://*.kaspersky.com https://*.libsyn.com https://*.marketo.com https://*.maxymiser.net https://*.owneriq.net https://*.rfihub.com https://*.sharethis.com https://*.slideshare.net https://*.soundcloud.com https://*.twitter.com https://*.veinteractive.com https://*.wp.com https://*.youtube.com https://amuselabs.com https://cdn.knightlab.com https://cdn.securelist.com https://cyberstat.kaspersky.com https://infogram.com https://kaspersky.demdex.net https://maxymiser.net https://media.kasperskydaily.com https://pixel.mathtag.com https://player.vimeo.com https://s-static.ak.facebook.com https://servedby.flashtalking.com https://tagmanager.google.com https://www.brighttalk.com https://www.kaspersky.com https://www.kaspersky.com/blog https://www.opinionstage.com https://www.riddle.com; img-src 'self' data: http://*.cloudfront.net http://*.imgix.net http://*.ipinyou.com http://*.netdna-cdn.com http://*.wordpress.com http://*.wp.com http://i0.poll.fm https://*.addthis.com https://*.admixer.net https://*.adnxs.com https://*.adriver.ru https://*.advertising.com https://*.behe.com https://*.betweendigital.com https://*.bidswitch.net https://*.bing.com https://*.btrll.com https://*.casalemedia.com https://*.cloudfront.net https://*.crwdcntrl.net https://*.demdex.net https://*.digitaltarget.ru https://*.dotomi.com https://*.doubleclick.net https://*.everesttech.net https://*.exelator.com https://*.eyeota.net https://*.facebook.com https://*.google-analytics.com https://*.google.com https://*.gravatar.com https://*.gstatic.com https://*.imgix.net https://*.infogram.com https://*.instagram.com https://*.ipinyou.com https://*.kaspersky.com https://*.marketgid.com https://*.mathtag.com https://*.maxymiser.net https://*.myvisualiq.net https://*.netdna-cdn.com https://*.omtrdc.net https://*.openx.net https://*.owneriq.net https://*.postrelease.com https://*.pubmatic.com https://*.qq.com https://*.rubiconproject.com https://*.rutarget.ru https://*.sharethis.com https://*.staticflickr.com https://*.stickyadstv.com https://*.tanx.com https://*.tapad.com https://*.tradelab.fr https://*.tribalfusion.com https://*.twimg.com https://*.twitter.com https://*.undertone.com https://*.v12group.com https://*.veinteractive.com https://*.w55c.net https://*.wordpress.com https://*.wp.com https://*.yahoo.co.jp https://*.yandex.ru https://*.yieldlab.net https://*.youku.com https://ad.mail.ru https://addevent.com https://adm.shinobi.jp https://adsearch.adkontekst.pl https://assets.kasperskydaily.com https://bh.contextweb.com https://cdn.securelist.com https://ckm.aty.sohu.com https://cm.fastapi.net https://cm.pos.baidu.com https://cm.qtmojo.com https://csi.gstatic.com https://exelatesync.extend.tv https://geo.yahoo.com https://images.telechargement.fr https://inpagevideo.nl https://instagramimages-a.akamaihd.net https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://m.one.impact-ad.jp https://maps.googleapis.com https://maxymiser.net https://media.kasperskydaily.com https://pixel.quantserve.com https://pixel.s3xified.com https://player.vimeo.com https://polldaddy.com https://rum-collector.pingdom.net https://s.w.org https://s3.amazonaws.com https://scontent.cdninstagram.com https://ssl.socdm.com https://stats.g.doubleclick.net https://stats.seedr.com https://t.co https://tagmanager.google.com https://track.addevent.com https://ums.adtech.de https://vmg.host https://www.emjcd.com https://www.google.hr https://www.kaspersky.com/blog https://www.riddle.com https://www.tag4arm.com; media-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://www.kaspersky.com/blog https://www.riddle.com; object-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://player.vimeo.com https://polldaddy.com https://www.kaspersky.com/blog https://www.riddle.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.3gl.net https://*.addevent.com https://*.addthis.com https://*.adnxs.com https://*.adsrvr.org https://*.airpr.com https://*.ampproject.org https://*.bazaarvoice.com https://*.behe.com https://*.bizographics.com https://*.cloudfront.net https://*.crazyegg.com https://*.demdex.net https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.flickr.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.gravatar.com https://*.gstatic.com https://*.infogram.com https://*.instagram.com https://*.ipinyou.com https://*.kaspersky.com https://*.mail.ru https://*.marketlinc.com https://*.marketo.com https://*.marketo.net https://*.mathtag.com https://*.maxymiser.net https://*.myvisualiq.net https://*.optimizely.com https://*.owneriq.net https://*.polldaddy.com https://*.quantserve.com https://*.rfihub.com https://*.rfihub.net https://*.rutarget.ru https://*.salesforceliveagent.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.veinteractive.com https://*.volvelle.tech https://*.woopra.com https://*.wp.com https://*.yahoo.co.jp https://*.yandex.ru https://*.yimg.com https://*.yimg.jp https://adcdn.goo.ne.jp https://addthisevent.com https://analytics-scripts.s3-eu-west-1.amazonaws.com https://assets.adobedtm.com https://assets.kasperskydaily.com https://bwb101.goo.ne.jp https://cdn.onesignal.com https://cdn.securelist.com https://cdn.tradelab.fr https://cdn.trmit.com https://connect.facebook.net https://connect.mail.ru https://external-assets.loyaltybay.co.uk https://kaspersky.admo.tv https://kaspersky.d2.sc.omtrdc.net https://m.addthis.com https://m.addthisedge.com https://maxymiser.net https://media.kasperskydaily.com https://munchkin.marketo.net https://player.vimeo.com https://rum-static.pingdom.net https://s3.amazonaws.com https://share.yandex.ru/ https://sp.analytics.yahoo.com https://static.ads-twitter.com https://tagmanager.google.com https://vk.com https://www.addevent.com https://www.brighttalk.com https://www.flickr.com https://www.glancecdn.net https://www.googleadservices.com https://www.googletagmanager.com https://www.kaspersky.com/blog https://www.linkedin.com https://www.opinionstage.com https://www.riddle.com https://www.tag4arm.com; style-src 'self' 'unsafe-inline' https://*.cloudfront.net https://*.googleapis.com https://*.gravatar.com https://*.kaspersky.com https://*.marketo.com https://*.maxymiser.net https://*.securelist.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.wp.com https://assets.kasperskydaily.com https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://tagmanager.google.com https://www.kaspersky.com/blog https://www.riddle.com; worker-src 'self' blob: data: file: filesystem: https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://www.kaspersky.com/blog https://www.riddle.com unsafe-eval unsafe-inline
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.kaspersky.com
:scheme
https
:path
/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx
date
Tue, 17 Sep 2019 13:10:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
content-security-policy
connect-src 'self' https://*.3gl.net https://*.abmr.net https://*.demdex.net https://*.everesttech.net https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.com https://*.infogram.com https://*.kaspersky.com https://*.mail.ru https://*.marketlinc.com https://*.maxymiser.net https://*.mktoresp.com https://*.omtrdc.net https://*.optimizely.com https://*.pingdom.net https://*.reddit.com https://*.veinteractive.com https://*.yandex.ru https://*.youtube.com https://cdn.securelist.com https://hn.algolia.com https://kaspersky.admo.tv:9999 https://maxymiser.net https://media.kasperskydaily.com https://tagmanager.google.com https://www.kaspersky.com/blog https://www.opinionstage.com https://www.riddle.com https://www.tag4arm.com wss://kaspersky.admo.tv:9999; default-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://www.kaspersky.com/blog https://www.riddle.com; font-src 'self' data: https://*.cloudfront.net https://*.gstatic.com https://*.kaspersky.com https://*.maxymiser.net https://*.slideshare.net https://*.slidesharecdn.com https://*.wp.com https://assets.kasperskydaily.com https://cdn.securelist.com https://fonts.googleapis.com https://fonts.gstatic.com https://maxymiser.net https://media.kasperskydaily.com https://www.kaspersky.com/blog https://www.riddle.com; frame-src 'self' https://*.addthis.com https://*.adsrvr.org https://*.ampproject.net https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.infogram.com https://*.instagram.com https://*.kaspersky.com https://*.libsyn.com https://*.marketo.com https://*.maxymiser.net https://*.owneriq.net https://*.rfihub.com https://*.sharethis.com https://*.slideshare.net https://*.soundcloud.com https://*.twitter.com https://*.veinteractive.com https://*.wp.com https://*.youtube.com https://amuselabs.com https://cdn.knightlab.com https://cdn.securelist.com https://cyberstat.kaspersky.com https://infogram.com https://kaspersky.demdex.net https://maxymiser.net https://media.kasperskydaily.com https://pixel.mathtag.com https://player.vimeo.com https://s-static.ak.facebook.com https://servedby.flashtalking.com https://tagmanager.google.com https://www.brighttalk.com https://www.kaspersky.com https://www.kaspersky.com/blog https://www.opinionstage.com https://www.riddle.com; img-src 'self' data: http://*.cloudfront.net http://*.imgix.net http://*.ipinyou.com http://*.netdna-cdn.com http://*.wordpress.com http://*.wp.com http://i0.poll.fm https://*.addthis.com https://*.admixer.net https://*.adnxs.com https://*.adriver.ru https://*.advertising.com https://*.behe.com https://*.betweendigital.com https://*.bidswitch.net https://*.bing.com https://*.btrll.com https://*.casalemedia.com https://*.cloudfront.net https://*.crwdcntrl.net https://*.demdex.net https://*.digitaltarget.ru https://*.dotomi.com https://*.doubleclick.net https://*.everesttech.net https://*.exelator.com https://*.eyeota.net https://*.facebook.com https://*.google-analytics.com https://*.google.com https://*.gravatar.com https://*.gstatic.com https://*.imgix.net https://*.infogram.com https://*.instagram.com https://*.ipinyou.com https://*.kaspersky.com https://*.marketgid.com https://*.mathtag.com https://*.maxymiser.net https://*.myvisualiq.net https://*.netdna-cdn.com https://*.omtrdc.net https://*.openx.net https://*.owneriq.net https://*.postrelease.com https://*.pubmatic.com https://*.qq.com https://*.rubiconproject.com https://*.rutarget.ru https://*.sharethis.com https://*.staticflickr.com https://*.stickyadstv.com https://*.tanx.com https://*.tapad.com https://*.tradelab.fr https://*.tribalfusion.com https://*.twimg.com https://*.twitter.com https://*.undertone.com https://*.v12group.com https://*.veinteractive.com https://*.w55c.net https://*.wordpress.com https://*.wp.com https://*.yahoo.co.jp https://*.yandex.ru https://*.yieldlab.net https://*.youku.com https://ad.mail.ru https://addevent.com https://adm.shinobi.jp https://adsearch.adkontekst.pl https://assets.kasperskydaily.com https://bh.contextweb.com https://cdn.securelist.com https://ckm.aty.sohu.com https://cm.fastapi.net https://cm.pos.baidu.com https://cm.qtmojo.com https://csi.gstatic.com https://exelatesync.extend.tv https://geo.yahoo.com https://images.telechargement.fr https://inpagevideo.nl https://instagramimages-a.akamaihd.net https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://m.one.impact-ad.jp https://maps.googleapis.com https://maxymiser.net https://media.kasperskydaily.com https://pixel.quantserve.com https://pixel.s3xified.com https://player.vimeo.com https://polldaddy.com https://rum-collector.pingdom.net https://s.w.org https://s3.amazonaws.com https://scontent.cdninstagram.com https://ssl.socdm.com https://stats.g.doubleclick.net https://stats.seedr.com https://t.co https://tagmanager.google.com https://track.addevent.com https://ums.adtech.de https://vmg.host https://www.emjcd.com https://www.google.hr https://www.kaspersky.com/blog https://www.riddle.com https://www.tag4arm.com; media-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://www.kaspersky.com/blog https://www.riddle.com; object-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://player.vimeo.com https://polldaddy.com https://www.kaspersky.com/blog https://www.riddle.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.3gl.net https://*.addevent.com https://*.addthis.com https://*.adnxs.com https://*.adsrvr.org https://*.airpr.com https://*.ampproject.org https://*.bazaarvoice.com https://*.behe.com https://*.bizographics.com https://*.cloudfront.net https://*.crazyegg.com https://*.demdex.net https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.flickr.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.gravatar.com https://*.gstatic.com https://*.infogram.com https://*.instagram.com https://*.ipinyou.com https://*.kaspersky.com https://*.mail.ru https://*.marketlinc.com https://*.marketo.com https://*.marketo.net https://*.mathtag.com https://*.maxymiser.net https://*.myvisualiq.net https://*.optimizely.com https://*.owneriq.net https://*.polldaddy.com https://*.quantserve.com https://*.rfihub.com https://*.rfihub.net https://*.rutarget.ru https://*.salesforceliveagent.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.veinteractive.com https://*.volvelle.tech https://*.woopra.com https://*.wp.com https://*.yahoo.co.jp https://*.yandex.ru https://*.yimg.com https://*.yimg.jp https://adcdn.goo.ne.jp https://addthisevent.com https://analytics-scripts.s3-eu-west-1.amazonaws.com https://assets.adobedtm.com https://assets.kasperskydaily.com https://bwb101.goo.ne.jp https://cdn.onesignal.com https://cdn.securelist.com https://cdn.tradelab.fr https://cdn.trmit.com https://connect.facebook.net https://connect.mail.ru https://external-assets.loyaltybay.co.uk https://kaspersky.admo.tv https://kaspersky.d2.sc.omtrdc.net https://m.addthis.com https://m.addthisedge.com https://maxymiser.net https://media.kasperskydaily.com https://munchkin.marketo.net https://player.vimeo.com https://rum-static.pingdom.net https://s3.amazonaws.com https://share.yandex.ru/ https://sp.analytics.yahoo.com https://static.ads-twitter.com https://tagmanager.google.com https://vk.com https://www.addevent.com https://www.brighttalk.com https://www.flickr.com https://www.glancecdn.net https://www.googleadservices.com https://www.googletagmanager.com https://www.kaspersky.com/blog https://www.linkedin.com https://www.opinionstage.com https://www.riddle.com https://www.tag4arm.com; style-src 'self' 'unsafe-inline' https://*.cloudfront.net https://*.googleapis.com https://*.gravatar.com https://*.kaspersky.com https://*.marketo.com https://*.maxymiser.net https://*.securelist.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.wp.com https://assets.kasperskydaily.com https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://tagmanager.google.com https://www.kaspersky.com/blog https://www.riddle.com; worker-src 'self' blob: data: file: filesystem: https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://www.kaspersky.com/blog https://www.riddle.com unsafe-eval unsafe-inline
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
link
<https://www.kaspersky.com/blog/wp-json/>; rel="https://api.w.org/" <https://kas.pr/p4k5>; rel=shortlink
x-frame-options
SAMEORIGIN
x-cache-hit
HIT
x-request-id
f1886746855ad04725185a1ec503c7ee
set-cookie
country=DE;Path=/
content-encoding
gzip

