threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mx.zerofox.com/ls/click?upn=ww412yoGJJHVE-2FMmOwntOlwcCmJ9C6BjtZVZtj46EAlhHNz3vk3AB7-2BwJHo8wE-2Fry33fPHUPxonOv...
Effective URL:
https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Submission: On September 11 via api (September 11th 2020, 8:55:25 am UTC) from SG

Summary HTTP 294 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 60 IPs in 8 countries across 49 domains to perform 294 HTTP transactions. The main IP is 35.173.160.135, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is threatpost.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 10th 2020. Valid for: a year.

This is the only time threatpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.20.45.237 104.20.45.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	35.173.160.135 35.173.160.135	14618 (AMAZON-AES) (AMAZON-AES)
11	143.204.215.61 143.204.215.61	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:e2:... 2606:4700:e2::ac40:861f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
8	2600:9000:215... 2600:9000:2156:4800:2:9275:3d40:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2600:9000:21f... 2600:9000:21f3:8a00:0:5c46:4f40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2 12	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
27	185.220.204.204 185.220.204.204	41436 (CLOUDWEBM...) (CLOUDWEBMANAGE-EU)
7	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
5	99.86.5.213 99.86.5.213	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
1 3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1 6	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1 7	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
5	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	100.24.218.250 100.24.218.250	14618 (AMAZON-AES) (AMAZON-AES)
1	206.189.254.17 206.189.254.17	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 12	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
10 15	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
4	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	18.203.164.24 18.203.164.24	16509 (AMAZON-02) (AMAZON-02)
1	52.28.149.230 52.28.149.230	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
4	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
16	185.127.17.52 185.127.17.52	210329 (CLOUDWEBM...) (CLOUDWEBMANAGE-UK-1)
1 2	35.157.226.135 35.157.226.135	16509 (AMAZON-02) (AMAZON-02)
1 1	195.201.246.119 195.201.246.119	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
8	52.29.183.32 52.29.183.32	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	199.232.53.140 199.232.53.140	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:824::2001	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
4	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
3	3.120.64.232 3.120.64.232	16509 (AMAZON-02) (AMAZON-02)
2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.210.249.83 23.210.249.83	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 5	52.57.10.248 52.57.10.248	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 3	52.212.184.249 52.212.184.249	16509 (AMAZON-02) (AMAZON-02)
1 1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:bdf::10 2620:1ec:bdf::10	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.59.125.145 52.59.125.145	16509 (AMAZON-02) (AMAZON-02)
1 1	134.209.131.220 134.209.131.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
4	18.210.170.92 18.210.170.92	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1430	41041 (VCLK-EU-) (VCLK-EU-)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
294	60

1 104.20.45.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mx.zerofox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 35.173.160.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com

threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kasperskycontenthub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 143.204.215.61 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-61.fra53.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:e2::ac40:861f (United States)

ASN13335 (CLOUDFLARENET, US)

qd.admetricspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2156:4800:2:9275:3d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:21f3:8a00:0:5c46:4f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland) 1 redirects

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 185.220.204.204 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, GB)

live.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.86.5.213 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-5-213.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.11 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.210.249.164 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.24.218.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-218-250.compute-1.amazonaws.com

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.189.254.17 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.244.159.8 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

teachingaids-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
primis-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States) 10 redirects

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.48 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.164.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-164-24.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.149.230 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-149-230.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, NL)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.127.17.52 (London, United Kingdom)

ASN210329 (CLOUDWEBMANAGE-UK-1, GB)

video.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.226.135 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-226-135.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.246.119 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.29.183.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-183-32.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.53.140 (United States)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

332def0639a087c9e01f4dfef2d8e2dd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.123 (Netherlands)

ASN35220 (SPOTX-AMS, NL)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.64.232 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-64-232.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.83 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-83.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.57.10.248 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.212.184.249 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::10 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.125.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-125-145.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.131.220 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

serverbid-sync.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.210.170.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

aas.dc-1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1430 (Sweden)

ASN41041 (VCLK-EU-, SE)

aol-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	sekindo.com live.sekindo.com video.sekindo.com	2 MB
39	googlesyndication.com 332def0639a087c9e01f4dfef2d8e2dd.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	239 KB
35	threatpost.com threatpost.com assets.threatpost.com media.threatpost.com	992 KB
28	advertising.com 11 redirects adserver-us.adtech.advertising.com ads.adaptv.advertising.com pixel.advertising.com	12 KB
18	ampproject.org cdn.ampproject.org	424 KB
13	google.com 2 redirects www.google.com adservice.google.com	3 KB
12	openx.net 2 redirects teachingaids-d.openx.net u.openx.net primis-d.openx.net eu-u.openx.net	3 KB
11	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	116 KB
11	adlightning.com tagan.adlightning.com	231 KB
10	pubmatic.com 1 redirects hbopenbid.pubmatic.com ads.pubmatic.com image2.pubmatic.com	871 B
9	rubiconproject.com fastlane.rubiconproject.com prebid-server.rubiconproject.com eus.rubiconproject.com	8 KB
8	adnxs.com 1 redirects ib.adnxs.com acdn.adnxs.com	6 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	319 KB
6	spotxchange.com 2 redirects sync.search.spotxchange.com search.spotxchange.com	6 KB
6	admetricspro.com qd.admetricspro.com	222 KB
5	googleapis.com fonts.googleapis.com	4 KB
5	casalemedia.com 1 redirects as-sec.casalemedia.com ssum.casalemedia.com	3 KB
5	amazon-adsystem.com c.amazon-adsystem.com	59 KB
4	dc-1.net aas.dc-1.net	777 B
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	yahoo.com 1 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	2 KB
3	lijit.com 1 redirects ap.lijit.com	1 KB
3	quantserve.com 1 redirects secure.quantserve.com pixel.quantserve.com	9 KB
3	google-analytics.com www.google-analytics.com	18 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	649 B
2	indexww.com js-sec.indexww.com
2	google.de www.google.de adservice.google.de	1 KB
2	bidswitch.net 1 redirects x.bidswitch.net	1012 B
2	3lift.com tlx.3lift.com eb2.3lift.com	476 B
2	servenobid.com ads.servenobid.com public.servenobid.com	3 KB
2	serverbid.com 1 redirects e.serverbid.com sync.serverbid.com	267 B
1	dotomi.com aol-match.dotomi.com	104 B
1	adform.net c1.adform.net	187 B
1	digitaloceanspaces.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	reddit.com www.reddit.com	2 KB
1	linkedin.com www.linkedin.com
1	facebook.com graph.facebook.com	508 B
1	twitter.com analytics.twitter.com	652 B
1	t.co t.co	448 B
1	loopme.me 1 redirects csync.loopme.me	226 B
1	quantcount.com rules.quantcount.com	348 B
1	a-mo.net prebid.a-mo.net	803 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	47 KB
1	kasperskycontenthub.com kasperskycontenthub.com	398 B
1	wp.com i1.wp.com	65 B
1	gravatar.com 1 redirects secure.gravatar.com	385 B
1	googletagservices.com www.googletagservices.com	19 KB
1	zerofox.com 1 redirects mx.zerofox.com	467 B
294	49

	Domain	Requested by
33	tpc.googlesyndication.com	tagan.adlightning.com threatpost.com cdn.ampproject.org
27	live.sekindo.com	threatpost.com live.sekindo.com tagan.adlightning.com
18	cdn.ampproject.org	threatpost.com
17	threatpost.com	threatpost.com
16	video.sekindo.com	threatpost.com live.sekindo.com
15	adserver-us.adtech.advertising.com	10 redirects threatpost.com
12	www.google.com	2 redirects threatpost.com tagan.adlightning.com
11	tagan.adlightning.com	threatpost.com tagan.adlightning.com
10	media.threatpost.com	threatpost.com
8	ads.adaptv.advertising.com	live.sekindo.com
8	assets.threatpost.com	threatpost.com assets.threatpost.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net threatpost.com
6	ib.adnxs.com	1 redirects qd.admetricspro.com live.sekindo.com
6	qd.admetricspro.com	threatpost.com qd.admetricspro.com
5	pixel.advertising.com	1 redirects threatpost.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	tagan.adlightning.com threatpost.com
5	hbopenbid.pubmatic.com	qd.admetricspro.com live.sekindo.com
5	c.amazon-adsystem.com	qd.admetricspro.com c.amazon-adsystem.com live.sekindo.com
4	aas.dc-1.net
4	search.spotxchange.com	live.sekindo.com
4	u.openx.net	2 redirects live.sekindo.com
4	ads.pubmatic.com	tagan.adlightning.com live.sekindo.com qd.admetricspro.com
4	fastlane.rubiconproject.com	qd.admetricspro.com
4	teachingaids-d.openx.net	qd.admetricspro.com live.sekindo.com
4	as-sec.casalemedia.com	qd.admetricspro.com live.sekindo.com
3	match.adsrvr.org	2 redirects
3	primis-d.openx.net	live.sekindo.com
3	prebid-server.rubiconproject.com	live.sekindo.com
3	ap.lijit.com	1 redirects qd.admetricspro.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com threatpost.com
2	ups.analytics.yahoo.com	1 redirects threatpost.com
2	sync-tm.everesttech.net	2 redirects
2	acdn.adnxs.com	live.sekindo.com qd.admetricspro.com
2	js-sec.indexww.com	live.sekindo.com qd.admetricspro.com
2	eus.rubiconproject.com	live.sekindo.com qd.admetricspro.com
2	googleads.g.doubleclick.net
2	pixel.quantserve.com	1 redirects threatpost.com
2	x.bidswitch.net	1 redirects threatpost.com
2	sync.search.spotxchange.com	2 redirects
2	www.gstatic.com	www.google.com
1	image2.pubmatic.com	1 redirects
1	aol-match.dotomi.com
1	ssum.casalemedia.com	1 redirects
1	c1.adform.net
1	serverbid-sync.nyc3.cdn.digitaloceanspaces.com	qd.admetricspro.com
1	sync.serverbid.com	1 redirects
1	eb2.3lift.com	qd.admetricspro.com
1	eu-u.openx.net	qd.admetricspro.com
1	public.servenobid.com	qd.admetricspro.com
1	cm.g.doubleclick.net	1 redirects
1	pr-bh.ybp.yahoo.com	threatpost.com
1	332def0639a087c9e01f4dfef2d8e2dd.safeframe.googlesyndication.com	tagan.adlightning.com
1	adservice.google.com	tagan.adlightning.com
1	adservice.google.de	tagan.adlightning.com
1	www.reddit.com	threatpost.com
1	www.linkedin.com	threatpost.com
1	graph.facebook.com	threatpost.com
1	analytics.twitter.com	tagan.adlightning.com
1	t.co	threatpost.com
1	www.google.de	threatpost.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	csync.loopme.me	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	tlx.3lift.com	qd.admetricspro.com
1	ads.servenobid.com	qd.admetricspro.com
1	e.serverbid.com	qd.admetricspro.com
1	prebid.a-mo.net	qd.admetricspro.com
1	static.ads-twitter.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.googletagmanager.com	threatpost.com
1	kasperskycontenthub.com	threatpost.com
1	i1.wp.com	threatpost.com
1	secure.gravatar.com	1 redirects
1	www.googletagservices.com	threatpost.com
1	mx.zerofox.com	1 redirects
294	77

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
feedly.com
www.instagram.com
www.zscaler.com
slack-redir.net
akismet.com
t.co
indd.adobe.com
spotlight.threatpost.com

Subject Issuer	Validity	Valid
threatpost.com DigiCert SHA2 Secure Server CA	`2020-06-10` - `2021-06-15`	a year	crt.sh
*.adlightning.com Amazon	`2020-07-22` - `2021-08-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-10` - `2021-08-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
assets.threatpost.com Amazon	`2020-03-04` - `2021-04-04`	a year	crt.sh
media.threatpost.com Amazon	`2020-03-04` - `2021-04-04`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
www.sekindo.com Go Daddy Secure Certificate Authority - G2	`2020-05-27` - `2022-06-18`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
kasperskycontenthub.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2021-06-09`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.a-mo.net Amazon	`2020-08-24` - `2021-09-24`	a year	crt.sh
e.serverbid.com Let's Encrypt Authority X3	`2020-06-22` - `2020-09-20`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.servenobid.com Amazon	`2020-03-12` - `2021-04-12`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-02-18` - `2021-02-06`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-07-29` - `2021-01-25`	6 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2020-05-01` - `2020-11-01`	6 months	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2020-08-26` - `2021-02-22`	6 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2019-03-18` - `2021-03-17`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2020-08-08` - `2020-11-03`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-06-02` - `2020-11-29`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-05-27` - `2020-11-23`	6 months	crt.sh
public.servenobid.com DigiCert SHA2 Secure Server CA	`2020-08-26` - `2021-08-25`	a year	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert SHA2 Secure Server CA	`2020-03-11` - `2021-04-14`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.betrad.net Amazon	`2019-12-12` - `2021-01-12`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh

This page contains 30 frames:

Primary Page: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Frame ID: D91F55FC1EBB16FBE498DDB1904E5DF8
Requests: 141 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1599814506&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=both&flowCloseButtonPosition=right
Frame ID: 3CF873F429F56418A5AE5A57C46A6BF8
Requests: 48 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 57F052D067B6385B372873B73B2B9CE1
Requests: 1 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=94&advUuid=7d9e8457-f40c-11ea-bf48-1d0a0d900606
Frame ID: 39084AC80C18BC9D7404CA880C3B0DD9
Requests: 1 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=98&advUuid=c98dc56a-50f3-448b-a390-6105485f3e46
Frame ID: 96DAA99477057155A58C11EEE6EC5DBD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&theme=standard&size=normal&cb=r6eef3s7i3wf
Frame ID: 124F020FBBFBAF3B4DFB15FD7F0FE1C1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&theme=light&size=normal&cb=lftzzrece7j4
Frame ID: 9BDC5EB0446233A9648D3B80AC27CF40
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=59o51yjkt7jl
Frame ID: A35FD8A6D7E4D1B1619E559ADBFAE089
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&cb=dgycdtbsqt5b
Frame ID: C2905C77C21F04CFA513354C3C1AA886
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-9a4f7ce-b01f8ccd.js
Frame ID: F2BCE4E02D9C96314252171C8377CC5C
Requests: 24 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-9a4f7ce-b01f8ccd.js
Frame ID: 7985E43FED4536A63CDA6C71D96CE9E5
Requests: 23 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-9a4f7ce-b01f8ccd.js
Frame ID: EF6133C324F4A016FC82B194B901A9A2
Requests: 23 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-9a4f7ce-b01f8ccd.js
Frame ID: 045A7CECB646D0709695B3BF7F6F77EB
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 5379A8EE7028E6DB947422A270DAFB1D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: 6D84535E91FD929CBA3A0336C2D8502D
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Frame ID: BB32BC64B4A80C5C3E9DB56F8C6A2ACE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 73667E8635AAE3867C7CCA4EB3F6FC9A
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Frame ID: 675D9221C811D6241D9983198B0246BB
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 31892885EBC233B3004D6F0DBC557BE6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 7418C522FE2891E081EF35D37D0A2874
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B81D307F738FC66841CF8CFA0F293EC8
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 40F8EDE16C3B426BAD94A4B45951D469
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3595CA148789483696733FD5C9147EC2
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Frame ID: F04FFF34A8746BCEB11CF993FDDB4BDE
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13394437
Frame ID: 2CB5F5A58E6C8B5122718FC2E494FE9A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CE5A9C050A9B3F842B50DC3512364D37
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 7E6788DEB225F5E67F0AB78A6E4576BF
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Frame ID: 84DF962E5D78AAB3493E2F82379D938B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A1DDAC5851E2D3A1904F8A70A3A7A7DD
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D47DE27E224672AEF7013A856C2E6B44
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mx.zerofox.com/ls/click?upn=ww412yoGJJHVE-2FMmOwntOlwcCmJ9C6BjtZVZtj46EAlhHNz3vk3AB7-2BwJHo... HTTP 302
https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

294
Requests

98 %
HTTPS

37 %
IPv6

49
Domains

77
Subdomains

60
IPs

8
Countries

4898 kB
Transfer

9771 kB
Size

8
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/threatpost/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/threatpost

Search URL Search Domain Scan URL

URL: https://feedly.com/threatpost

Search URL Search Domain Scan URL

URL: https://www.instagram.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://www.zscaler.com/blogs/research/tiktok-spyware
Title: report

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=mzkDxBjshI4
Title: fake app

Search URL Search Domain Scan URL

URL: https://slack-redir.net/link?url=https%3A%2F%2Fthreatpost.com%2Fwebinars%2Ffive-essentials-for-running-a-successful-bug-bounty-program%2F
Title: Register today

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

URL: http://twitter.com/search?q=%23Bluetooth
Title: #Bluetooth

Search URL Search Domain Scan URL

URL: http://twitter.com/search?q=%23authentication
Title: #authentication

Search URL Search Domain Scan URL

URL: https://t.co/JXBqLuIKM5
Title: https://t.co/JXBqLuIKM5

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost
Title: Follow @threatpost

Search URL Search Domain Scan URL

URL: https://indd.adobe.com/view/01579c19-a6ca-4cb0-8106-ed4d5d02a292
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://spotlight.threatpost.com/
Title: HackerOne Spotlight

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mx.zerofox.com/ls/click?upn=ww412yoGJJHVE-2FMmOwntOlwcCmJ9C6BjtZVZtj46EAlhHNz3vk3AB7-2BwJHo8wE-2Fry33fPHUPxonOvwDGHaKE9AnBvu3GfUdgdqFMqAkArAUQsGj1Py2aA23HdbfpEAVzKq3b_Fmc4r-2BNMQh7WUIHHHswVPECntbYGrl5mL-2FqP2ijNcu3c4KVmKzslmPbL9RhxRQgKYfrWVQzt6Rr8jbYBkkiCFYp2b5RKQ21-2FUEPD5HiUkGNkb057GpyiSeZUlQrFs8f8qJCzJ4TosYa8iK9IEBR2tmW5qFY4qqc0YHnDA0cAik34Q-2Fdf4mTLE-2B-2BbFMpjIRlzzrVeYcdKMzDpI6X-2FMsPsiywLEOgI-2BQCwfKW815YEU0fcAHK6GHRP44OrH-2FYlR5YRzB5vFWrgFfZ2mMW9INy8lBfAx0K-2FZFs2g-2BibeofY3x0OMmiVzXd2GK6Jj5feRjxCMbq2aHdoQ4DlSRJ6o-2FkEDJO8P06SYjLpoUHT2fIzj1yLYHMK-2BaEBGwNQu4rQve4GkoelZf3lcS5D8WDsuGFUpNwvltlFxKWWTxZdhgc5kSDL1oHIM1xmVe24Ez2J7QI2vFtFYxGjzEsv0-2Bdd-2BfozWFt-2BWbbBUGCGjDPnyQ-2F9-2F-2Fs-3D HTTP 302
https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://secure.gravatar.com/avatar/fab896982b5c9974407bc14bd8b50b84?s=60&d=https%3A%2F%2Fkasperskycontenthub.com%2Fwp-content%2Fthemes%2Fkaspersky-root%2Fassets%2Fimages%2Favatar_default.jpg&r=g HTTP 302
https://i1.wp.com/kasperskycontenthub.com/wp-content/themes/kaspersky-root/assets/images/avatar_default.jpg?ssl=1

Request Chain 68

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5781c3592f3745a;misc=1599814506956; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=5781c3592f3745a;misc=1599814506956 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;apid=1A7d990c72-f40c-11ea-af88-12ff01cc4d58;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=5781c3592f3745a;misc=1599814506956

Request Chain 69

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=58e1796837ba11f;misc=1599814506956; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=58e1796837ba11f;misc=1599814506956 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;apid=1A7d8fae5c-f40c-11ea-9d46-12bd5c3e34a0;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=58e1796837ba11f;misc=1599814506956

Request Chain 70

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=59f3e61926b830b;misc=1599814506956; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=59f3e61926b830b;misc=1599814506956 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;apid=1A7d966b48-f40c-11ea-a630-12dcd5311714;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=59f3e61926b830b;misc=1599814506956