Redirect headers

status
302
date
Tue, 17 Sep 2019 13:10:17 GMT
content-type
text/html; charset=utf-8
content-length
212
location
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
server
nginx/1.14.0 (Ubuntu)
x-powered-by
Express
set-cookie
uuid=f5f69680-c0ac-4a1b-923c-dfdb104a1b52; Max-Age=15552000; Domain=.ziffdavisb2b.com; Path=/; Expires=Sun, 15 Mar 2020 13:10:17 GMT queryCounter=1; Max-Age=15552000; Domain=.ziffdavisb2b.com; Path=/; Expires=Sun, 15 Mar 2020 13:10:17 GMT queryCounter=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT euid=6fc203fa9bb4fa1bad84d591dd323ebe; Max-Age=15552000; Domain=.ziffdavisb2b.com; Path=/; Expires=Sun, 15 Mar 2020 13:10:17 GMT
vary
Accept
/
assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/
35 KB
7 KB
Stylesheet
General
Full URL
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/social-polls-by-opinionstage/gutenberg/poll/dist/blocks.style.build.css,wp-content/plugins/social-polls-by-opinionstage/gutenberg/trivia/dist/blocks.style.build.css,wp-content/plugins/social-polls-by-opinionstage/gutenberg/personality/dist/blocks.style.build.css,wp-content/plugins/social-polls-by-opinionstage/gutenberg/survey/dist/blocks.style.build.css,wp-content/plugins/social-polls-by-opinionstage/gutenberg/slideshow/dist/blocks.style.build.css,wp-content/plugins/social-polls-by-opinionstage/gutenberg/form/dist/blocks.style.build.css,wp-content/plugins/kaspersky-app-banners/lib/smartbanner/jquery.smartbanner.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css&ver=47cb9dd9
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1c00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
3f0a54b64a9f268dbcd9d55d0025c2405287310951cce80b0d0c0beadb76839d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 14:45:13 GMT
content-encoding
gzip
vary
Accept-Encoding
age
80724
x-cache
Hit from cloudfront
status
200
content-length
6269
last-modified
Thu, 12 Sep 2019 14:44:27 GMT
server
nginx
cache-control
max-age=86400
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
via
1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
x-cache-hit
MISS
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
un6ky73D7rw_b02btXiNnelDjnMQO3TaoB4LrRAWLBQSJSVtR_dwNA==
expires
Fri, 13 Sep 2019 14:44:36 GMT
/
assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/
456 KB
65 KB
Stylesheet
General
Full URL
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=47cb9dd9
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1c00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
78387c5f1139254d8aeb190e671e4274d70dd6266896daeafb5da49d8869b7d5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 14:48:20 GMT
content-encoding
gzip
vary
Accept-Encoding
age
80698
x-cache
Hit from cloudfront
status
200
content-length
66579
last-modified
Thu, 12 Sep 2019 14:44:23 GMT
server
nginx
cache-control
max-age=86400
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
via
1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
x-cache-hit
MISS
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
kn_0sxXUe_nFrJOVXulFhN91pZpOS1fva_jtC9JZL17GRMwno-oQnA==
expires
Sat, 14 Sep 2019 14:45:14 GMT
jquery.js
www.kaspersky.com/blog/wp-includes/js/jquery/
95 KB
34 KB
Script
General
Full URL
https://www.kaspersky.com/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.85.15.47 , Russian Federation, ASN200107 (KL-EXT, RU),
Reverse DNS
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Tue, 17 Sep 2019 13:10:18 GMT
content-encoding
gzip
last-modified
Thu, 05 Sep 2019 01:17:09 GMT
server
nginx
etag
W/"5d706215-17a69"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800, public
x-request-id
e3f19e3bae8420aaf3616efee1ee2d93
expires
Tue, 24 Sep 2019 13:10:18 GMT
/
assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/
176 KB
51 KB
Script
General
Full URL
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/kaspersky-banners/assets/js/script.js,wp-content/plugins/kaspersky-related-posts/assets/js/script.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile.custom.min.js,wp-includes/js/imagesloaded.min.js,wp-includes/js/masonry.min.js,wp-content/themes/daily-nxgen/assets/js/modernizr-2.6.2.min.js,wp-content/themes/daily-nxgen/assets/js/admin-bar.js&ver=47cb9dd9
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1c00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
e6f43e2bb5356e5a42b110bbd4bc0e522ca6afce2e8b69850f4f3db1f275fdea
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 14:48:20 GMT
content-encoding
gzip
vary
Accept-Encoding
age
80698
x-cache
Hit from cloudfront
status
200
content-length
52143
last-modified
Thu, 12 Sep 2019 14:44:27 GMT
server
nginx
cache-control
max-age=86400
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
via
1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
x-cache-hit
MISS
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
EBno9AWY1ruXDQcfVUtRtaMU6a7WGcNLT7mmOybHllQmlrzmIZd1Ew==
expires
Fri, 13 Sep 2019 14:44:36 GMT
forms2.min.js
app-sj06.marketo.com/js/forms2/js/
169 KB
58 KB
Script
General
Full URL
https://app-sj06.marketo.com/js/forms2/js/forms2.min.js?ver=1.0.1
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.80 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
321bbcc4cc57483b7e329186e5159498b668ddde87cb64696ddcdc95176cce82
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:10:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80
status
200
vary
Accept-Encoding
last-modified
Wed, 07 Aug 2019 18:10:53 GMT
server
cloudflare
etag
"4e0ea3-2a536-58f8adc9ba540"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63113904
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
517b51cecf12d6d5-FRA
expires
Tue, 17 Sep 2019 17:10:18 GMT
/
assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/
60 KB
19 KB
Script
General
Full URL
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/js/mobile.js,wp-content/themes/daily-nxgen/assets/js/scripts.js,wp-content/plugins/kaspersky-instagram/js/jquery.magnific-popup.min.js,wp-content/plugins/kaspersky-instagram/js/widget.js,wp-content/plugins/kaspersky-social-sharing-daily/assets/js/social-share.js,wp-content/plugins/kaspersky-social-sharing-daily/assets/js/custom.js&ver=47cb9dd9
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1c00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
03bbca6c8d36e46a06ed00435438ef0ec611563100a06f55e937e5b3749a3dba
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 14:48:20 GMT
content-encoding
gzip
vary
Accept-Encoding
age
80698
x-cache
Hit from cloudfront
status
200
content-length
18597
last-modified
Thu, 12 Sep 2019 14:44:23 GMT
server
nginx
cache-control
max-age=86400
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
via
1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
x-cache-hit
MISS
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
aFaUDaRX7NcQKuwzJVN8oUShB-1KhA-cIGHe3AUMK50PJrakaiW_Wg==
expires
Fri, 13 Sep 2019 14:44:36 GMT
mmapi.js
service.maxymiser.net/api/eu/kl.blog.socialmedia/6880d1/
15 KB
6 KB
Script
General
Full URL
https://service.maxymiser.net/api/eu/kl.blog.socialmedia/6880d1/mmapi.js
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.252.27 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-252-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bd67ec35553f8771221dc7c408e119368976012d9ad17e77e6aa6b384469c831

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:10:18 GMT
content-encoding
gzip
last-modified
Fri, 22 Feb 2019 15:36:40 GMT
server
Apache
status
200
etag
"985a8cdaa69b6bed857896c390d11341:1550849800"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=10
accept-ranges
bytes
content-length
5775
20180717_Leonid-96x96.png
media.kasperskydaily.com/wp-content/uploads/sites/92/2018/07/25054814/
16 KB
16 KB
Image
General
Full URL
https://media.kasperskydaily.com/wp-content/uploads/sites/92/2018/07/25054814/20180717_Leonid-96x96.png
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:7c00:7:b0d4:2940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4be71be3433b3c0505b7d57503f75b0b88fa751d7554ce12c396f9e844e56866

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Sep 2019 04:03:20 GMT
via
1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2019 11:55:52 GMT
server
AmazonS3
age
724019
etag
"84cd97e40e5b7f6fead953ba0d64ee96"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
15950
x-amz-cf-id
A9TlKTbqgh7t0Enjpw4yrT6ePXtNsOkJJUhp6OhbBho-Sf1ZqYzjaQ==
expires
Sat, 27 Jul 2019 10:09:30 GMT
white-15.png
www.kaspersky.com/blog/wp-content/plugins/kaspersky-social-sharing-daily/assets/img/
439 B
687 B
Image
General
Full URL
https://www.kaspersky.com/blog/wp-content/plugins/kaspersky-social-sharing-daily/assets/img/white-15.png
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.85.15.47 , Russian Federation, ASN200107 (KL-EXT, RU),
Reverse DNS
Software
nginx /
Resource Hash
f449a501d38b9e34f33315a7452ac78d5671e953edba65f22449cc4865815e64