Request Chain 71

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=60abb7737250162;misc=1599814506956; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=60abb7737250162;misc=1599814506956 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;apid=1A7d988b30-f40c-11ea-908c-12e614795296;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=60abb7737250162;misc=1599814506956

Request Chain 72

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=6135432eda24d11;misc=1599814506956; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=6135432eda24d11;misc=1599814506956 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;apid=1A7d92850a-f40c-11ea-a49a-12795fd23bd8;cfp=1;rndc=1599814507;v=2;cmd=bid;cors=yes;alias=6135432eda24d11;misc=1599814506956

Request Chain 89

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=7d9e84b2-f40c-11ea-bf48-1d0a0d900606 HTTP 302
https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=94&advUuid=7d9e8457-f40c-11ea-bf48-1d0a0d900606

Request Chain 90

https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=98&advUuid=c98dc56a-50f3-448b-a390-6105485f3e46

Request Chain 101

https://x.bidswitch.net/sync?ssp=sekindo&user_id=5f5b3b6aadcb0&custom_data=5f5b3b6aadcb0&gdpr=1&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&user_id=5f5b3b6aadcb0&custom_data=5f5b3b6aadcb0&gdpr=1&gdpr_consent=

Request Chain 102

https://csync.loopme.me/?redirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=93&advUuid=df783e1a-0cff-4953-b6d0-d4cfdfb76982

Request Chain 191

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 192

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 235

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_test=X1s7bQAAAHw3PSJb HTTP 302
https://pixel.advertising.com/ups/55986/sync?uid=X1s7bQAAAHw3PSJb&_origin=0&gdpr=1&gdpr_consent=&_test=X1s7bQAAAHw3PSJb

Request Chain 237

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://pixel.advertising.com/ups/55953/sync?uid=20f36cdb-7f16-42fd-9394-00487acff805&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=20f36cdb-7f16-42fd-9394-00487acff805

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEMu1QdhmHp03reAroH-XxYQ&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMu1QdhmHp03reAroH-XxYQ&google_cver=1&apid=1A7d990c72-f40c-11ea-af88-12ff01cc4d58 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMu1QdhmHp03reAroH-XxYQ&google_cver=1&apid=1A7d990c72-f40c-11ea-af88-12ff01cc4d58&verify=true

Request Chain 248

https://sync.serverbid.com/ss/2000891.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html

Request Chain 252

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Faas.dc-1.net%2Fsetuid%3FA%3D8f7725b2-fe52-4a01-adcd-b1969cf32882%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
https://aas.dc-1.net/setuid?A=8f7725b2-fe52-4a01-adcd-b1969cf32882&D=&bidder=index_rtb&uid=X1s7bVVbLnUAAAceTZoAAABd%261853

Request Chain 254

https://ib.adnxs.com/getuid?https%3A%2F%2Faas.dc-1.net%2Fsetuid%3FA%3D8f7725b2-fe52-4a01-adcd-b1969cf32882%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://aas.dc-1.net/setuid?A=8f7725b2-fe52-4a01-adcd-b1969cf32882&D=&bidder=appnexus&uid=1838061608304456015

Request Chain 256

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faas.dc-1.net%2Fsetuid%3FA%3D8f7725b2-fe52-4a01-adcd-b1969cf32882%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
https://aas.dc-1.net/setuid?A=8f7725b2-fe52-4a01-adcd-b1969cf32882&D=&bidder=pubmatic&uid=C5A06737-282A-47D2-8931-B627560B81DE

Request Chain 257

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=YnET2mR1ENp6JEDaZ3ILiGYiE9l6JkeINi49AjNs

Request Chain 258

https://ap.lijit.com/pixel?redir=https%3A%2F%2Faas.dc-1.net%2Fsetuid%3FA%3D8f7725b2-fe52-4a01-adcd-b1969cf32882%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://aas.dc-1.net/setuid?A=8f7725b2-fe52-4a01-adcd-b1969cf32882&D=&bidder=sovrn&uid=07c11d4a2cf3056e13921c86

294 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Redirect Chain

https://mx.zerofox.com/ls/click?upn=ww412yoGJJHVE-2FMmOwntOlwcCmJ9C6BjtZVZtj46EAlhHNz3vk3AB7-2BwJHo8wE-2Fry33fPHUPxonOvwDGHaKE9AnBvu3GfUdgdqFMqAkArAUQsGj1Py2aA23HdbfpEAVzKq3b_Fmc4r-2BNMQh7WUIHHHswV...
https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

79 KB
21 KB

385ms
97ms

Document
text/html

35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

63a73b8edd14bae09fd92eed9f12ddb120bd751852b02fb3066a3751b814f701

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: threatpost.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Fri, 11 Sep 2020 08:55:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Link: <https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/?p=159050>; rel=shortlink
X-Frame-Options: SAMEORIGIN
X-Debug-Auth: off
X-Request-Host: threatpost.com
x-cache-hit: HIT
Content-Encoding: gzip

Redirect headers

status: 302
date: Fri, 11 Sep 2020 08:55:05 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d050e82782d77ad86b965237f689a9b051599814505; expires=Sun, 11-Oct-20 08:55:05 GMT; path=/; domain=.zerofox.com; HttpOnly; SameSite=Lax; Secure
location: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
x-robots-tag: noindex, nofollow
cf-cache-status: DYNAMIC
cf-request-id: 051df92ace0000eda3ccaa6200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 5d102af14da5eda3-CDG

GET
H/1.1 200
OK main.css
threatpost.com/wp-content/themes/threatpost-2018/assets/css/ 253 KB
39 KB 386ms
183ms Stylesheet
text/css 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 41f3222c29889fb48f5dca1d481858e5339a759655510c256ef4edf56c80f7f5

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 11 Sep 2020 08:55:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Sep 2020 16:09:40 GMT
Server: nginx
ETag: W/"5f58fe44-3f2b8"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 18 Sep 2020 08:55:06 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/math-aids-threatpost/ 37 KB
14 KB 101ms
31ms Script
application/javascript 143.204.215.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-61.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c24c9b9d9a4f3726cf81118c06c45c8af0ac51c7f96f5d2a6c7a7a67651d1ea

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:31:19 GMT
content-encoding: gzip
age: 1428
x-cache: Hit from cloudfront
status: 200
content-length: 13387
x-amz-meta-git_commit: 9a4f7ce
last-modified: Thu, 10 Sep 2020 17:58:06 GMT
server: AmazonS3
etag: "8651f3b72f4b6a69b58fa1175e91471f"
x-amz-version-id: qhU23nSKudwrZpsrIugQ8OiS8jgNK5dh
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: bEV0-jbAk0IRiUfbhJ4k7YKw8tDj3Z-F4epViqG42tYAn6XqI7RNHw==

GET
H2 200 ros-layout.js Show response
qd.admetricspro.com/js/threatpost/ 22 KB
3 KB 43ms
22ms Script
application/javascript 2606:4700:e2::ac40:861f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:861f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2b472509d9e149690aba45c5917ebdd2f52471b98d414c2726301b90e08f21

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 127
status: 200
cf-request-id: 051df92df800006353998ac200000001
last-modified: Thu, 06 Aug 2020 02:14:13 GMT
server: cloudflare
etag: W/"579e-5ac2c0b6aa2e7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5d102af65d9d6353-FRA
expires: Fri, 11 Sep 2020 08:56:43 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 55 KB
19 KB 124ms
101ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2baccee77572be967cd5f3bb9542a0f2874df3cf91402452ed65e24ce0e5f217

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "629 / 95 of 1000 / last-modified: 1599775908"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18766
x-xss-protection: 0
expires: Fri, 11 Sep 2020 08:55:05 GMT

GET
H2 200 cmp.js Show response
qd.admetricspro.com/js/threatpost/ 305 KB
82 KB 69ms
48ms Script
application/javascript 2606:4700:e2::ac40:861f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:861f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d89d98593ac65c9f002b856f3e22a1479f3aea866f7fd15c85903c0a6d66f0e3

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 248
status: 200
cf-request-id: 051df92df800006353998ad200000001
last-modified: Tue, 25 Aug 2020 22:57:08 GMT
server: cloudflare
etag: W/"4c455-5adbb9f62c25a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5d102af65d9e6353-FRA
expires: Fri, 11 Sep 2020 08:58:12 GMT

GET
H2 200 targeting.js Show response
qd.admetricspro.com/js/threatpost/ 275 B
261 B 44ms
24ms Script
application/javascript 2606:4700:e2::ac40:861f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/targeting.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:861f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cdc57f82f4b0d09e5b4e584ca4736cd3871f20563d4ce25120b057d8ffb4eb2

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 248
status: 200
cf-request-id: 051df92df800006353998ae200000001
last-modified: Sat, 08 Feb 2020 20:49:18 GMT
server: cloudflare
etag: W/"113-59e16a3cfb471-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5d102af65d9f6353-FRA
expires: Fri, 11 Sep 2020 08:58:12 GMT

GET
H2 200 prebid.js Show response
qd.admetricspro.com/js/threatpost/ 384 KB
108 KB 75ms
55ms Script
application/javascript 2606:4700:e2::ac40:861f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:861f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed1bd9b5fc31e624bb0b3ca2c510546c8a1bb6b41923e06768a735c75a9c704c

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 249
status: 200
cf-request-id: 051df92df800006353998af200000001
last-modified: Wed, 22 Jul 2020 04:38:40 GMT
server: cloudflare
etag: W/"601dd-5ab005060aaae-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5d102af65da06353-FRA
expires: Fri, 11 Sep 2020 08:58:12 GMT

GET
H2 200 engine.js Show response
qd.admetricspro.com/js/threatpost/ 25 KB
7 KB 43ms
23ms Script
application/javascript 2606:4700:e2::ac40:861f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/engine.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:861f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa90c2d77583dd25e7fbdc1411c8d718f29d9665ab48f985ffe6f3a38b34b6a7

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 248
status: 200
cf-int-pingora-origin-digest: {"ext_ip":"172.69.69.9","ext_port":51926,"upstream_rtt":0}
cf-request-id: 051df92df800006353998b0200000001
last-modified: Wed, 26 Aug 2020 03:04:19 GMT
server: cloudflare
etag: W/"637a-5adbf1363c190-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5d102af65da16353-FRA
expires: Fri, 11 Sep 2020 08:58:03 GMT

GET
H2 200 /
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 89 KB
18 KB 386ms
356ms Stylesheet
text/css 2600:9000:2156:4800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cf1c8861

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

15e9840f31982980328598c38e5c60434072901f2c902713ef9c4d4900e05307

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
status: 200
content-length: 18049
x-cache-hit: HIT
last-modified: Wed, 09 Sep 2020 16:43:57 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: 1PiXDRlZ8hj3EygXGxguTiAjcx1Gd4kenVPYm5KXdJg0ROjHTaTrGg==
expires: Fri, 11 Sep 2020 20:59:35 GMT

GET
H/1.1 200
OK jquery.js Show response
threatpost.com/wp-includes/js/jquery/ 95 KB
37 KB 302ms
102ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 11 Sep 2020 08:55:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jun 2020 22:05:38 GMT
Server: nginx
ETag: W/"5ee15932-17a69"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 18 Sep 2020 08:55:06 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 177 KB
55 KB 386ms
356ms Script
application/x-javascript 2600:9000:2156:4800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=cf1c8861

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b0209d39595432d762f6ba2a81dc0bffa6a6e1ed9021ba24ffa06c3c7e4bcb02

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
status: 200
content-length: 56256
x-cache-hit: HIT
last-modified: Wed, 09 Sep 2020 16:43:57 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: mcp1RIhPu6mOGCwtyo67qjn-iN3NawXPSMeVS1LaxfAq0E45dtA-cA==
expires: Fri, 11 Sep 2020 20:59:39 GMT

GET
H2 200 TikTok.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/02/25094413/ 366 KB
367 KB 120ms
68ms Image
image/jpeg 2600:9000:21f3:8a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/02/25094413/TikTok.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 239fe44a63d6d1f00f687c296b2217df8befeb22fe4c6b01a0547355e5ef0088

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 07:11:20 GMT
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront), 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified: Tue, 25 Feb 2020 14:44:15 GMT
server: AmazonS3
age: 179027
etag: "7c8d969ab09228519a3dfb5204a78252"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2, FRA2-C2
accept-ranges: bytes
content-length: 374732
x-amz-cf-id: VjKsFuYFN3F8QaE_1yAOQKQd04X1dMHuu0tGk_yjsIR7EH9YCDMLnA==
expires: Wed, 24 Feb 2021 14:44:13 GMT

GET
H2

404

avatar_default.jpg
i1.wp.com/kasperskycontenthub.com/wp-content/themes/kaspersky-root/assets/images/
Redirect Chain

https://secure.gravatar.com/avatar/fab896982b5c9974407bc14bd8b50b84?s=60&d=https%3A%2F%2Fkasperskycontenthub.com%2Fwp-content%2Fthemes%2Fkaspersky-root%2Fassets%2Fimages%2Favatar_default.jpg&r=g
https://i1.wp.com/kasperskycontenthub.com/wp-content/themes/kaspersky-root/assets/images/avatar_default.jpg?ssl=1

65 B
65 B

471ms
407ms

Image
text/html

192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.wp.com/kasperskycontenthub.com/wp-content/themes/kaspersky-root/assets/images/avatar_default.jpg?ssl=1
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: i2.wp.com
Software: nginx /
Resource Hash: 3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 404
x-nc: EXPIRED fra 4
date: Fri, 11 Sep 2020 08:55:07 GMT
server: nginx
content-type: text/html; charset=utf-8

Redirect headers

x-nc: HIT fra 1
date: Fri, 11 Sep 2020 08:55:06 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
status: 302
content-type: text/html; charset=utf-8
location: https://i1.wp.com/kasperskycontenthub.com/wp-content/themes/kaspersky-root/assets/images/avatar_default.jpg?ssl=1
cache-control: max-age=300
link: <https://www.gravatar.com/avatar/fab896982b5c9974407bc14bd8b50b84?s=60&d=https%3A%2F%2Fkasperskycontenthub.com%2Fwp-content%2Fthemes%2Fkaspersky-root%2Fassets%2Fimages%2Favatar_default.jpg&r=g>; rel="canonical"
content-length: 0
expires: Fri, 11 Sep 2020 09:00:06 GMT

GET
H2 200 bounty_webinar_promo_small.gif
media.threatpost.com/wp-content/uploads/sites/103/2020/09/04091928/ 42 KB
43 KB 60ms
8ms Image
image/gif 2600:9000:21f3:8a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/09/04091928/bounty_webinar_promo_small.gif
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 031a8a375b4bbd8bbf37ff37f05d37e1a64288c8d08053bf3a6792801870976c

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 13:25:01 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront), 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified: Fri, 04 Sep 2020 13:19:30 GMT
server: AmazonS3
age: 588606
etag: "f93b4399b04fc2fc904079e9fb28aebe"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2, FRA2-C2
accept-ranges: bytes
content-length: 43257
x-amz-cf-id: WatPe_QRMPfpthYv_dM99TNbMjh4xSOYLbZRtHuPp4K7ZBkMSIcxpg==
expires: Sat, 04 Sep 2021 13:19:28 GMT

GET
H2 200 phone-call-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/09/09171048/ 15 KB
16 KB 64ms
13ms Image
image/jpeg 2600:9000:21f3:8a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/09/09171048/phone-call-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d46e1ee137357a528299909dbd2e070220c0db397f68528ad4f515b377aa4943

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 09:31:13 GMT
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront), 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 21:11:05 GMT
server: AmazonS3
age: 84234
etag: "86b1570159afe86e4470e2f80098803f"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2, FRA2-C2
accept-ranges: bytes
content-length: 15448
x-amz-cf-id: 5u9dkkco7lE7yWbG32worI1L9_QGGMU5Vrggqxno2dHzcXK58Ae-vg==
expires: Thu, 09 Sep 2021 21:11:01 GMT

GET
H2 200 Android-security-bulletin-September-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/09/09154655/ 12 KB
12 KB 62ms
11ms Image
image/jpeg 2600:9000:21f3:8a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/09/09154655/Android-security-bulletin-September-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35e92b3c2fc4cf96c91347fb2ced20d7d0927f275449fd879fb8b2adb792ad94

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 20:33:14 GMT
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront), 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 19:46:59 GMT
server: AmazonS3
age: 130913
etag: "7ec3927e200dde2de82d959c1a431863"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2, FRA2-C2
accept-ranges: bytes
content-length: 11785
x-amz-cf-id: sDX5IYTuwBB9xQ-8U3nMiaUYia7ts1BkwF-SiL_RT5eagOJzITOIBQ==
expires: Thu, 09 Sep 2021 19:46:58 GMT

GET
H2 200 cyrptography-540x270.gif
media.threatpost.com/wp-content/uploads/sites/103/2020/09/08103613/ 112 KB
113 KB 64ms
13ms Image
image/gif 2600:9000:21f3:8a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/09/08103613/cyrptography-540x270.gif
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4284870751d6f3c294ca3e4e7b8144f09c00a8bb0e6af8a0eb0993d03a35de2

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 14:37:12 GMT
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront), 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified: Tue, 08 Sep 2020 14:36:18 GMT
server: AmazonS3
age: 238675
etag: "094646ddef6f11e07a88296b7381fae1"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2, FRA2-C2
accept-ranges: bytes
content-length: 115028
x-amz-cf-id: JC3F8eJOssgyVGWinS-c2YYwWndbQzboc_PPQTuc3DHZhlHAWr_wNA==
expires: Wed, 08 Sep 2021 14:36:17 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 736 B
920 B 34ms
15ms Script
text/javascript 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b38e3464dee0d0f1007c2c1195c69202c8212455c982d1fddf214b8aeedcb417

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 463
x-xss-protection: 1; mode=block
expires: Fri, 11 Sep 2020 08:55:06 GMT

GET
H2 200 zero-trust-b_w-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/09/07100716/ 3 KB
3 KB 59ms
9ms Image
image/jpeg 2600:9000:21f3:8a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/09/07100716/zero-trust-b_w-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 039f2a12a4fefd4b33bcae31f1f2f17d12cf51f4e6301792ada3885f412a2761

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 14:12:42 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront), 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified: Mon, 07 Sep 2020 14:07:21 GMT
server: AmazonS3
age: 326545
etag: "5fb2f76c4c77c7e774eb0dc933ab39f0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2, FRA2-C2
accept-ranges: bytes
content-length: 2602
x-amz-cf-id: xPffg3nJRfBLou2kNoZFQdgF3LWLNQ2cBd3qJPEIxV6aka6DhCY--w==
expires: Tue, 07 Sep 2021 14:07:19 GMT

GET
H2 200 social_media-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/08/26112855/ 3 KB
3 KB 23ms
22ms Image
image/jpeg 2600:9000:21f3:8a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/08/26112855/social_media-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 791135f98b21bbd99c1cbcd56e2827cab155856c144602a8749a57acaa5aa813

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 17:24:42 GMT
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront), 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified: Mon, 26 Aug 2019 15:29:14 GMT
server: AmazonS3
age: 574225
etag: "fcf0de78ef3c45c8f8256c7cec2c35c0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA2-C2
accept-ranges: bytes
content-length: 2834
x-amz-cf-id: SxTeXjj_zcOJ6vhIGfYY0ak8TNzFPVGSY3NC1HuGBOR45hnAady94w==
expires: Tue, 25 Aug 2020 15:29:11 GMT

GET
H2 200 work-from-home-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/03/13163335/ 2 KB
2 KB 22ms
21ms Image
image/jpeg 2600:9000:21f3:8a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/03/13163335/work-from-home-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3435531b595fb1b2b529346e1df8c979a1fd727f56ea8c0d792316035440cac5