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Tue, 17 Sep 2019 13:10:18 GMT
last-modified
Thu, 12 Sep 2019 14:44:23 GMT
server
nginx
etag
"5d7a59c7-1b7"
content-type
image/png
status
200
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
439
x-request-id
72a53a2f679564f79aa3547590e610ad
expires
Tue, 24 Sep 2019 13:10:18 GMT
top4-dangerous-attachments-2019-featured-A.jpg
media.kasperskydaily.com/wp-content/uploads/sites/92/2019/05/30115551/
180 KB
181 KB
Image
General
Full URL
https://media.kasperskydaily.com/wp-content/uploads/sites/92/2019/05/30115551/top4-dangerous-attachments-2019-featured-A.jpg
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:7c00:7:b0d4:2940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2315540628feae3b834304aa66018fddd8f328eef20559f5b62cf623719fa8cb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:10:19 GMT
via
1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2019 11:58:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"1947634d36f83058ff1784a8c707a5ef"
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
184576
x-amz-cf-id
8eD7FoEwsETZeEmKxlC7rhLaB-hqMVhypg4IdmOQOJfTTYcGhAEURg==
expires
Fri, 29 May 2020 15:55:51 GMT
20180717_Leonid-32x32.png
media.kasperskydaily.com/wp-content/uploads/sites/92/2018/07/25054814/
2 KB
3 KB
Image
General
Full URL
https://media.kasperskydaily.com/wp-content/uploads/sites/92/2018/07/25054814/20180717_Leonid-32x32.png
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:7c00:7:b0d4:2940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d167d6e9c026228d979ea6eb4c4725e4dfc044efa9d0b588e4d54a76c2d31b4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 22:14:23 GMT
via
1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2019 11:55:52 GMT
server
AmazonS3
age
312956
etag
"74a40a176f864ae273e78bf16f730459"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
2523
x-amz-cf-id
DPY3Oi2G5PGUU-OH6tEsY8UC5I7SEWrv2RRdTV2lLdyUTp0sM15umw==
expires
Sat, 27 Jul 2019 10:09:30 GMT
20180717_Leonid-70x70.png
media.kasperskydaily.com/wp-content/uploads/sites/92/2018/07/25054814/
9 KB
10 KB
Image
General
Full URL
https://media.kasperskydaily.com/wp-content/uploads/sites/92/2018/07/25054814/20180717_Leonid-70x70.png
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:7c00:7:b0d4:2940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39ccd93a521cee5450145cae9e169a50f10ead38317c62f85047ba901215dfc7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Sep 2019 04:03:20 GMT
via
1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2019 11:55:52 GMT
server
AmazonS3
age
724019
etag
"edba1ca512ff50cfedeb06270bfd6097"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
9385
x-amz-cf-id
4QlJSxQ7mvCvSLZ8Z_8cKJ-X5wt0oCvSvmdmgxwqNnuxbP-xEa0nvg==
expires
Sat, 27 Jul 2019 10:09:30 GMT
daily-events.js
analytics-scripts.s3-eu-west-1.amazonaws.com/kaspersky-daily/
5 KB
6 KB
Script
General
Full URL
https://analytics-scripts.s3-eu-west-1.amazonaws.com/kaspersky-daily/daily-events.js
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.56.120 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-external-3.amazonaws.com
Software
AmazonS3 /
Resource Hash
386d40859a290db4b20f811bf7c698c1f629cd10b9ab9a9edd71d2453b0c8e1e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Sep 2019 13:10:19 GMT
Last-Modified
Tue, 17 Sep 2019 11:45:24 GMT
Server
AmazonS3
x-amz-request-id
AF1CF2E1E38F9607
ETag
"e025ae184ead6165a2cb5a4800ba4b2d"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5483
x-amz-id-2
iDYEsbkLSy8MTYVdsQAjiycGbCJameF0JrC2w6+7oj6d/r0X/+1fb0lapunKigg7HF0MXmDkPnQ=
/
assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/
112 KB
16 KB
Stylesheet
General
Full URL
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/css/formreset.min.css,wp-content/plugins/gravityforms/css/formsmain.min.css,wp-content/plugins/gravityforms/css/readyclass.min.css,wp-content/plugins/gravityforms/css/browsers.min.css,wp-content/plugins/gravityformsmailchimp/css/form_settings.css&ver=47cb9dd9
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1c00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
d121f2bfc5cc153ad434ba8d5ca674db70d3eecb63bae781f43d4b762b0e73e8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 14:44:54 GMT
content-encoding
gzip
vary
Accept-Encoding
age
80724
x-cache
Hit from cloudfront
status
200
content-length
15803
last-modified
Thu, 12 Sep 2019 14:44:26 GMT
server
nginx
x-cache-hit
MISS
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
via
1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
ddvTcnerZt5X0rXeYOkXekqCT3V-_D-7-JBwok2onyAGpeIFVdG1fg==
expires
Tue, 17 Sep 2019 14:44:54 GMT
/
assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/
51 KB
16 KB
Script
General
Full URL
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-app-banners/lib/smartbanner/jquery.smartbanner.js,wp-content/plugins/kaspersky-app-banners/js/config.min.js,wp-content/plugins/social-polls-by-opinionstage/public/js/shortcodes.js,wp-content/plugins/kaspersky-social-sharing-daily/assets/js/kindle.js,wp-includes/js/wp-embed.min.js,wp-content/plugins/gravityforms/js/jquery.json.min.js,wp-content/plugins/gravityforms/js/gravityforms.min.js,wp-content/plugins/gravityforms/js/placeholders.jquery.min.js&ver=47cb9dd9
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1c00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
9176936e1dace2ec44b9cee9bc5349265b7c3a10aeedca15479264b26642f0a9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Sep 2019 14:48:20 GMT
content-encoding
gzip
vary
Accept-Encoding
age
80724
x-cache
Hit from cloudfront
status
200
content-length
16335
last-modified
Thu, 12 Sep 2019 14:44:27 GMT
server
nginx
cache-control
max-age=86400
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
via
1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
x-cache-hit
MISS
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
JzlAL--hLb-WMU6xxjtQlb6E3jYkDJqMa4bWyv-gc_rirVdmOpXCqw==
expires
Sun, 15 Sep 2019 14:44:49 GMT
s_code_single_suite.js
media.kaspersky.com/tracking/omniture/
167 KB
47 KB
Script
General
Full URL
https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.2.3
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.85.15.23 , Russian Federation, ASN200107 (KL-EXT, RU),
Reverse DNS
Software
/ Kaspersky Labs, Kaspersky Labs
Resource Hash
cfe7b164ae32828fd0589123dd4f024967b8967da4b3cbc58b8a999871897567
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
etag
"0348ebd5053d51:0"
x-powered-by
Kaspersky Labs, Kaspersky Labs
status
200
content-length
47790
x-xss-protection
1; mode=block
last-modified
Thu, 15 Aug 2019 10:03:52 GMT
server
x-frame-options
SAMEORIGIN
date
Tue, 17 Sep 2019 13:10:18 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-server
fr1/FRA4
accept-ranges
bytes
x-content-type-options
nosniff
widget.js
d1xnn692s7u6t6.cloudfront.net/
13 KB
5 KB
Script
General
Full URL
https://d1xnn692s7u6t6.cloudfront.net/widget.js
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.175 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-175.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
327262f2b3496dd8337891b4d031f547db0e674d8cdc1ebf68e627adafbf7aa9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
dJNOY_esNRyASXh00KIOXcNcPuuMMbPH
Content-Encoding
gzip
ETag
"300a9b06ef340c2e3f3d261712f92663"
Age
17
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
4354
Last-Modified
Tue, 30 Jul 2013 19:48:18 GMT
Server
AmazonS3
Date
Tue, 17 Sep 2019 13:10:02 GMT
Content-Type
text/javascript
Via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
Cache-Control
public, max-age=60
X-Amz-Cf-Pop
FRA53-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
YS8igCm-07AE_RU8XENcX5F2-9D7PvNRfk5oHzM9H6FN579zvTV1mA==
Museo-SansCyrl-300.woff2
assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/
30 KB
31 KB
Font
General
Full URL
https://assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/Museo-SansCyrl-300.woff2
Requested by
Host: assets.kasperskydaily.com
URL: https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/kaspersky-banners/assets/js/script.js,wp-content/plugins/kaspersky-related-posts/assets/js/script.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile.custom.min.js,wp-includes/js/imagesloaded.min.js,wp-includes/js/masonry.min.js,wp-content/themes/daily-nxgen/assets/js/modernizr-2.6.2.min.js,wp-content/themes/daily-nxgen/assets/js/admin-bar.js&ver=47cb9dd9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1c00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
de892addc549d85b9fd5d5c2f77a4dd96fbe4ec11542d6cf7232fab6ccabae5d

Request headers

Sec-Fetch-Mode
cors
Referer
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=47cb9dd9
Origin
https://www.kaspersky.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 08:18:04 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
age
6670335
x-cache
Hit from cloudfront
status
200
content-length
30844
pragma
public
last-modified
Thu, 27 Jun 2019 16:31:48 GMT
server
nginx
etag
"5d14ef74-787c"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
TDsqZJemlRb5G-AT3zbOkgPBcy7itXITK7bjUotj69QOAFo1F6dltQ==
expires
Wed, 01 Jul 2020 08:18:04 GMT
gtm.js
www.googletagmanager.com/
489 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e95cd93b9d67302b51822a141eaa14edb6c3facc03d80e49ab769c13a2e820be
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:10:19 GMT
content-encoding
br
last-modified
Tue, 17 Sep 2019 12:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
83184
x-xss-protection
0
expires
Tue, 17 Sep 2019 13:10:19 GMT
/
service.maxymiser.net/cg/v5/
1 KB
936 B
Script
General
Full URL
https://service.maxymiser.net/cg/v5/?fv=dmn%3Dkl.blog.socialmedia%3Bref%3D%3Burl%3Dhttps%253A%252F%252Fwww.kaspersky.com%252Fblog%252Ftop4-dangerous-attachments-2019%252F27147%252F%253Fsiteid%253DRIQSITE%3Bscrw%3D1600%3Bscrh%3D1200%3Bclrd%3D24%3Bcok%3D1&lver=1.13&jsncl=mmRequestCallbacks%5B1%5D&ri=1&lto=120&jrt=s
Requested by
Host: service.maxymiser.net
URL: https://service.maxymiser.net/api/eu/kl.blog.socialmedia/6880d1/mmapi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.252.27 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-252-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
00ec347c906e5f1e1ceee9ac7244aad480dac697500a95f527c59c87e303dc03
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Tue, 17 Sep 2019 13:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
09/17/2019 13:10:19
server
nginx
x-node
fravwcgeu10, fravllb04
vary
Accept-Encoding
p3p
CP="DEV IND NOI OTC OUR PSA PSD"
status
200
cache-control
no-store, no-cache, must-revalidate,post-check=0, pre-check=0
content-type
text/javascript; charset=utf-8
content-length
630
expires
Sun, 06 Jan 1980 01:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
121 KB
31 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
31604
x-xss-protection
0
pragma
public
x-fb-debug
MEO+VeLE+cG+RKVYpr+Ij2PJftZctxj/ng3+1OaMDUnZbHaoZh4M/8Rfl/NfkbroBXdnpP/0k+dpsXvOon3aOg==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Tue, 17 Sep 2019 13:10:19 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
prum.min.js
rum-static.pingdom.net/
6 KB
3 KB
Script
General
Full URL
https://rum-static.pingdom.net/prum.min.js
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:15ef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d659b59a4cf40320e19b273395524a19b1a354beceb07e791746aec927465c2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:10:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 26 Jun 2019 09:19:43 GMT
server
cloudflare
age
4443
status
200
etag
W/"5d1338af-186f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
517b51d43d3ccbd0-VIE
expires
Wed, 18 Sep 2019 01:10:19 GMT
kaspersky_logo.svg
assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/images/
3 KB
2 KB
Image
General
Full URL
https://assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/images/kaspersky_logo.svg?ver=20190619
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1c00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
4f24864d27bfaffc860ad3f2648709b60153abbeb7ec502552ab987a18d0ff4f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=47cb9dd9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2019 00:12:06 GMT
content-encoding
gzip
last-modified
Thu, 12 Sep 2019 14:44:22 GMT
server
nginx
age
219493
etag
W/"5d7a59c6-b43"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=604800, public
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
zw_8okRe4bDw4ZDkTCRD6dc2JgfrJCZUT_f3DKQ3_iHg9om1aT0Qjw==
via
1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
expires
Sun, 22 Sep 2019 00:12:06 GMT
kaspersky-daily_logo.svg
assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/images/
1 KB
1 KB
Image
General
Full URL
https://assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/images/kaspersky-daily_logo.svg?ver=20190619
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1c00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
0e409bb24dfc019e40b9a9216840ae95d6ba8c6061e60e3dac334787e0d6233e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=47cb9dd9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2019 00:35:57 GMT
content-encoding
gzip
last-modified
Thu, 12 Sep 2019 14:43:43 GMT
server
nginx
age
218062
etag
W/"5d7a599f-4be"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=604800, public
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
9lgk7myHV4H9iqRD418RULX_qyBOa3JPMXzmKxaF-0iXJluXx2hLCw==
via
1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
expires
Sun, 22 Sep 2019 00:35:57 GMT
font-icons.ttf
assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/font-icons/
34 KB
34 KB
Font
General
Full URL
https://assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/font-icons/font-icons.ttf?p2bytm
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1c00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
20c44a2b00fbdf68041dbfacf8b61d07267786208e0495eb8b7f15b2d26300d9