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 11:48:36 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront), 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified: Fri, 13 Mar 2020 20:33:52 GMT
server: AmazonS3
age: 1371991
etag: "fd4942a0704785b24b44d177f4a57d86"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA2-C2
accept-ranges: bytes
content-length: 2098
x-amz-cf-id: yTZNY7y6GljNkLfXr_tF431zpxwk1pnoTy4Q-MUhgBCiVYHwVU0SYQ==
expires: Sat, 13 Mar 2021 20:33:49 GMT

GET
H2 200 slideshow-1-64x64.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2018/12/21160507/ 1 KB
2 KB 25ms
24ms Image
image/jpeg 2600:9000:21f3:8a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/12/21160507/slideshow-1-64x64.jpeg
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39f437357a2ffa0d788c9fc8563f3af59d73d529060cb407ac639513df958597

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 00:55:34 GMT
via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront), 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified: Fri, 21 Dec 2018 21:05:10 GMT
server: AmazonS3
age: 633573
etag: "dec760c6e408812ae4334b4890452c65"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA2-C2
accept-ranges: bytes
content-length: 1270
x-amz-cf-id: WAznYSCayaWLZ_d2KFLPblSxzroxDS69uL4yJ1V88H6N0OEy_ulWgg==
expires: Sat, 21 Dec 2019 21:05:07 GMT

GET
H2 200 data-leak-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/10/21145020/ 2 KB
2 KB 24ms
24ms Image
image/jpeg 2600:9000:21f3:8a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/10/21145020/data-leak-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7517792de8d4a1319afd85d8c3dcffe799ba5545129a650182e6c4b055302852

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:36:18 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront), 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
last-modified: Mon, 21 Oct 2019 18:50:23 GMT
server: AmazonS3
age: 1757929
etag: "12bb1aa91531788d81a1791bcbb631f9"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2, FRA2-C2
accept-ranges: bytes
content-length: 2106
x-amz-cf-id: JpG4fy3QgtbJMV-1El44CXoRREDaQb3GIuiOe5sgC7a2uHGnTfCYyw==
expires: Tue, 20 Oct 2020 18:50:20 GMT

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ 30 KB
9 KB 112ms
40ms Script
text/javascript 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 810c9c5a465ee6bdd669c1f69b4ca6325e85ecb7cc9d222beecf64aa22b1cf7a

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:05 GMT
content-encoding: gzip
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/javascript; charset=utf-8

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 2 KB
1 KB 354ms
354ms Script
application/x-javascript 2600:9000:2156:4800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/jquery.json.min.js&ver=cf1c8861

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
status: 200
content-length: 926
x-cache-hit: HIT
last-modified: Wed, 09 Sep 2020 16:43:55 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: PoQMQSsP5jn2XusdU-79ttfawAYp5hGkz5HyyIcX1ysUhXp50hkr_w==
expires: Fri, 11 Sep 2020 20:59:40 GMT

GET
H/1.1 200
OK gravityforms.min.js Show response
threatpost.com/wp-content/plugins/gravityforms/js/ 34 KB
12 KB 690ms
100ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.17.15
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 11 Sep 2020 08:55:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Sep 2020 16:43:56 GMT
Server: nginx
ETag: W/"5f59064c-88c2"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 18 Sep 2020 08:55:07 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 7 KB
3 KB 358ms
353ms Script
application/x-javascript 2600:9000:2156:4800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/conditional_logic.min.js&ver=cf1c8861

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
status: 200
content-length: 2685
x-cache-hit: HIT
last-modified: Wed, 09 Sep 2020 16:09:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: gGLlmDx1vcXbEEhu4tnhM_KE9LQY1lG33YmRS5GOejSDcIYb9iP7pw==
expires: Fri, 11 Sep 2020 20:59:40 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 5 KB
2 KB 274ms
269ms Script
application/x-javascript 2600:9000:2156:4800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/placeholders.jquery.min.js&ver=cf1c8861

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
status: 200
content-length: 1747
x-cache-hit: HIT
last-modified: Wed, 09 Sep 2020 16:09:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: Qm4tP99FRy8-skMLw4hCmegge-NYfcP7Q2xmSHMneoQo3m3XUOQgCw==
expires: Fri, 11 Sep 2020 20:59:36 GMT

GET
H3-Q050 200 api.js Show response
www.google.com/recaptcha/ 738 B
900 B 41ms
24ms Script
text/javascript 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en&render=explicit&ver=5.4.2

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee8d80d0be74777d3ae8804cb3a4f13ca91205a976c3ad7330f1bf065bd1d1bf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 465
x-xss-protection: 1; mode=block
expires: Fri, 11 Sep 2020 08:55:06 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 2 KB
1 KB 275ms
271ms Script
application/x-javascript 2600:9000:2156:4800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/js/wp-embed.min.js,wp-content/plugins/akismet/_inc/form.js&ver=cf1c8861

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

21e46fe44c6929876f5a413c843ae516c0ddfd1aad3e8e33446b7bc0a6781b08

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
status: 200
content-length: 973
x-cache-hit: HIT
last-modified: Wed, 10 Jun 2020 22:05:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: cvwHiRVf4un99PZkdKtUmf2oh9gkFp0vGbvsTXe8pSM8V8kOVILCQQ==
expires: Fri, 11 Sep 2020 20:59:44 GMT

GET
H2 200 b-9a4f7ce-a7f6098c.js Show response
tagan.adlightning.com/math-aids-threatpost/ 61 KB
21 KB 37ms
35ms Script
application/javascript 143.204.215.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-9a4f7ce-a7f6098c.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-61.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0119689800eadf6270855a19b65d74251e7da6be5e4686f36c15bf81281ddb4c

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 18 Aug 2020 17:46:30 GMT
content-encoding: gzip
age: 2041717
x-cache: Hit from cloudfront
status: 200
content-length: 20808
x-amz-meta-git_commit: 9a4f7ce
last-modified: Tue, 18 Aug 2020 17:45:57 GMT
server: AmazonS3
etag: "98ae1c21c96b68b5f173604d82c35d5d"
x-amz-version-id: PzdVsYQ0bdCd7Kp..jKBw4vE53Z4BW7z
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: TYd6HMUBLIrs_-5HUDRxB3LQxjOFXRcivtd764u2_Dt94Qx-tokbvg==

GET
H2 200 bl-9a4f7ce-b01f8ccd.js Show response
tagan.adlightning.com/math-aids-threatpost/ 80 KB
23 KB 49ms
47ms Script
application/javascript 143.204.215.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-9a4f7ce-b01f8ccd.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-61.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8581d6108c8b6f78740974a1d5061bbf88104d2b68a9c9f6ce3e7edb49d5f1d9

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 18:05:07 GMT
content-encoding: gzip
age: 53400
x-cache: Hit from cloudfront
status: 200
content-length: 22819
x-amz-meta-git_commit: 9a4f7ce
last-modified: Thu, 10 Sep 2020 17:57:47 GMT
server: AmazonS3
etag: "95f23873136261e5dd00f4851bba65f6"
x-amz-version-id: 2gOzh2lBW0iGe.bnrz5gR1.ZCEl.nPi5
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: gp_-mJUtDjRmG9w2f9GiOmy7gFgXifHPyW3vLcU8ObDe6b2eeIdnCg==

GET
H2 200 pubads_impl_2020090301.js Show response
securepubads.g.doubleclick.net/gpt/ 262 KB
92 KB 131ms
68ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

6325878fb4bf21abf04625fcda55ed3a463d92d549996be29efefe869055c34d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Sep 2020 08:43:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94155
x-xss-protection: 0
expires: Fri, 11 Sep 2020 08:55:06 GMT

GET
H2 200 vendor-list.json Show response
qd.admetricspro.com/js/cmp2/ 199 KB
22 KB 154ms
140ms XHR
application/json 2606:4700:e2::ac40:861f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/cmp2/vendor-list.json
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:861f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29257e6f0eaa20a411d881c29d9fdd181a811ec32b5fdd1cb46ec4bd4719861f

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Aug 2020 22:56:36 GMT
server: cloudflare
etag: W/"31bad-5adcfbb507100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 5d102afa6e9e2b29-FRA
cf-request-id: 051df9308100002b293b14e200000001
expires: Fri, 11 Sep 2020 09:05:06 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 102 KB
26 KB 92ms
31ms Script
application/javascript 99.86.5.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-213.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 8c665507e16736e1323acf89104e508e8cac863d30e8ca5ff5d6ac5303b25277

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:45:50 GMT
content-encoding: gzip
server: Server
age: 556
etag: 5a34c79c51b93c8b4601b1808cbdbd04
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=900
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Ij3MUpcD__DLiUnaQXLmP_t6pEPfhPfj2xP9D4mkMAt_50_hneM5TQ==
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)

GET
H/1.1 200
OK / Show response
kasperskycontenthub.com/ 0
398 B 390ms
96ms Script
application/javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=1886310281&back=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:07 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Type: application/javascript
x-cache-hit: HIT
Transfer-Encoding: chunked
X-Debug-Auth: off
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Request-Host: kasperskycontenthub.com
X-XSS-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 148 KB
47 KB 55ms
37ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25e9905af4313c7756de1f51f1431d35331fdf40b6a394a2e713ac804b9feb36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47726
x-xss-protection: 0
last-modified: Fri, 11 Sep 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Sep 2020 08:55:06 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/ 13 KB
5 KB 645ms
96ms Other
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 11 Sep 2020 08:55:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Sep 2020 16:43:57 GMT
Server: nginx
ETag: W/"5f59064d-3496"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 18 Sep 2020 08:55:07 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 13 KB
5 KB 646ms
96ms Other
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 11 Sep 2020 08:55:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Sep 2020 16:43:57 GMT
Server: nginx
ETag: W/"5f59064d-3496"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 18 Sep 2020 08:55:07 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/ 336 KB
132 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854f7a7915f240546d3950dd2b067466da13c013d04a3f8c790880c58ec61151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 15:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 04:06:55 GMT
server: sffe
age: 234585
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134800
x-xss-protection: 0
expires: Wed, 08 Sep 2021 15:45:21 GMT

GET
H/1.1 200
OK logo.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 19 KB
19 KB 553ms
97ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 11 Sep 2020 08:55:07 GMT
Last-Modified: Wed, 09 Sep 2020 16:43:57 GMT
Server: nginx
ETag: "5f59064d-4a32"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 18994
Expires: Fri, 18 Sep 2020 08:55:07 GMT

GET
H/1.1 200
OK mail-plane-light.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 828 B
722 B 551ms
95ms Image
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-light.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 11 Sep 2020 08:55:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Sep 2020 16:43:57 GMT
Server: nginx
ETag: W/"5f59064d-33c"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 18 Sep 2020 08:55:07 GMT

GET
H/1.1 200
OK twitter-blue.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 868 B
847 B 524ms
96ms Image
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/twitter-blue.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 11 Sep 2020 08:55:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Sep 2020 16:43:57 GMT
Server: nginx
ETag: W/"5f59064d-364"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 18 Sep 2020 08:55:07 GMT

GET
H/1.1 200
OK museosans-700-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 343ms
174ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 11 Sep 2020 08:55:06 GMT
Last-Modified: Wed, 09 Sep 2020 16:09:39 GMT
Server: nginx
ETag: "5f58fe43-51a4"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20900
Expires: Sat, 11 Sep 2021 08:55:06 GMT

GET
H/1.1 200
OK museosans-100-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 289ms
99ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 11 Sep 2020 08:55:06 GMT
Last-Modified: Wed, 09 Sep 2020 16:43:57 GMT
Server: nginx
ETag: "5f59064d-50c8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20680
Expires: Sat, 11 Sep 2021 08:55:06 GMT

GET
H/1.1 200
OK museosans-300-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 363ms
172ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 11 Sep 2020 08:55:06 GMT
Last-Modified: Wed, 09 Sep 2020 16:09:39 GMT
Server: nginx
ETag: "5f58fe43-51b8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20920
Expires: Sat, 11 Sep 2021 08:55:06 GMT

GET
H/1.1 200
OK museosans-500-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 369ms
175ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 11 Sep 2020 08:55:06 GMT
Last-Modified: Wed, 09 Sep 2020 16:09:39 GMT
Server: nginx
ETag: "5f58fe43-5194"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20884
Expires: Sat, 11 Sep 2021 08:55:06 GMT

GET
H/1.1 200
OK museosans-300italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 23 KB
23 KB 382ms
182ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 11 Sep 2020 08:55:06 GMT
Last-Modified: Wed, 09 Sep 2020 16:09:39 GMT
Server: nginx
ETag: "5f58fe43-5bac"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 23468
Expires: Sat, 11 Sep 2021 08:55:06 GMT

GET
H/1.1 200
OK museosans-700italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 15 KB
16 KB 312ms
105ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 11 Sep 2020 08:55:06 GMT
Last-Modified: Wed, 09 Sep 2020 16:43:57 GMT
Server: nginx
ETag: "5f59064d-3dcc"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 15820
Expires: Sat, 11 Sep 2021 08:55:06 GMT

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame 3CF8 2 KB
1 KB 41ms
41ms Script
text/javascript 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1599814506&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=both&flowCloseButtonPosition=right
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8801f8fc54ab36eb09b5d000c8d18eab5780177ce573cd2889dc21cb8ba79ca6

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: gzip
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK mail-plane-large-dark.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 812 B
722 B 930ms
95ms Image
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-large-dark.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 11 Sep 2020 08:55:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Sep 2020 16:09:39 GMT
Server: nginx
ETag: W/"5f58fe43-32c"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 18 Sep 2020 08:55:08 GMT

GET
H/1.1 200
OK logo-white.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 10 KB
10 KB 949ms
95ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo-white.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1599669837
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 11 Sep 2020 08:55:08 GMT
Last-Modified: Wed, 09 Sep 2020 16:09:39 GMT
Server: nginx
ETag: "5f58fe43-260a"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 9738
Expires: Fri, 18 Sep 2020 08:55:08 GMT

GET
H/1.1 200
OK iab_consent_sdk.v1.0.js Show response
live.sekindo.com/content/ClientDetections/ Frame 3CF8 19 KB
6 KB 37ms
35ms Script
application/javascript 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1599814506&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=both&flowCloseButtonPosition=right
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:05 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 15:01:36 GMT
server: nginx
etag: W/"5e441350-4be0"
transfer-encoding: chunked
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Sat, 11 Sep 2021 08:55:05 GMT

GET
H/1.1 200
OK DetectGDPR2.v1.1.js Show response
live.sekindo.com/content/ClientDetections/ Frame 3CF8 9 KB
3 KB 74ms
35ms Script
application/javascript 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1599814506&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=both&flowCloseButtonPosition=right
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 0cf25abe73b03e246c0a820c825a1f433e36949c2cf456ce889d86e8dd9ec427

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:05 GMT
content-encoding: gzip
last-modified: Wed, 08 Jul 2020 16:36:53 GMT
server: nginx
etag: W/"5f05f625-225b"
transfer-encoding: chunked
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Sat, 11 Sep 2021 08:55:05 GMT

GET
H/1.1 200
OK DetectGDPR.v1.1.js Show response
live.sekindo.com/content/ClientDetections/ Frame 3CF8 8 KB
3 KB 103ms
34ms Script
application/javascript 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/ClientDetections/DetectGDPR.v1.1.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1599814506&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=both&flowCloseButtonPosition=right
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: f40e3d5b91387e92272b6d46fc83ce21041f130a29316d7216d3a1793d46c4f3

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: gzip
last-modified: Wed, 08 Jul 2020 16:36:52 GMT
server: nginx
etag: W/"5f05f624-1ec4"
transfer-encoding: chunked
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Sat, 11 Sep 2021 08:55:06 GMT

GET
H/1.1 200
OK hls.0.12.4_2.min.js Show response
live.sekindo.com/content/video/hls/ Frame 3CF8 256 KB
86 KB 126ms
56ms Script
application/javascript 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1599814506&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=both&flowCloseButtonPosition=right
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 08:36:05 GMT
server: nginx
etag: W/"5f34fb75-3ff27"
transfer-encoding: chunked
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Sat, 11 Sep 2021 08:55:06 GMT

GET
H/1.1 200
OK prebidVid.3.19.0_9.min.js Show response
live.sekindo.com/content/prebid/ Frame 3CF8 296 KB
109 KB 120ms
50ms Script
application/javascript 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1599814506&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=both&flowCloseButtonPosition=right
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7860ef37e85676dcb81a99d7e5d6453bdacdf9d35aa45517a9ba9ea25bbd4c85

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 14:28:49 GMT
server: nginx
etag: W/"5f106421-4a003"
transfer-encoding: chunked
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Sat, 11 Sep 2021 08:55:06 GMT

GET
H/1.1 200
OK liveVideo.php Show response
live.sekindo.com/live/ Frame 3CF8 452 KB
127 KB 146ms
76ms Script
text/html 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30392D31315F31317D7B7331323334383830387D7B4336317D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=5f5b3b6aadcb0&debugInfo=12348808_&debugPlayerSession=&pubUrlDEMO=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=48.9335&geoLong=2.3661&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1599814506&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=both&flowCloseButtonPosition=right
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 9aaf8ddd22b0389d07dd660c853ce82a811be92968f318721042d9a36a3aa7fc

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: gzip
server: nginx
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 98ms
35ms XHR
application/javascript 99.86.5.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-213.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:30:27 GMT
content-encoding: gzip
vary: Origin
age: 77080
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Wed, 09 Sep 2020 11:16:19 GMT
server: AmazonS3
etag: "a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: PL7siW7KzvQlhq8lNX2saczbjS7YsDRx04OHgOnoxEkREHsHOSoU3A==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 5966
date: Fri, 11 Sep 2020 07:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Fri, 11 Sep 2020 09:15:40 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
8 KB 26ms
10ms Script
application/x-javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: gzip
last-modified: Fri, 11-Sep-2020 08:55:06 GMT
etag: M0-2a172724
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: private, no-transform, max-age=604800
strict-transport-security: max-age=86400
content-length: 8060
expires: Fri, 18 Sep 2020 08:55:06 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 97ms
32ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:07 GMT
content-encoding: gzip
age: 31864
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1958
x-served-by: cache-fra19125-FRA
last-modified: Mon, 10 Aug 2020 18:10:59 GMT
x-timer: S1599814507.007927,VS0,VE0
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 375 B
1 KB 113ms
52ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

5bf38cb24e092af3894993e47442b20d515159a8c4f82b590af1896b7a7ace3c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Sep 2020 08:55:07 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.249:80
AN-X-Request-Uuid: 02e51b4f-9de7-43b4-b47a-5656d5edc6eb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 375
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 24 B
672 B 311ms
238ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=438654&v=7.2&r=%7B%22id%22%3A%22599b6b51691dba%22%2C%22imp%22%3A%5B%7B%22id%22%3A%226a471896cb3294%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2275c9d46c2b4c8e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228f6b5581cb3d7a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226a471896cb3294%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226a471896cb3294%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2275c9d46c2b4c8e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228f6b5581cb3d7a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22sid%22%3A%221005%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c891a97818520e353cf5d0f67a18b98cc4c3b3dd7809bd38dc019b9c9d2994d3

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Sep 2020 08:55:07 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 44
Expires: Fri, 11 Sep 2020 08:55:07 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 223ms
147ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 11 Sep 2020 08:55:07 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://threatpost.com

POST
H2 200 c Show response
prebid.a-mo.net/a/ 768 B
803 B 381ms
182ms XHR
application/json 100.24.218.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.218.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-218-250.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: c8e9453f995a8f169ce4ab04d4a8932042e01e92709317dc35490877c7b8c2da

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Sep 2020 08:55:07 GMT
content-encoding: gzip
server: Cowboy
status: 200
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://threatpost.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 337

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
168 B 294ms
105ms XHR
application/json 206.189.254.17
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.189.254.17 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Fri, 11 Sep 2020 08:55:07 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://threatpost.com
content-length: 16
vary: Origin
content-type: application/json

GET
H2 200 arj Show response
teachingaids-d.openx.net/w/1.0/ 174 B
474 B 258ms
202ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=8703cb7f-3364-47cd-aa47-c8b73a633050%2C8703cb7f-3364-47cd-aa47-c8b73a633050%2C4cfc461c-9e63-4d3b-89a0-f8c8344f4a5e%2C01a498d3-507c-4afe-b805-691c7bd38c77%2C01a498d3-507c-4afe-b805-691c7bd38c77&nocache=1599814506955&gdpr=0&x_gdpr_f=1&pubcid=1709af71-0894-469a-9c0d-6ae39b46ab9f&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&aus=728x90%2C970x250%2C970x90%7C728x90%2C970x250%2C970x90%7C300x250%2C336x280%7C300x250%2C300x600%7C300x250%2C300x600&divIds=div-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-3%2Cdiv-gpt-ad-6794670-5%2Cdiv-gpt-ad-6794670-5&auid=540932704%2C540932709%2C540932713%2C540932715%2C540932720
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 6a174b850b96326551eeba25b7b8da48200d0ba9bea289dddf738fc7866ef385

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
content-encoding: gzip
server: OXGW/16.193.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

ADTECH;apid=1A7d990c72-f40c-11ea-af88-12ff01cc4d58;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=5781c3592f3745a;misc=1599814506956 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5781c3592f3745a;misc=1599814506956;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=5781c3592f3745a;misc=1599814506956
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;apid=1A7d990c72-f40c-11ea-af88-12ff01cc4d58;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=5781c3592f3745a;misc=15...