Request headers

Sec-Fetch-Mode
cors
Referer
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=47cb9dd9
Origin
https://www.kaspersky.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 08:18:04 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
age
6670335
x-cache
Hit from cloudfront
status
200
content-length
34768
pragma
public
last-modified
Thu, 27 Jun 2019 16:31:48 GMT
server
nginx
etag
"5d14ef74-87d0"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
K0bYyhbYu3CSZTcqMxwUgSRd3yDFOJ9c0B6A20APoQ4vQmjiYzfutg==
expires
Wed, 01 Jul 2020 08:18:04 GMT
Museo-SansCyrl-500.woff2
assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/
30 KB
31 KB
Font
General
Full URL
https://assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/Museo-SansCyrl-500.woff2
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1c00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
d730bb6fbbbd41c6dbbc93a37860904fd6e8cdb2c3029efd2eb7104ae41586ce

Request headers

Sec-Fetch-Mode
cors
Referer
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=47cb9dd9
Origin
https://www.kaspersky.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 08:18:04 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
age
6670335
x-cache
Hit from cloudfront
status
200
content-length
31176
pragma
public
last-modified
Thu, 27 Jun 2019 16:31:48 GMT
server
nginx
etag
"5d14ef74-79c8"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
wtqitGW1yBu19nqzhpS8WU1UFt5qOIiijr2jpNCCnhZ52eKxU9gPxA==
expires
Wed, 01 Jul 2020 08:18:04 GMT
fontawesome-webfont.woff2
assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/libs/font-awesome/fonts/
70 KB
71 KB
Font
General
Full URL
https://assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/libs/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.2
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1c00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4

Request headers

Sec-Fetch-Mode
cors
Referer
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=47cb9dd9
Origin
https://www.kaspersky.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 08:18:04 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
age
6670335
x-cache
Hit from cloudfront
status
200
content-length
71760
pragma
public
last-modified
Thu, 27 Jun 2019 16:31:49 GMT
server
nginx
etag
"5d14ef75-11850"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
ldTNBE-4AjnghsN5YbCIHHy8Cli5JQarQVHpUmpL8BPk30ZpygJJaQ==
expires
Wed, 01 Jul 2020 08:18:04 GMT
Museo-SansCyrl-700.woff2
assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/
30 KB
31 KB
Font
General
Full URL
https://assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/Museo-SansCyrl-700.woff2
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1c00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b652721e972ad17bfe8aab3616e4735ccf031e3ed595128c15a5c095f57c61a4

Request headers

Sec-Fetch-Mode
cors
Referer
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=47cb9dd9
Origin
https://www.kaspersky.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 08:18:04 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
age
6670335
x-cache
Hit from cloudfront
status
200
content-length
31092
pragma
public
last-modified
Thu, 27 Jun 2019 16:31:48 GMT
server
nginx
etag
"5d14ef74-7974"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
qzoEgCVKEShZjM2ZTWYCsdpAkBjKjh05UGFuggFXQHEb94wo0OH8Zg==
expires
Wed, 01 Jul 2020 08:18:04 GMT
Museo-SansCyrl-300Italic.woff2
assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/
32 KB
32 KB
Font
General
Full URL
https://assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/Museo-SansCyrl-300Italic.woff2
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1c00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
6dd21f48efae5a31b9f4042a2801d3a71f2c8c8fb93a121395dd44bf01fb37ff

Request headers

Sec-Fetch-Mode
cors
Referer
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=47cb9dd9
Origin
https://www.kaspersky.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 08:18:04 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
age
6670335
x-cache
Hit from cloudfront
status
200
content-length
32596
pragma
public
last-modified
Thu, 27 Jun 2019 16:31:48 GMT
server
nginx
etag
"5d14ef74-7f54"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
yNIxY304a52C8s_DiM7Z8u80dyn70cCon4DUbasKAeRn5sNjOuTTMQ==
expires
Wed, 01 Jul 2020 08:18:04 GMT
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1606
date
Tue, 17 Sep 2019 12:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Tue, 17 Sep 2019 14:43:33 GMT
gtm.js
www.googletagmanager.com/
79 KB
25 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K974KNN&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
79a5e14366bc537a4292925a3c0982aadbb0506da28da742cd2251a2fa7e274b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:10:19 GMT
content-encoding
br
last-modified
Tue, 17 Sep 2019 12:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
25499
x-xss-protection
0
expires
Tue, 17 Sep 2019 13:10:19 GMT
Museo-SansCyrl-700Italic.woff2
assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/
32 KB
33 KB
Font
General
Full URL
https://assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/Museo-SansCyrl-700Italic.woff2
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:1c00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
d7c02bfd05f418c18d9926ecd9bb0a14da25e22bdc02ecd42c0c948940e5ba23

Request headers

Sec-Fetch-Mode
cors
Referer
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=47cb9dd9
Origin
https://www.kaspersky.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 08:21:41 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
age
6670118
x-cache
Hit from cloudfront
status
200
content-length
32964
pragma
public
last-modified
Thu, 27 Jun 2019 16:31:48 GMT
server
nginx
etag
"5d14ef74-80c4"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
iLKjQcQFkECR7FvJx2g87ztY0lZ76oN5hV9Vc2ATzBfqhu8_PIxFEg==
expires
Wed, 01 Jul 2020 08:21:41 GMT
839281392784015
connect.facebook.net/signals/config/
308 KB
78 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/839281392784015?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f6b8d4d38a0a6d56d7b2f4276e97c9e32e422136efe49e382defc32203cd2eec
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
79815
x-xss-protection
0
pragma
public
x-fb-debug
8aM+PYR3Nrq58VEpdDhY5yFkNQAsGX63v6a5wpg8DS5hvBVijzmgn+7eRbd/OjA+zrvheZqLDPBCa46NuQA/ew==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Tue, 17 Sep 2019 13:10:19 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=290036097&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE&dp=%2Fblo...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63997723-2&cid=2056159826.1568725820&jid=2092269208&_gid=733635809.1568725820&gjid=221360578&_v=j79&z=2019686027
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63997723-2&cid=2056159826.1568725820&jid=2092269208&_v=j79&z=2019686027
0
0

id
dpm.demdex.net/
368 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=983502BE532960BE0A490D4C%40AdobeOrg&d_nsid=0&ts=1568725819692
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.2.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.90.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-90-74.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b91c2d22074ce0ffdd23e12b88c1ee869b1c153c62cf4de3c439c6862f916258

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v042-0e3e79cec.edge-irl1.demdex.com 5.59.0.20190904135845 3ms (+1ms)
Pragma
no-cache
Content-Encoding
gzip
X-TID
XII/fwZCQp0=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.kaspersky.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
306
Expires
Thu, 01 Jan 1970 00:00:00 GMT
all.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a8f614f39d0da502fb9c0a13e923154564e600fa5eeeb28e5fc123cc41e421ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
BeALJbYt8Lfh9etqdahvsQ==
status
200
content-length
1780
etag
"90834bbc55f005d313dfa85d17f2f1cf"
x-fb-debug
z6JiTMAd1dtpCDOiCu+sbpi2Dau8aLO21u/ffTHliHqYkCa1wSQIzTWJ9+pfzKqv+XYL4sbJYxFTQg5Oj5YMlQ==
x-fb-trip-id
420120009
x-fb-content-md5
956e2ce87ef3b752a17cd89d1d665151
x-frame-options
DENY
date
Tue, 17 Sep 2019 13:10:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 17 Sep 2019 13:16:58 GMT
insight.min.js
sjs.bizographics.com/
15 KB
5 KB
Script
General
Full URL
https://sjs.bizographics.com/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K974KNN&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:38f::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Sep 2019 13:10:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 23:03:30 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=35628
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4571
ga-audiences
www.google.com/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=290036097&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE&ul=...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35676203-1&cid=2056159826.1568725820&jid=408225857&_gid=733635809.1568725820&gjid=1884708083&_v=j79&z=477682690
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-1&cid=2056159826.1568725820&jid=408225857&_v=j79&z=477682690
0
0

inferredEvents.js
connect.facebook.net/signals/plugins/
35 KB
10 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
10218
x-xss-protection
0
pragma
public
x-fb-debug
6UUU5ONHgBbWBsX6fdyeQB54yNemyMOthzgApkcWDIJoewc/3LY9doA7nUJj/EFSFGb/RIJ63a8Y+etXSQ70DQ==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Tue, 17 Sep 2019 13:10:19 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
admin-ajax.php
www.kaspersky.com/blog/wp-admin/
1 KB
969 B
XHR
General
Full URL
https://www.kaspersky.com/blog/wp-admin/admin-ajax.php
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.85.15.47 , Russian Federation, ASN200107 (KL-EXT, RU),
Reverse DNS
Software
nginx /
Resource Hash
c5c359caabddd0372e344a749899529ddbcd35e5ce50658b0373f563b5dcda4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 17 Sep 2019 13:10:20 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
server
nginx
status
200
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.kaspersky.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
vary
Accept-Encoding
x-content-type-options
nosniff
x-request-id
01903f58e6c5b45eda2a7399196201da
expires
Wed, 11 Jan 1984 05:00:00 GMT
admin-ajax.php
www.kaspersky.com/blog/wp-admin/
8 KB
2 KB
XHR
General
Full URL
https://www.kaspersky.com/blog/wp-admin/admin-ajax.php
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.85.15.47 , Russian Federation, ASN200107 (KL-EXT, RU),
Reverse DNS
Software
nginx /
Resource Hash
1ab966849cadfd65b92a7665d7c1ae5690a1514e51cc1126f73384c122ac4fde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 17 Sep 2019 13:10:20 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
server
nginx
status
200
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.kaspersky.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
vary
Accept-Encoding
x-content-type-options
nosniff
x-request-id
5ffdbf6163502c74c8ea1b1523643bab
expires
Wed, 11 Jan 1984 05:00:00 GMT
/
graph.facebook.com/
84 B
502 B
XHR
General
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
d9b7e1beab4d80b41aad23442d1dcf8a64d299cab70b05bdfb7b61d18675cd0d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

strict-transport-security
max-age=15552000; preload
etag
"624323ae0c9ebf778c6bfa741aa972183925a39e"
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
status
200
x-fb-rev
1001183273
content-length
84
pragma
no-cache
x-fb-debug
BgGOO4DZUFTOogK9NxTGwF6uVUEjDaSw6XGIuJmsu9/ABrVDo2WUglRXuXvalRTI5ZB1LanheOim7RHcNiaiCw==
x-fb-trace-id
GyVqwE3nDfj
date
Tue, 17 Sep 2019 13:10:19 GMT
content-type
application/json
access-control-allow-origin
*
x-fb-request-id
Ar2-Lgot8mfCiIPh2ag44xK
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.10
expires
Sat, 01 Jan 2000 00:00:00 GMT
share
www.linkedin.com/countserv/count/
0
0
Script
General
Full URL
https://www.linkedin.com/countserv/count/share?url=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F&format=jsonp&callback=jQuery1124023814703233415901_1568725819398&_=1568725819399
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9101 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