1 KB
1 KB

149ms
148ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;apid=1A7d990c72-f40c-11ea-af88-12ff01cc4d58;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=5781c3592f3745a;misc=1599814506956
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 02d1987da8d124b2d60a3277ea3af1e7f8f6a979f365c355e30ef1ac4d663d29

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-adtech-meta: {"Debug": {"IP": "0.0.0.0", "Selector": "pri-select028c.us-east-1.prod.adtech.aolcloud.net", "UserId": "6AD83A3C4F3463A299257783FA4C357F"}}
content-type: application/json
content-length: 1224
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;apid=1A7d990c72-f40c-11ea-af88-12ff01cc4d58;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=5781c3592f3745a;misc=1599814506956
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1A7d8fae5c-f40c-11ea-9d46-12bd5c3e34a0;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=58e1796837ba11f;misc=1599814506956 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=58e1796837ba11f;misc=1599814506956;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=58e1796837ba11f;misc=1599814506956
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;apid=1A7d8fae5c-f40c-11ea-9d46-12bd5c3e34a0;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=58e1796837ba11f;misc=15...

1 KB
1 KB

175ms
175ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;apid=1A7d8fae5c-f40c-11ea-9d46-12bd5c3e34a0;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=58e1796837ba11f;misc=1599814506956
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 7c4dbc3ae2625b6f0a60cc155067aad081011b94a146912be50964c0039ab005

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 1224
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;apid=1A7d8fae5c-f40c-11ea-9d46-12bd5c3e34a0;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=58e1796837ba11f;misc=1599814506956
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1A7d966b48-f40c-11ea-a630-12dcd5311714;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=59f3e61926b830b;misc=1599814506956 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=59f3e61926b830b;misc=1599814506956;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=59f3e61926b830b;misc=1599814506956
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;apid=1A7d966b48-f40c-11ea-a630-12dcd5311714;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=59f3e61926b830b;misc=15...

1 KB
1 KB

142ms
141ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;apid=1A7d966b48-f40c-11ea-a630-12dcd5311714;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=59f3e61926b830b;misc=1599814506956
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 79542226b53eb3b5bdfe40b74856925123ebc5a37ac8d716648bc4bcfe633a7a

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 1224
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;apid=1A7d966b48-f40c-11ea-a630-12dcd5311714;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=59f3e61926b830b;misc=1599814506956
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1A7d988b30-f40c-11ea-908c-12e614795296;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=60abb7737250162;misc=1599814506956 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=60abb7737250162;misc=1599814506956;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=60abb7737250162;misc=1599814506956
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;apid=1A7d988b30-f40c-11ea-908c-12e614795296;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=60abb7737250162;misc=15...

1 KB
1 KB

143ms
142ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;apid=1A7d988b30-f40c-11ea-908c-12e614795296;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=60abb7737250162;misc=1599814506956
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 4c048391de5e6664bb8361a5f39f9c95ae2816ecd13dce2e2b0cb04f6f461372

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 1224
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;apid=1A7d988b30-f40c-11ea-908c-12e614795296;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=60abb7737250162;misc=1599814506956
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1A7d92850a-f40c-11ea-a49a-12795fd23bd8;cfp=1;rndc=1599814507;v=2;cmd=bid;cors=yes;alias=6135432eda24d11;misc=1599814506956 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=6135432eda24d11;misc=1599814506956;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;cfp=1;rndc=1599814506;v=2;cmd=bid;cors=yes;alias=6135432eda24d11;misc=1599814506956
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;apid=1A7d92850a-f40c-11ea-a49a-12795fd23bd8;cfp=1;rndc=1599814507;v=2;cmd=bid;cors=yes;alias=6135432eda24d11;misc=15...

1 KB
1 KB

142ms
141ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;apid=1A7d92850a-f40c-11ea-a49a-12795fd23bd8;cfp=1;rndc=1599814507;v=2;cmd=bid;cors=yes;alias=6135432eda24d11;misc=1599814506956
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 2dc67a54b1c238ebeb2cfdb5534e2735260d55125ee99fbc1313a95f7460dcd6

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 1224
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;apid=1A7d92850a-f40c-11ea-a49a-12795fd23bd8;cfp=1;rndc=1599814507;v=2;cmd=bid;cors=yes;alias=6135432eda24d11;misc=1599814506956
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
2 KB 265ms
164ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&tk_flint=pbjs_lite_v3.26.0&x_source.tid=8703cb7f-3364-47cd-aa47-c8b73a633050&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.215429504319115
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: c75b106164ef7358fe124520bebcea209b3afb5ce214ef16446054f6c75534d4

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Sep 2020 08:55:07 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 250ms
133ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=16&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&tk_flint=pbjs_lite_v3.26.0&x_source.tid=4cfc461c-9e63-4d3b-89a0-f8c8344f4a5e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.20890938248301438
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 226ece0a45af947ea2f87acbda563940604cae8cda048f278060c6a9cbb560c1

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Sep 2020 08:55:07 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
2 KB 252ms
135ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509506&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&tk_flint=pbjs_lite_v3.26.0&x_source.tid=01a498d3-507c-4afe-b805-691c7bd38c77&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6752073581441138
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: d74d3cb4a1e0bc71df1ba64671be963ce2324403d892b728d255bf00c8bf8e31

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Sep 2020 08:55:07 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
2 KB 250ms
134ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&tk_flint=pbjs_lite_v3.26.0&x_source.tid=01a498d3-507c-4afe-b805-691c7bd38c77&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5592682466614085
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: df247f3fd429b91f5687dd355f782d18231db9ddd6d86b8424bcf0a69d142298

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Sep 2020 08:55:07 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 376 B
1 KB 106ms
52ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

62d93965c2f575ec77be6ac931b39d08e962ed9b683d5b9843e29ee7dd8bb4e8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Sep 2020 08:55:07 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid: 0e319a6b-3d78-49e5-8d24-f4c609b0fbd3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 376
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 46 B
722 B 169ms
91ms XHR
application/json 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.26.0
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 670505acba726a6333181f1cedd527d7ebed390f52def6be7d90d1a35934c118

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 11 Sep 2020 08:55:07 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 64

POST
H2 200 adreq Show response
ads.servenobid.com/ 10 KB
3 KB 132ms
43ms XHR
application/json 18.203.164.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=1615
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.164.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-164-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8f2eaa225d927efb41b590435b671345dbfaffab9693be84003e269bd612a067

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Sep 2020 08:55:07 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
status: 200
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://threatpost.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
476 B 225ms
148ms XHR
application/json 52.28.149.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.26.0&referrer=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&tmax=1200&gdpr=false

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.149.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-149-230.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
369 B 103ms
91ms XHR
text/javascript 99.86.5.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&pid=u2UXOwsOw5vVs&cb=0&ws=1600x1200&v=7.53.01&t=1200&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21707124336%2FThreatPost-970x250-ATF%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F21707124336%2FThreatPost-300x250-ATF%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F21707124336%2FThreatPost-300x600-ATF%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%222x2%22%5D%2C%22sn%22%3A%22%2F21707124336%2FThreatPost-2x2-Skin%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-213.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:07 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: hDYMVy-lyBOZxycwG52P8KmrhMuNxvcAx7dn5pVwGa8AacbVfwLdbw==

GET
H2 200 rules-p-_7kVx0t9Jqj90.js Show response
rules.quantcount.com/ 3 B
348 B 117ms
102ms Script
application/x-javascript 2600:9000:2057:200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-_7kVx0t9Jqj90.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:47:42 GMT
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 445
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: Y5Kq_vbrP7wrAvWScw3XsgYWTmLAm3STty0NRWgypEI85vWw0FqQGg==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
66 B 13ms
13ms XHR
text/plain 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&aip=1&a=1281724384&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&ul=en-us&de=UTF-8&dt=Spyware%20Labeled%20%27TikTok%20Pro%27%20Exploits%20Fears%20of%20U.S.%20Ban%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1527623219&gjid=2093890262&cid=1015411197.1599814507&tid=UA-35676203-21&_gid=13939682.1599814507&_r=1&gtm=2wg920PM29HLF&z=93242333

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
121 B 6ms
6ms Image
image/gif 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j85&aip=1&a=1281724384&t=event&ni=0&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&ul=en-us&de=UTF-8&dt=Spyware%20Labeled%20%27TikTok%20Pro%27%20Exploits%20Fears%20of%20U.S.%20Ban%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VISIBILITY&ea=elementVisibility%20%2F%20%5BHeader%5D%20%2F%20Social%20Networks%20View&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1015411197.1599814507&tid=UA-35676203-21&_gid=13939682.1599814507&gtm=2wg920PM29HLF&z=326786619

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Sep 2020 15:05:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64183
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK primisslate.css
live.sekindo.com/content/video/css/ 17 KB
5 KB 36ms
35ms Stylesheet
text/css 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/video/css/primisslate.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:07 GMT
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 10:07:25 GMT
server: nginx
etag: W/"5f3ba85d-45c8"
transfer-encoding: chunked
content-type: text/css