info.json
www.reddit.com/api/
102 B
1 KB
XHR
General
Full URL
https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
snooserv /
Resource Hash
f4f2c0a4763f01ee2b13b4f8189e6fd5f32bd704d71fed8d0f11883de9724198
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 17 Sep 2019 13:10:22 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
status
200
content-length
102
x-xss-protection
1; mode=block
x-served-by
cache-hhn4024-HHN
x-moose
majestic
expires
-1
server
snooserv
x-timer
S1568725820.796625,VS0,VE3164
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, max-age=0, must-revalidate
x-ua-compatible
IE=edge
accept-ranges
bytes
x-cache-hits
0
search
hn.algolia.com/api/v1/
397 B
975 B
XHR
General
Full URL
https://hn.algolia.com/api/v1/search?query=%22https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%22&tags=story&advancedSyntax=true&attributesToRetrieve=points,url
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.225.72 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f913edb442ecf03576bd55c4f9f636829f8432a6e37a5ac74feee405ffff36d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 17 Sep 2019 13:10:20 GMT
content-encoding
br
status
200
x-request-id
a37cb98b-cb1c-4602-bb83-df6a56c70d8a
x-runtime
0.031134
server
cloudflare
etag
W/"f913edb442ecf03576bd55c4f9f63682"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, PUT, DELETE, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
false
cf-ray
517b51d5dc2ac277-FRA
access-control-allow-headers
x-algolia-application-id, connection, origin, x-algolia-api-key, content-type, content-length, x-algolia-signature, x-algolia-usertoken, x-algolia-tagfilters, DNT, X-Mx-ReqToken, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Authorization, Accept
index.php
www.kaspersky.com/blog/wp-content/plugins/kaspersky-social-sharing-daily/counter/
172 B
359 B
XHR
General
Full URL
https://www.kaspersky.com/blog/wp-content/plugins/kaspersky-social-sharing-daily/counter/index.php?url=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F&callback=jQuery1124023814703233415901_1568725819400&_=1568725819401
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.85.15.47 , Russian Federation, ASN200107 (KL-EXT, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf470d057d05670a2d55d765d72625ff6b3912d71dff04113f1ef108ecf66829
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 17 Sep 2019 13:10:20 GMT
content-encoding
gzip
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
status
200
x-cache-hit
MISS
x-request-id
6c2e1c48380076105f3e95a07e480881
Cookie set dest5.html
kaspersky.demdex.net/ Frame 34E4
0
0
Document
General
Full URL
https://kaspersky.demdex.net/dest5.html?d_nsid=0
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.2.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.160.221 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-248-160-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
kaspersky.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Accept-Encoding
gzip, deflate, br
Cookie
demdex=58106956871428546384165664644690711126
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Tue, 10 Sep 2019 14:25:26 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=58106956871428546384165664644690711126;Path=/;Domain=.demdex.net;Expires=Sun, 15-Mar-2020 13:10:19 GMT;Max-Age=15552000
Vary
Accept-Encoding, User-Agent
X-TID
0ZCnvNjaS2Q=
Content-Length
2764
Connection
keep-alive
id
kaspersky.d3.sc.omtrdc.net/
3 B
475 B
XHR
General
Full URL
https://kaspersky.d3.sc.omtrdc.net/id?d_visid_ver=4.3.0&d_fieldgroup=A&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&mid=68435993719964225804005261659295988748&ts=1568725819800
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.2.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.117.29.226 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software
Omniture DC /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 17 Sep 2019 13:10:19 GMT
X-Content-Type-Options
nosniff
Server
Omniture DC
xserver
www63
Vary
Origin
X-C
ms-6.9.1
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
https://www.kaspersky.com
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
3
X-XSS-Protection
1; mode=block
ibs:dpid=411&dpuuid=XYDbOwAAFEtvAzx0
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=58106956871428546384165664644690711126
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XYDbOwAAFEtvAzx0
42 B
776 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XYDbOwAAFEtvAzx0
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.90.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-90-74.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v042-02163bfbf.edge-irl1.demdex.com 5.59.0.20190904135845 3ms (+1ms)
Pragma
no-cache
X-TID
lYDKB8hISzk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 17 Sep 2019 13:10:19 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XYDbOwAAFEtvAzx0
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
ga-audiences
www.google.de/ads/
0
0

/
www.facebook.com/tr/
44 B
248 B
Image
General
Full URL
https://www.facebook.com/tr/?id=839281392784015&ev=PageView&dl=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE&rl=&if=false&ts=1568725819810&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1568725819809.1781053146&it=1568725819605&coo=false&rqm=GET
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:10:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 17 Sep 2019 13:10:19 GMT
all.js
connect.facebook.net/en_US/
187 KB
56 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js?hash=afb7b2869b9e98158e16dd17ccc6663a&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6c13e77a3c5575f17d892f2f18592e4b6a2bfb4fc16dcfe50211ca0660f6f62f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Origin
https://www.kaspersky.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
iyafibrzCawnGegUdDhZTg==
status
200
content-length
56460
etag
"9a7d32b6e8b93ea34a3a0290df4f8af4"
x-fb-debug
qWtROAUlgEPKWpRb4O6yYxX6tO/xvWxBQNmmW9ngrNrB1Nyv0nKL9HDa/NJBMh11R0UMU4EoN+9C4MRXFDJ4Tg==
x-fb-trip-id
2000377899
x-fb-content-md5
5d3fdf7776fd308d128904f39876f01b
x-frame-options
DENY
date
Tue, 17 Sep 2019 13:10:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Wed, 16 Sep 2020 12:02:44 GMT
ga-audiences
www.google.de/ads/
0
0

xd_arbiter.php
staticxx.facebook.com/connect/ Frame 86A6
0
0
Document
General
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=afb7b2869b9e98158e16dd17ccc6663a&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
accept-encoding
gzip, deflate, br
cookie
fr=0ro9Y1CI7npe91q38..BdgNs7...1.0.BdgNs7.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Wed, 16 Sep 2020 00:22:50 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
7vA8SPep6al9WiIiqmjr9SRhBHAvZzk6G6UemuNcXU8LBHgaDyygdBQzySvrTjFjfLICjEcKZxIyRJU6b3CdCg==
content-length
11817
x-fb-trip-id
420120009
date
Tue, 17 Sep 2019 13:10:19 GMT
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=307769532755023&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=afb7b2869b9e98158e16dd17ccc6663a&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.kaspersky.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
x-fb-debug
ZkGUuBXF2YrI/+o4kVvp7EcGPeGw/WraO0507hLHMeg6JrLoxsJeK0ZnMlg4OS8ilFcGHREpK4uVRW4YjiOwrg==
fb-s
unknown
status
200
x-frame-options
DENY
date
Tue, 17 Sep 2019 13:10:19 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kaspersky.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
0
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
s21500755803502
kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.15.0/
43 B
585 B
Image
General
Full URL
https://kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.15.0/s21500755803502?AQB=1&ndh=1&pf=1&t=17%2F8%2F2019%2015%3A10%3A19%202%20-120&mid=68435993719964225804005261659295988748&aamlh=6&ce=UTF-8&ns=kaspersky&cdp=2&pageName=Kaspersky%20Daily%20Blog%20%3E%20Top4%20Dangerous%20Attachments%202019&g=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE&cc=USD&ch=Kaspersky%20Daily%20Blog&server=www.kaspersky.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v3=Kaspersky%20Daily%20Blog%20%3E%20Top4%20Dangerous%20Attachments%202019&v9=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE&c20=undefined%3Aundefined%3Aundefined%3Aundefined%3Aundefined%3Aundefined&c29=v1%3As_code_single_suite.js%3AtrackPageView%20%3E%20sng.t%3Ap&c30=v1%3A20190815%3A231%3AKaspersky%20Daily%20Blog%3A%5BNULL%5D&c31=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F&v44=D%3Dv3&c47=Default&v47=D%3Dc47&c51=Kaspersky%20Daily%20Blog&c56=en-GLOBAL&c57=en-global&v57=D%3Dc57&c58=Top%204%20dangerous%20attachments%20in%20spam%20e-mails%20%7C%20Kaspersky%20official%20blog&v71=v1%3APage%20View%3A%5BNULL%5D&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&AQE=1
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.117.29.226 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software
Omniture DC /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Sep 2019 13:10:19 GMT
X-Content-Type-Options
nosniff
X-C
ms-6.9.1
P3P
CP="This is not a P3P policy"
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 18 Sep 2019 13:10:19 GMT
Server
Omniture DC
xserver
www66
ETag
"3368813044584972288-5364423808864290380"
Vary
*
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Expires
Mon, 16 Sep 2019 13:10:19 GMT
/
px.ads.linkedin.com/collect/
0
0

tc.min.js
c1.rfihub.net/js/
20 KB
7 KB
Script
General
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: www.kaspersky.com
URL: https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.102.114 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-102-114.deploy.static.akamaitechnologies.com
Software
Jetty(9.0.6.v20130930) /
Resource Hash
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Sep 2019 13:10:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Aug 2019 04:16:54 GMT
Server
Jetty(9.0.6.v20130930)
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
6375
Expires
Tue, 17 Sep 2019 14:10:20 GMT
bat.js
bat.bing.com/
0
0

ktag.js
resources.xg4ken.com/js/v2/
0
0

vt-132.js
vt.myvisualiq.net/2/7hrBnrmZAM5n6cl1WjyOsg%3D%3D/
17 KB
5 KB
Script
General
Full URL
https://vt.myvisualiq.net/2/7hrBnrmZAM5n6cl1WjyOsg%3D%3D/vt-132.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.35 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-35.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b27f6c546b342d36a22801e2ed49f19198c486cb1559f9478e19fde10d498ed6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Sep 2019 11:31:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Sep 2018 19:47:38 GMT
Server
AmazonS3
Age
5923
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
x-amz-version-id
ocso9vBwiDAMIwzgZeIi2Q7YJDCshSHW
Via
1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
Content-Type
application/x-javascript
X-Amz-Cf-Id
O69NE-iqvGcKwcl5I-Nh2vUQ8hJF0pksx4HGlFhi5GcJ0FuRjFDGbQ==
up_loader.1.1.0.js
js.adsrvr.org/
6 KB
2 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.207.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-207-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e98e381189d908e1981b6e535bcdd7f3edceafdb0e7095f3e04292e8aac6a0c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 16 Sep 2019 19:04:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jul 2019 18:26:10 GMT
Server
AmazonS3
Age
65246
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
ybeevi4RNk2TD0iVd5LtOKgO7adzJKNTDZMI8H6-pj17vupisQi5qQ==
setuid
ib.adnxs.com/
Redirect Chain
  • https://s.tribalfusion.com/i.cid?c=705083&ev=0&page=Global
  • https://s.tribalfusion.com/z/i.cid?c=705083&ev=0&page=Global
  • https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
  • https://ib.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db26%26u%3D%24UID%26redirect%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D305%2526code%253D%...
  • https://a.tribalfusion.com/i.match?p=b26&u=6476465516730328384&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
  • https://ib.adnxs.com/setuid?entity=305&code=18072662391058255894
43 B
992 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=305&code=18072662391058255894
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Sep 2019 13:10:22 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.240:80
AN-X-Request-Uuid
7061a7c2-c28e-4d6f-b001-f29da8a516c7
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Sep 2019 13:10:20 GMT
x-function
209
x-reuse-index
142
status
302
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://ib.adnxs.com/setuid?entity=305&code=18072662391058255894
cache-control
no-cache, private
content-type
text/html
content-length
36
expires
Thu, 01 Jan 1970 00:00:00 GMT
beacon.gif
rum-collector-2.pingdom.net/img/
0
213 B
XHR
General
Full URL
https://rum-collector-2.pingdom.net/img/beacon.gif?id=560b0d8dabe53d2e7e8a2dfc&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=1002&cE=1018&dLE=1002&dLS=934&fS=933&hS=1007&rE=-1&rS=-1&reS=1018&resS=2002&resE=2003&uEE=-1&uES=-1&dL=2006&dI=3233&dCLES=3233&dCLEE=3258&dC=3522&lES=3522&lEE=3539&s=nt&title=Top%204%20dangerous%20attachments%20in%20spam%20e-mails%20%7C%20Kaspersky%20official%20blog&path=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F&ref=&sId=ylsfby7v&sST=1568725820&sIS=1&rV=0&v=1.4.0
Requested by
Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/prum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.25.27 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-248-25-27.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 17 Sep 2019 13:10:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
sync
t.myvisualiq.net/
Redirect Chain
  • https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D
  • https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_801a9b41-d94c-11e9-9473-42834b516757
43 B
300 B
Image
General
Full URL
https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_801a9b41-d94c-11e9-9473-42834b516757
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.89.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-184-89-106.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Sep 2019 13:10:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Tue, 17 Sep 2019 13:10:20 GMT
via
1.1 google
server
Jetty(8.1.13.v20130916)
status
302
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_801a9b41-d94c-11e9-9473-42834b516757
alt-svc
clear
content-length
0
sync
t.myvisualiq.net/
Redirect Chain
  • https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fprid%253D...
  • https://t.myvisualiq.net/ul_cb/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fpri...
  • https://dpm.demdex.net/ibs:dpid=125310&dpuuid=b967600f-d8b2-4e8b-95b3-f67536d507a9&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_UUID%7D
  • https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=58106956871428546384165664644690711126
43 B
300 B
Image
General
Full URL
https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=58106956871428546384165664644690711126
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.89.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-184-89-106.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Sep 2019 13:10:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
X-TID
btfJhV/VTjg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=58106956871428546384165664644690711126
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
loadus.exelator.com/load/
Redirect Chain
  • https://t.myvisualiq.net/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D
  • https://loadus.exelator.com/load/?p=204&g=1260&buid=0-7e1e2468-b9e8-42d3-8dd2-3c8f188f559f
124 B
124 B
Image
General
Full URL
https://loadus.exelator.com/load/?p=204&g=1260&buid=0-7e1e2468-b9e8-42d3-8dd2-3c8f188f559f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.200 Central, Hong Kong, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software
nginx/1.14.0 / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:10:20 GMT
server
nginx/1.14.0
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status
200
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/x-javascript;charset=UTF-8

Redirect headers

Location
https://loadus.exelator.com/load/?p=204&g=1260&buid=0-7e1e2468-b9e8-42d3-8dd2-3c8f188f559f
Date
Tue, 17 Sep 2019 13:10:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
B10122619.135787232;dc_pre=CJWUjYr31-QCFVgr4AodH28Evg;dc_trk_aid=308320322;dc_trk_cid=72964178;sz=1x1;u=siteid%3DRIQSITE-https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F2...
ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/
Redirect Chain
  • https://t.myvisualiq.net/sync?prid=Test&ao=0&red=https%253A%252F%252Fad.doubleclick.net%252Fddm%252Ftrackimp%252FN408002.2426714VISUALIQ%252FB10122619.135787232%253Bdc_trk_aid%253D308320322%253Bdc_...
  • https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122619.135787232;dc_trk_aid=308320322;dc_trk_cid=72964178;sz=1x1;u=siteid%3DRIQSITE-https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-...
  • https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122619.135787232;dc_pre=CJWUjYr31-QCFVgr4AodH28Evg;dc_trk_aid=308320322;dc_trk_cid=72964178;sz=1x1;u=siteid%3DRIQSITE-https%3A%2F%...
42 B
316 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122619.135787232;dc_pre=CJWUjYr31-QCFVgr4AodH28Evg;dc_trk_aid=308320322;dc_trk_cid=72964178;sz=1x1;u=siteid%3DRIQSITE-https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE%7CVIQ_0-81e7221a-1831-4120-817f-d0e7b636a1fa%7C;ord=5472172
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.198 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f198.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Sep 2019 13:10:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Sep 2019 13:10:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122619.135787232;dc_pre=CJWUjYr31-QCFVgr4AodH28Evg;dc_trk_aid=308320322;dc_trk_cid=72964178;sz=1x1;u=siteid%3DRIQSITE-https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE%7CVIQ_0-81e7221a-1831-4120-817f-d0e7b636a1fa%7C;ord=5472172
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impression_pixel
t.myvisualiq.net/
43 B
300 B
Image
General
Full URL
https://t.myvisualiq.net/impression_pixel?r=2838025&et=i&ago=212&ao=537&aca=-10&si=-10&ci=-10&pi=-10&ad=-10&advt=-10&chnl=-10&vndr=1583&sz=8968&u=siteid%3DRIQSITE||https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE&pt=i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.89.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-184-89-106.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Sep 2019 13:10:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
tr
www.facebook.com/
Redirect Chain
  • https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D238727726635232%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D
  • https://t.myvisualiq.net/ul_cb/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D238727726635232%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D
  • https://www.facebook.com/tr?id=238727726635232&ev=PageView&cd[order_id]=b967600f-d8b2-4e8b-95b3-f67536d507a9
44 B
149 B
Image
General
Full URL
https://www.facebook.com/tr?id=238727726635232&ev=PageView&cd[order_id]=b967600f-d8b2-4e8b-95b3-f67536d507a9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:10:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 17 Sep 2019 13:10:20 GMT

Redirect headers

Location
https://www.facebook.com/tr?id=238727726635232&ev=PageView&cd[order_id]=b967600f-d8b2-4e8b-95b3-f67536d507a9
Date
Tue, 17 Sep 2019 13:10:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
up
insight.adsrvr.org/track/ Frame A9D2
0
0
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=3flza28&ref=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE&upid=5jbt2zb&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.228.121 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-99-81-228-121.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=3flza28&ref=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE&upid=5jbt2zb&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE

Response headers

status
200
date
Tue, 17 Sep 2019 13:10:20 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
idr.js
a.rfihub.com/
83 B
634 B
Script
General
Full URL
https://a.rfihub.com/idr.js?_callback=window.RocketfuelBCP.jsonpCallbacks.request_cmZpSWRJbkNhY2hl
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.31.128.129 , Netherlands, ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US),
Reverse DNS
Software
Jetty(9.0.6.v20130930) /
Resource Hash
65873e22e99230fffc8c934ba0c13bae89a1be8b01e01d993430c7b75a925ef8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires
Sun, 11 Oct 2020 13:10:20 GMT
Cache-Control
public, max-age=33696000
Server
Jetty(9.0.6.v20130930)
Content-Type
application/javascript
Content-Length
83
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cookie set ca.html
20730592p.rfihub.com/ Frame 56E4
0
0
Document
General
Full URL
https://20730592p.rfihub.com/ca.html?rfiidc=1582804165409402715&rfiaid=ef09f930775149338bfaf2b0a4c0b690&ver=9&rb=20707&ca=20730592&pe=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE&pf=&ra=1641268522028878
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.31.128.129 , Netherlands, ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US),
Reverse DNS
Software
Jetty(9.0.6.v20130930) /
Resource Hash

Request headers

Host
20730592p.rfihub.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
Accept-Encoding
gzip, deflate, br
Cookie
rud=H4sIAAAAAAAAAOMSNjS1MLIwMDE0MzUxsDQxMDI3NBXiM9QNLY_yytC18PE3z4uS4jU0NbMwNwKqNDA0NwQAQPA_JzQAAAA; ruds=H4sIAAAAAAAAAOMSNjS1MLIwMDE0MzUxsDQxMDI3NBXiM9QNLY_yytC18PE3z4sCAHXjzhclAAAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSNjS1MLIwMDE0MzUxsDQxMDI3NBXiM9QNLY_yytC18PE3z4uS4jU0NbMwNwKqNDA0NwQAQPA_JzQAAAA;Path=/;Domain=.rfihub.com;Expires=Sun, 11-Oct-2020 13:10:20 GMT ruds=H4sIAAAAAAAAAOMSNjS1MLIwMDE0MzUxsDQxMDI3NBXiM9QNLY_yytC18PE3z4sCAHXjzhclAAAA;Path=/;Domain=.rfihub.com eud=H4sIAAAAAAAAAJvFyGtoamZhbmRqYWRgZGjwCo3fxITKX4TG38SKyt_Fjcr_hcZfJIzKf4TGBwBBQRwtkAAAAA;Path=/;Domain=.rfihub.com;Expires=Sun, 11-Oct-2020 13:10:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Transfer-Encoding
chunked
Server
Jetty(9.0.6.v20130930)
/
www.facebook.com/tr/ Frame 3756
0
0
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
3718
pragma
no-cache
cache-control
no-cache
origin
https://www.kaspersky.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
accept-encoding
gzip, deflate, br
cookie
fr=0ro9Y1CI7npe91q38..BdgNs7...1.0.BdgNs7.;
Origin
https://www.kaspersky.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.kaspersky.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Tue, 17 Sep 2019 13:10:20 GMT
Banner_1460x300_SaaS_en.png
media.kasperskydaily.com/wp-content/uploads/sites/92/2018/04/28085347/
187 KB
187 KB
Image
General
Full URL
https://media.kasperskydaily.com/wp-content/uploads/sites/92/2018/04/28085347/Banner_1460x300_SaaS_en.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:7c00:7:b0d4:2940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e180be86a7aa97d347f8039a17d9f3a6bbceaf35820eecb0f94a39c7bc56535

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:10:21 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2019 11:55:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"74b6d8b0900108aeb79d7bd6ce682d65"
x-cache
Miss from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
191239
x-amz-cf-id
x176T8PZheMwff8P8bSeSy1h3DTsA0PgLUoNTsccIrsKqP-QOMfh6w==
expires
Sun, 28 Apr 2019 12:53:47 GMT
Contact-form-spam-featured-300x197.jpg
media.kasperskydaily.com/wp-content/uploads/sites/92/2019/08/08033515/
16 KB
16 KB
Image
General
Full URL
https://media.kasperskydaily.com/wp-content/uploads/sites/92/2019/08/08033515/Contact-form-spam-featured-300x197.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:7c00:7:b0d4:2940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1f043ffd1194523aed3e94c2bdb8ebaa66b71d7312e2135b9a8b968fec03f73

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:10:21 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified
Thu, 08 Aug 2019 07:35:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"87292021594a1021211ec21bbc2aa170"
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16270
x-amz-cf-id
CVIFKxdo2e-26Kj7V4IC6gJch2uEGpzXG8HoqwzCZkOmvGyF-JK2Zg==
expires
Fri, 07 Aug 2020 07:35:15 GMT
spam-extortion-reputation-featured-300x197.jpg
media.kasperskydaily.com/wp-content/uploads/sites/92/2019/06/18211834/
14 KB
14 KB
Image
General
Full URL
https://media.kasperskydaily.com/wp-content/uploads/sites/92/2019/06/18211834/spam-extortion-reputation-featured-300x197.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:7c00:7:b0d4:2940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef70f12565262d12260343ae65d7fe038dba2915d308744d9c13cc9e2081fb9a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:10:21 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2019 11:58:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"c7792a5128473b5d22ca01707e484afe"
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
13899
x-amz-cf-id
-1YWRul8BDzlTAn8g7R137XgMnazOYYzvi2Ia0GCg1NWAXNRyly2gw==
expires
Thu, 18 Jun 2020 01:18:34 GMT
spam-through-google-services-featured-1-300x197.jpg
media.kasperskydaily.com/wp-content/uploads/sites/92/2019/06/10051301/
18 KB
19 KB
Image
General
Full URL
https://media.kasperskydaily.com/wp-content/uploads/sites/92/2019/06/10051301/spam-through-google-services-featured-1-300x197.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:7c00:7:b0d4:2940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d165cbe9185fbf5a9dd855b2c876a26567a5942c96d62a149731829b9a7ce96d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:10:21 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2019 11:58:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"0de48af9fa6a25c6a114b6db6c8e68eb"
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
18778
x-amz-cf-id
FsqAsPD9fUoyh-Ry71PJ1UQYO00ViroJwn7ISy606AXYSjl2VKF6Fg==
expires
Tue, 09 Jun 2020 09:13:01 GMT
brazil-spam-mail-takeover-300x197.jpg
media.kasperskydaily.com/wp-content/uploads/sites/92/2019/05/02155259/
16 KB
16 KB
Image
General
Full URL
https://media.kasperskydaily.com/wp-content/uploads/sites/92/2019/05/02155259/brazil-spam-mail-takeover-300x197.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:7c00:7:b0d4:2940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e067d6889575698aa2de49844fd30d282bf7b0d75fcb08de6ea3691e0a65aab5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:10:21 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2019 11:58:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"72a8f6570a464345be5d43994342c15b"
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16179
x-amz-cf-id
ouGBfN4hU195ldCCVM5pS8YUejJnrTdyDNtZa6tQpMX1AzaXMqtAqQ==
expires
Fri, 01 May 2020 19:52:59 GMT
how-not-to-be-spammer-featured-300x197.jpg
media.kasperskydaily.com/wp-content/uploads/sites/92/2018/12/20150519/
20 KB
21 KB
Image
General
Full URL
https://media.kasperskydaily.com/wp-content/uploads/sites/92/2018/12/20150519/how-not-to-be-spammer-featured-300x197.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:7c00:7:b0d4:2940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf1686e3a79f25803975acd1bd2b6b710dc9122ad9a2385f2338647fdd0ef60b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:10:21 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2019 11:57:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"d2d1db84ca499160fedb39f7c2fdbc46"
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20872
x-amz-cf-id
T6qPAF9HoG1Koc44YMGOKbkcZIOgobgZilIwg8rBuW2gDNGAg1AryQ==
expires
Fri, 20 Dec 2019 20:05:19 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63997723-2&cid=2056159826.1568725820&jid=2092269208&_v=j79&z=2019686027
Domain
www.google.com
URL
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-1&cid=2056159826.1568725820&jid=408225857&_v=j79&z=477682690
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63997723-2&cid=2056159826.1568725820&jid=2092269208&_v=j79&z=2019686027&slf_rd=1&random=2129733498
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-1&cid=2056159826.1568725820&jid=408225857&_v=j79&z=477682690&slf_rd=1&random=4132917718
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/collect/?time=1568725820016&pid=39138&url=https%3A%2F%2Fwww.kaspersky.com%2Fblog%2Ftop4-dangerous-attachments-2019%2F27147%2F%3Fsiteid%3DRIQSITE&fmt=js&s=1
Domain
bat.bing.com
URL
https://bat.bing.com/bat.js
Domain
resources.xg4ken.com
URL
https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N3AA7-3EE

Verdicts & Comments Add Verdict or Comment

231 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate undefined| $ function| jQuery object| gdprDynamicStrings object| kasbanner_frontend_ajax_object object| gdprStrings function| EventEmitter object| eventie function| imagesLoaded function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| html5 object| Modernizr function| yepnope object| MktoForms2 object| kaspersky_popup_object object| frontend_ajax_object object| kss function| Overlay function| MasonryCustom function| articleHover function| AjaxPagination function| twitter_widget_loaded function| singlePostHeader function| initTimeline object| stickyPins object| dataLayer object| mmRequestCallbacks object| mmsystem object| google_tag_manager function| postscribe function| fbq function| _fbq object| _prum object| gf_global string| GoogleAnalyticsObject function| ga object| appBannersConfig object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile function| gformIsHidden function| gformCalculateTotalPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRoundPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformToggleCheckboxes function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformToggleIcons function| gformAddRepeaterItem function| gformDeleteRepeaterItem function| gformResetRepeaterAttributes function| gformToggleRepeaterButtons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format function| renderRecaptcha function| gformValidateFileSize function| gformInitSpinner function| gformAddSpinner function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex function| rgars function| rgar object| _gformPriceFields undefined| _anyProductSelected function| GFMergeTag function| GFCalc object| gform undefined| __gf_keyup_timeout object| wp object| gfMultiFileUploader object| Placeholders object| kaspersky object| prmOm object| omPlatformsSettings function| trackKLReferrer function| trackTrialSubmit function| trackFraud function| getFilename function| trackFile function| trackTrial function| trackTrialKMS function| trackPU function| trackPU2 function| trackDoc function| trackBeta function| trackDBUpdate function| trackDRFile function| trackLink function| trackCountrySelector function| trackLRC function| trackIPP function| trackPage function| trackMaxymiser function| trackAuditories function| trackAddToCart function| trackCheckoutFormFilling function| trackCroSegment function| trackCta function| trackDownload function| trackEvent function| trackExit function| trackForm function| trackGoToPayment function| trackChangePaymentMethod function| trackLena function| trackMarketLincGroup function| trackMarketLincVisitor function| trackPageView function| trackRegistration function| trackRemoveFromCart function| trackSaleButton function| trackSignin function| trackSignIn function| trackUpsellPage function| omSetContext function| omSetOmnitureParameters function| omAddSpaces function| omChooseCookieDomain function| omGetAbsoluteUrl function| omGetHostName function| omGetOrigin function| omGetQueryParam function| omReadCookie function| omRemoveAllUrlParameters function| omRemoveAllUrlParametersForDownloads function| omRemoveUrlParameter function| omRemoveCookie function| omSafeParseJson function| omSetCookie function| omSetInp function| removeHashFromString function| omTransmitToDataLayer function| omGetProductsString function| omCutDataToEvars function| omPrepareProductsForTriggers function| omHandleClick function| omHandleMessage function| e object| sng object| s function| AppMeasurement function| s_gi function| s_pgicq object| adobe function| Visitor object| s_c_il number| s_c_in number| s_objectID number| s_giq object| FB_WP function| fbAsyncInit string| _bizo_data_partner_id undefined| _bizo_data_partner_title undefined| _bizo_data_partner_domain undefined| _bizo_data_partner_company undefined| _bizo_data_partner_location undefined| _bizo_data_partner_employee_range undefined| _bizo_data_partner_sics undefined| _bizo_data_partner_email object| $SendToKindle object| jQuery1124023814703233415901 object| pagination function| jQuery1124023814703233415901_1568725819398 object| FB object| s_i_kaspersky-single-suite function| _bizo_local_logger function| _bizo_fire_partners boolean| _bizo_main_already_called function| _rfi object| uetq object| CPVisuallyComplete function| ktag function| SetCookie object| searchDomains string| userSegment string| referrer string| url number| flag object| viqjson object| visualiqtag function| ttd_dom_ready function| TTDUniversalPixelApi function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP object| $data

15 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 58106956871428546384165664644690711126
.kaspersky.com/ Name: AMCVS_983502BE532960BE0A490D4C%40AdobeOrg
Value: 1
.kaspersky.com/ Name: AMCV_983502BE532960BE0A490D4C%40AdobeOrg
Value: -1712354808%7CMCIDTS%7C18157%7CMCMID%7C68435993719964225804005261659295988748%7CMCAAMLH-1569330619%7C6%7CMCAAMB-1569330619%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1568733019s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18164%7CvVersion%7C4.3.0
.kaspersky.com/ Name: _gcl_au
Value: 1.1.159942646.1568725820
www.kaspersky.com/ Name: daily_returning_visitor
Value: 1
.kaspersky.com/ Name: _fbp
Value: fb.1.1568725819809.1781053146
.kaspersky.com/ Name: s_cc
Value: true
.kaspersky.com/ Name: _gat_UA-35676203-1
Value: 1
.facebook.com/ Name: fr
Value: 0ro9Y1CI7npe91q38..BdgNs7...1.0.BdgNs7.
.kaspersky.com/ Name: _gat_gtmunivSep2015
Value: 1
.kaspersky.com/ Name: _gid
Value: GA1.2.733635809.1568725820
.kaspersky.com/ Name: _ga
Value: GA1.2.2056159826.1568725820
.kaspersky.com/ Name: mmapi.store.s.0
Value: %7B%22mmparams.d%22%3A%7B%7D%2C%22mmparams.p%22%3A%7B%7D%7D
.kaspersky.com/ Name: mmapi.store.p.0
Value: %7B%22mmparams.d%22%3A%7B%7D%2C%22mmparams.p%22%3A%7B%22pd%22%3A%221600261819511%7C%5C%22-279716094%7CAQAAAApVAwDVRrPeIhIl7wABEgABQgAe4aiwAQBnathjcDvXSGdq2GNwO9dIAAAAAP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAAZEaXJlY3QBIhIBAAAAAAAAAAAA%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAAAAAAAAAAFF%5C%22%22%2C%22bid%22%3A%221568726419128%7C%5C%22fravwcgeu10%5C%22%22%2C%22srv%22%3A%221600261819514%7C%5C%22fravwcgeu10%5C%22%22%7D%7D
www.kaspersky.com/blog/top4-dangerous-attachments-2019/27147 Name: pa-l
Value: pa-l=sid%3Dylsfby7v%26sst%3D1568725820%26sis%3D1%26rv%3D0

1 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 24)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 839281392784015.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy connect-src 'self' https://*.3gl.net https://*.abmr.net https://*.demdex.net https://*.everesttech.net https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.com https://*.infogram.com https://*.kaspersky.com https://*.mail.ru https://*.marketlinc.com https://*.maxymiser.net https://*.mktoresp.com https://*.omtrdc.net https://*.optimizely.com https://*.pingdom.net https://*.reddit.com https://*.veinteractive.com https://*.yandex.ru https://*.youtube.com https://cdn.securelist.com https://hn.algolia.com https://kaspersky.admo.tv:9999 https://maxymiser.net https://media.kasperskydaily.com https://tagmanager.google.com https://www.kaspersky.com/blog https://www.opinionstage.com https://www.riddle.com https://www.tag4arm.com wss://kaspersky.admo.tv:9999; default-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://www.kaspersky.com/blog https://www.riddle.com; font-src 'self' data: https://*.cloudfront.net https://*.gstatic.com https://*.kaspersky.com https://*.maxymiser.net https://*.slideshare.net https://*.slidesharecdn.com https://*.wp.com https://assets.kasperskydaily.com https://cdn.securelist.com https://fonts.googleapis.com https://fonts.gstatic.com https://maxymiser.net https://media.kasperskydaily.com https://www.kaspersky.com/blog https://www.riddle.com; frame-src 'self' https://*.addthis.com https://*.adsrvr.org https://*.ampproject.net https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.infogram.com https://*.instagram.com https://*.kaspersky.com https://*.libsyn.com https://*.marketo.com https://*.maxymiser.net https://*.owneriq.net https://*.rfihub.com https://*.sharethis.com https://*.slideshare.net https://*.soundcloud.com https://*.twitter.com https://*.veinteractive.com https://*.wp.com https://*.youtube.com https://amuselabs.com https://cdn.knightlab.com https://cdn.securelist.com https://cyberstat.kaspersky.com https://infogram.com https://kaspersky.demdex.net https://maxymiser.net https://media.kasperskydaily.com https://pixel.mathtag.com https://player.vimeo.com https://s-static.ak.facebook.com https://servedby.flashtalking.com https://tagmanager.google.com https://www.brighttalk.com https://www.kaspersky.com https://www.kaspersky.com/blog https://www.opinionstage.com https://www.riddle.com; img-src 'self' data: http://*.cloudfront.net http://*.imgix.net http://*.ipinyou.com http://*.netdna-cdn.com http://*.wordpress.com http://*.wp.com http://i0.poll.fm https://*.addthis.com https://*.admixer.net https://*.adnxs.com https://*.adriver.ru https://*.advertising.com https://*.behe.com https://*.betweendigital.com https://*.bidswitch.net https://*.bing.com https://*.btrll.com https://*.casalemedia.com https://*.cloudfront.net https://*.crwdcntrl.net https://*.demdex.net https://*.digitaltarget.ru https://*.dotomi.com https://*.doubleclick.net https://*.everesttech.net https://*.exelator.com https://*.eyeota.net https://*.facebook.com https://*.google-analytics.com https://*.google.com https://*.gravatar.com https://*.gstatic.com https://*.imgix.net https://*.infogram.com https://*.instagram.com https://*.ipinyou.com https://*.kaspersky.com https://*.marketgid.com https://*.mathtag.com https://*.maxymiser.net https://*.myvisualiq.net https://*.netdna-cdn.com https://*.omtrdc.net https://*.openx.net https://*.owneriq.net https://*.postrelease.com https://*.pubmatic.com https://*.qq.com https://*.rubiconproject.com https://*.rutarget.ru https://*.sharethis.com https://*.staticflickr.com https://*.stickyadstv.com https://*.tanx.com https://*.tapad.com https://*.tradelab.fr https://*.tribalfusion.com https://*.twimg.com https://*.twitter.com https://*.undertone.com https://*.v12group.com https://*.veinteractive.com https://*.w55c.net https://*.wordpress.com https://*.wp.com https://*.yahoo.co.jp https://*.yandex.ru https://*.yieldlab.net https://*.youku.com https://ad.mail.ru https://addevent.com https://adm.shinobi.jp https://adsearch.adkontekst.pl https://assets.kasperskydaily.com https://bh.contextweb.com https://cdn.securelist.com https://ckm.aty.sohu.com https://cm.fastapi.net https://cm.pos.baidu.com https://cm.qtmojo.com https://csi.gstatic.com https://exelatesync.extend.tv https://geo.yahoo.com https://images.telechargement.fr https://inpagevideo.nl https://instagramimages-a.akamaihd.net https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://m.one.impact-ad.jp https://maps.googleapis.com https://maxymiser.net https://media.kasperskydaily.com https://pixel.quantserve.com https://pixel.s3xified.com https://player.vimeo.com https://polldaddy.com https://rum-collector.pingdom.net https://s.w.org https://s3.amazonaws.com https://scontent.cdninstagram.com https://ssl.socdm.com https://stats.g.doubleclick.net https://stats.seedr.com https://t.co https://tagmanager.google.com https://track.addevent.com https://ums.adtech.de https://vmg.host https://www.emjcd.com https://www.google.hr https://www.kaspersky.com/blog https://www.riddle.com https://www.tag4arm.com; media-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://www.kaspersky.com/blog https://www.riddle.com; object-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://player.vimeo.com https://polldaddy.com https://www.kaspersky.com/blog https://www.riddle.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.3gl.net https://*.addevent.com https://*.addthis.com https://*.adnxs.com https://*.adsrvr.org https://*.airpr.com https://*.ampproject.org https://*.bazaarvoice.com https://*.behe.com https://*.bizographics.com https://*.cloudfront.net https://*.crazyegg.com https://*.demdex.net https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.flickr.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.gravatar.com https://*.gstatic.com https://*.infogram.com https://*.instagram.com https://*.ipinyou.com https://*.kaspersky.com https://*.mail.ru https://*.marketlinc.com https://*.marketo.com https://*.marketo.net https://*.mathtag.com https://*.maxymiser.net https://*.myvisualiq.net https://*.optimizely.com https://*.owneriq.net https://*.polldaddy.com https://*.quantserve.com https://*.rfihub.com https://*.rfihub.net https://*.rutarget.ru https://*.salesforceliveagent.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.veinteractive.com https://*.volvelle.tech https://*.woopra.com https://*.wp.com https://*.yahoo.co.jp https://*.yandex.ru https://*.yimg.com https://*.yimg.jp https://adcdn.goo.ne.jp https://addthisevent.com https://analytics-scripts.s3-eu-west-1.amazonaws.com https://assets.adobedtm.com https://assets.kasperskydaily.com https://bwb101.goo.ne.jp https://cdn.onesignal.com https://cdn.securelist.com https://cdn.tradelab.fr https://cdn.trmit.com https://connect.facebook.net https://connect.mail.ru https://external-assets.loyaltybay.co.uk https://kaspersky.admo.tv https://kaspersky.d2.sc.omtrdc.net https://m.addthis.com https://m.addthisedge.com https://maxymiser.net https://media.kasperskydaily.com https://munchkin.marketo.net https://player.vimeo.com https://rum-static.pingdom.net https://s3.amazonaws.com https://share.yandex.ru/ https://sp.analytics.yahoo.com https://static.ads-twitter.com https://tagmanager.google.com https://vk.com https://www.addevent.com https://www.brighttalk.com https://www.flickr.com https://www.glancecdn.net https://www.googleadservices.com https://www.googletagmanager.com https://www.kaspersky.com/blog https://www.linkedin.com https://www.opinionstage.com https://www.riddle.com https://www.tag4arm.com; style-src 'self' 'unsafe-inline' https://*.cloudfront.net https://*.googleapis.com https://*.gravatar.com https://*.kaspersky.com https://*.marketo.com https://*.maxymiser.net https://*.securelist.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.wp.com https://assets.kasperskydaily.com https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://tagmanager.google.com https://www.kaspersky.com/blog https://www.riddle.com; worker-src 'self' blob: data: file: filesystem: https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://www.kaspersky.com/blog https://www.riddle.com unsafe-eval unsafe-inline
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20730592p.rfihub.com
a.rfihub.com
a.tribalfusion.com
ad.doubleclick.net
analytics-scripts.s3-eu-west-1.amazonaws.com
app-sj06.marketo.com
assets.kasperskydaily.com
bat.bing.com
c1.rfihub.net
c360.revenu8.com
cm.everesttech.net
connect.facebook.net
d1xnn692s7u6t6.cloudfront.net
dpm.demdex.net
graph.facebook.com
hn.algolia.com
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
kaspersky.d3.sc.omtrdc.net
kaspersky.demdex.net
links.signaltechnet.com
loadus.exelator.com
media.kaspersky.com
media.kasperskydaily.com
p.ziffdavisb2b.com
px.ads.linkedin.com
resources.xg4ken.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s.tribalfusion.com
service.maxymiser.net
sjs.bizographics.com
staticxx.facebook.com
t.myvisualiq.net
tapestry.tapad.com
vt.myvisualiq.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.kaspersky.com
www.linkedin.com
www.reddit.com
bat.bing.com
px.ads.linkedin.com
resources.xg4ken.com
www.google.com
www.google.de
100.25.236.219
104.103.102.114
104.111.215.249
104.111.252.27
104.16.225.72
104.16.94.80
108.168.255.74
143.204.207.113
143.204.208.175
143.204.214.35
147.75.102.200
151.101.113.140
172.217.21.198
18.184.89.106
185.31.128.129
185.85.15.23
185.85.15.47
2600:9000:2057:1c00:12:5eb9:fe40:93a1
2600:9000:2057:7c00:7:b0d4:2940:93a1
2606:4700:10::6814:15ef
2a00:1450:4001:820::2008
2a00:1450:4001:825::200e
2a02:26f0:10c:38f::3adf
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
3.248.160.221
3.248.25.27
34.235.85.87
35.227.248.159
37.252.172.249
52.212.90.74
52.218.56.120
66.117.28.86
66.117.29.226
99.81.228.121
00ec347c906e5f1e1ceee9ac7244aad480dac697500a95f527c59c87e303dc03
03bbca6c8d36e46a06ed00435438ef0ec611563100a06f55e937e5b3749a3dba
0e409bb24dfc019e40b9a9216840ae95d6ba8c6061e60e3dac334787e0d6233e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
1ab966849cadfd65b92a7665d7c1ae5690a1514e51cc1126f73384c122ac4fde
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20c44a2b00fbdf68041dbfacf8b61d07267786208e0495eb8b7f15b2d26300d9
2315540628feae3b834304aa66018fddd8f328eef20559f5b62cf623719fa8cb
2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4
2d659b59a4cf40320e19b273395524a19b1a354beceb07e791746aec927465c2
321bbcc4cc57483b7e329186e5159498b668ddde87cb64696ddcdc95176cce82
327262f2b3496dd8337891b4d031f547db0e674d8cdc1ebf68e627adafbf7aa9
386d40859a290db4b20f811bf7c698c1f629cd10b9ab9a9edd71d2453b0c8e1e
39ccd93a521cee5450145cae9e169a50f10ead38317c62f85047ba901215dfc7
3f0a54b64a9f268dbcd9d55d0025c2405287310951cce80b0d0c0beadb76839d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be71be3433b3c0505b7d57503f75b0b88fa751d7554ce12c396f9e844e56866
4f24864d27bfaffc860ad3f2648709b60153abbeb7ec502552ab987a18d0ff4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
65873e22e99230fffc8c934ba0c13bae89a1be8b01e01d993430c7b75a925ef8
6c13e77a3c5575f17d892f2f18592e4b6a2bfb4fc16dcfe50211ca0660f6f62f
6d167d6e9c026228d979ea6eb4c4725e4dfc044efa9d0b588e4d54a76c2d31b4
6dd21f48efae5a31b9f4042a2801d3a71f2c8c8fb93a121395dd44bf01fb37ff
78387c5f1139254d8aeb190e671e4274d70dd6266896daeafb5da49d8869b7d5
79a5e14366bc537a4292925a3c0982aadbb0506da28da742cd2251a2fa7e274b
7e98e381189d908e1981b6e535bcdd7f3edceafdb0e7095f3e04292e8aac6a0c
9176936e1dace2ec44b9cee9bc5349265b7c3a10aeedca15479264b26642f0a9
9e180be86a7aa97d347f8039a17d9f3a6bbceaf35820eecb0f94a39c7bc56535
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a8f614f39d0da502fb9c0a13e923154564e600fa5eeeb28e5fc123cc41e421ec
b27f6c546b342d36a22801e2ed49f19198c486cb1559f9478e19fde10d498ed6
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
b652721e972ad17bfe8aab3616e4735ccf031e3ed595128c15a5c095f57c61a4
b91c2d22074ce0ffdd23e12b88c1ee869b1c153c62cf4de3c439c6862f916258
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
bd67ec35553f8771221dc7c408e119368976012d9ad17e77e6aa6b384469c831
be3f65897da44ad09ea808e643ebfeabe954da9c1a282b807d0b6abc0b872906
bf1686e3a79f25803975acd1bd2b6b710dc9122ad9a2385f2338647fdd0ef60b
c5c359caabddd0372e344a749899529ddbcd35e5ce50658b0373f563b5dcda4e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
cf470d057d05670a2d55d765d72625ff6b3912d71dff04113f1ef108ecf66829
cfe7b164ae32828fd0589123dd4f024967b8967da4b3cbc58b8a999871897567
d121f2bfc5cc153ad434ba8d5ca674db70d3eecb63bae781f43d4b762b0e73e8
d165cbe9185fbf5a9dd855b2c876a26567a5942c96d62a149731829b9a7ce96d
d1f043ffd1194523aed3e94c2bdb8ebaa66b71d7312e2135b9a8b968fec03f73
d730bb6fbbbd41c6dbbc93a37860904fd6e8cdb2c3029efd2eb7104ae41586ce
d7c02bfd05f418c18d9926ecd9bb0a14da25e22bdc02ecd42c0c948940e5ba23
d9b7e1beab4d80b41aad23442d1dcf8a64d299cab70b05bdfb7b61d18675cd0d
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
de892addc549d85b9fd5d5c2f77a4dd96fbe4ec11542d6cf7232fab6ccabae5d
e067d6889575698aa2de49844fd30d282bf7b0d75fcb08de6ea3691e0a65aab5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f43e2bb5356e5a42b110bbd4bc0e522ca6afce2e8b69850f4f3db1f275fdea
e95cd93b9d67302b51822a141eaa14edb6c3facc03d80e49ab769c13a2e820be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef70f12565262d12260343ae65d7fe038dba2915d308744d9c13cc9e2081fb9a
f449a501d38b9e34f33315a7452ac78d5671e953edba65f22449cc4865815e64
f4f2c0a4763f01ee2b13b4f8189e6fd5f32bd704d71fed8d0f11883de9724198
f6b8d4d38a0a6d56d7b2f4276e97c9e32e422136efe49e382defc32203cd2eec
f913edb442ecf03576bd55c4f9f636829f8432a6e37a5ac74feee405ffff36d1