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 3CF8 102 KB
26 KB 31ms
31ms Script
application/javascript 99.86.5.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30392D31315F31317D7B7331323334383830387D7B4336317D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=5f5b3b6aadcb0&debugInfo=12348808_&debugPlayerSession=&pubUrlDEMO=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=48.9335&geoLong=2.3661&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-213.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 8c665507e16736e1323acf89104e508e8cac863d30e8ca5ff5d6ac5303b25277

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:45:50 GMT
content-encoding: gzip
server: Server
age: 557
etag: 5a34c79c51b93c8b4601b1808cbdbd04
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=900
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: CMWMVhaGs3B4wUynJAbAgnt-OtsElqnGkvDo4gbA7RvYh3giWcqF5A==
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 47ms
14ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00d4fbacbadc6ecbd73be323ec77febf3d856ce00dc5334d06462a315c7da8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Sep 2020 07:42:49 GMT
server: ESF
date: Fri, 11 Sep 2020 08:55:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Sep 2020 08:55:07 GMT

GET
H/1.1 200
OK user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 57F0 0
0 121ms
34ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:40 GMT
ETag: "1300708-1f7d-5abd2241d66f9"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2655
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=83781
Expires: Sat, 12 Sep 2020 08:11:28 GMT
Date: Fri, 11 Sep 2020 08:55:07 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

liveCS.php
live.sekindo.com/live/ Frame 3908
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_chec...
https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=94&advUuid=7d9e8457-f40c-11ea-bf48-1d0a0d900606

0
0

37ms
36ms

Document
text/html

185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=94&advUuid=7d9e8457-f40c-11ea-bf48-1d0a0d900606
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: live.sekindo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

server: nginx
date: Fri, 11 Sep 2020 08:55:06 GMT
content-type: text/html; charset=utf-8
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
pragma: no-cache
age: 0
content-encoding: gzip

Redirect headers

Server: nginx
Date: Fri, 11 Sep 2020 08:55:07 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=7d9e8457-f40c-11ea-bf48-1d0a0d900606; expires=Sat, 11-Sep-2021 10:01:47 GMT; path=/; domain=.spotxchange.com; SameSite=none; Secure
Location: https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=94&advUuid=7d9e8457-f40c-11ea-bf48-1d0a0d900606
X-fe: 91
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

GET
H/1.1

200
OK

liveCS.php
live.sekindo.com/live/ Frame 96DA
Redirect Chain

https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D98%26advUuid%3D
https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D98%26advUuid%3D
https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=98&advUuid=c98dc56a-50f3-448b-a390-6105485f3e46

0
0

38ms
37ms

Document
text/html

185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=98&advUuid=c98dc56a-50f3-448b-a390-6105485f3e46
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: live.sekindo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

server: nginx
date: Fri, 11 Sep 2020 08:55:06 GMT
content-type: text/html; charset=utf-8
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
pragma: no-cache
age: 0
content-encoding: gzip

Redirect headers

status: 302
vary: Accept, Accept-Encoding
set-cookie: i=ed841c83-b532-438f-bd23-3fcec0304eae|1599814507; Version=1; Expires=Sat, 11-Sep-2021 08:55:07 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.193.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=98&advUuid=c98dc56a-50f3-448b-a390-6105485f3e46
date: Fri, 11 Sep 2020 08:55:07 GMT
content-type: text/html
content-length: 0
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK placeHolder.png
live.sekindo.com/content/video/splayer/assets/ 23 KB
24 KB 48ms
34ms Image
image/png 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/content/video/splayer/assets/placeHolder.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 76102878c1198de858725194952ba1c6b35bdee0f870cc6a124e93d17385e64e

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:06 GMT
last-modified: Sun, 11 Jun 2017 08:03:58 GMT
server: nginx
etag: "593cf96e-5dbf"
content-type: image/png
cache-control: no-cache, private
accept-ranges: bytes
content-length: 23999
expires: Fri, 11 Sep 2020 08:55:05 GMT

GET
H/1.1 200
OK vid5f59fc3db2dba935186371.jpg
video.sekindo.com/uploads/cn18/video/users/converted/28530/video_5d5baf9fe4c32389620327/ 18 KB
18 KB 1155ms
33ms Image
image/jpeg 185.127.17.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn18/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5f59fc3db2dba935186371.jpg?cbuster=1599732801

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.17.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

7fff1cafe6dba05db90ba87db30d1f3ffd76935ed585284954c59f270dc6a4ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:06 GMT
last-modified: Thu, 10 Sep 2020 11:01:16 GMT
Server: Tengine
etag: "5f5a077c-471d"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
cache-control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 18205
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5f5aabacb7f1b920879264.jpg
video.sekindo.com/uploads/cn12/video/users/converted/28530/video_5d5baf9fe4c32389620327/ 15 KB
15 KB 1157ms
35ms Image
image/jpeg 185.127.17.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn12/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5f5aabacb7f1b920879264.jpg?cbuster=1599777717

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.17.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

94ceb460a9845612e2ccfd0a3c54b8fc90b90a78581797f1a2403f8bfae09e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:06 GMT
last-modified: Thu, 10 Sep 2020 22:47:07 GMT
Server: Tengine
etag: "5f5aaceb-3b43"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
cache-control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 15171
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5f58f81967e58551129962.jpg
video.sekindo.com/uploads/cn23/video/users/converted/28530/video_5d5baf9fe4c32389620327/ 19 KB
19 KB 1157ms
34ms Image
image/jpeg 185.127.17.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn23/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5f58f81967e58551129962.jpg?cbuster=1599666206

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.17.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

d1e1df10be0c5e49d999954f403b9c6e87c519c168b35d81390665e433c655fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:06 GMT
last-modified: Wed, 09 Sep 2020 16:20:36 GMT
Server: Tengine
etag: "5f5900d4-4a62"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
cache-control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 19042
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5f58f82543ff9131142397.jpg
video.sekindo.com/uploads/cn17/video/users/converted/28530/video_5d5baf9fe4c32389620327/ 18 KB
18 KB 1156ms
34ms Image
image/jpeg 185.127.17.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn17/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5f58f82543ff9131142397.jpg?cbuster=1599666218

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.17.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

5a5cc4cc2ca2db6fb9499de88f18d1fbae26cae6328c53b98806bed0f17aa031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:06 GMT
last-modified: Wed, 09 Sep 2020 16:14:05 GMT
Server: Tengine
etag: "5f58ff4d-47b9"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
cache-control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 18361
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5f59fc3212dcf566899490.jpg
video.sekindo.com/uploads/cn9/video/users/converted/28530/video_5d5baf9fe4c32389620327/ 7 KB
8 KB 1149ms
26ms Image
image/jpeg 185.127.17.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn9/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5f59fc3212dcf566899490.jpg?cbuster=1599732789

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.17.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

b262e228a95a2cd07c848b20e43d39036c695be2d6e11ec4d3d9302dc4dcb064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:06 GMT
last-modified: Thu, 10 Sep 2020 11:01:58 GMT
Server: Tengine
etag: "5f5a07a6-1de1"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
cache-control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 7649
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5f58f81edb1fd780256527.jpg
video.sekindo.com/uploads/cn24/video/users/converted/28530/video_5d5baf9fe4c32389620327/ 15 KB
15 KB 1186ms
36ms Image
image/jpeg 185.127.17.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn24/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5f58f81edb1fd780256527.jpg?cbuster=1599666211

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.17.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

8353fcfb2b3a27636bc25269c7521b2d292129f18de6ca32e100bcd6b8fce94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:06 GMT
last-modified: Wed, 09 Sep 2020 16:20:38 GMT
Server: Tengine
etag: "5f5900d6-3abe"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
cache-control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 15038
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5f577aa7da196607473161.jpg
video.sekindo.com/uploads/cn23/video/users/converted/28530/video_5d5baf9fe4c32389620327/ 30 KB
31 KB 55ms
32ms Image
image/jpeg 185.127.17.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn23/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5f577aa7da196607473161.jpg?cbuster=1599568556

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.17.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

27fb8b952323e75440813cce206abda7235fc414d55cf3422c0d2bc00fdaa833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:06 GMT
last-modified: Tue, 08 Sep 2020 13:07:16 GMT
Server: Tengine
etag: "5f578204-78c2"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
cache-control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 30914
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5f532a9dcdd63439876908.jpg
video.sekindo.com/uploads/cn7/video/users/converted/24485/video1523972806/ 22 KB
22 KB 35ms
32ms Image
image/jpeg 185.127.17.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn7/video/users/converted/24485/video1523972806/vid5f532a9dcdd63439876908.jpg?cbuster=1599285918

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.17.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

21d98ae2b4353492ffe5c29d1425e6b499793f8d3af3e3b362c7720ba981420e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:06 GMT
last-modified: Sun, 06 Sep 2020 21:25:42 GMT
Server: Tengine
etag: "5f5553d6-5623"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
cache-control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 22051
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5f577ab34691b822900090.jpg
video.sekindo.com/uploads/cn6/video/users/converted/28530/video_5d5baf9fe4c32389620327/ 14 KB
15 KB 35ms
33ms Image
image/jpeg 185.127.17.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn6/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5f577ab34691b822900090.jpg?cbuster=1599568569

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.17.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

d40f4c8828f3801cc85e02b3645b2d4d94981ddc384cecc1af9ebcecfc4ddc42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:06 GMT
last-modified: Tue, 08 Sep 2020 13:06:38 GMT
Server: Tengine
etag: "5f5781de-39ef"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
cache-control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 14831
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 3CF8
Redirect Chain

https://x.bidswitch.net/sync?ssp=sekindo&user_id=5f5b3b6aadcb0&custom_data=5f5b3b6aadcb0&gdpr=1&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&user_id=5f5b3b6aadcb0&custom_data=5f5b3b6aadcb0&gdpr=1&gdpr_consent=

43 B
411 B

33ms
32ms

Image
image/gif

35.157.226.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&user_id=5f5b3b6aadcb0&custom_data=5f5b3b6aadcb0&gdpr=1&gdpr_consent=
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.226.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-226-135.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 11 Sep 2020 08:55:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Fri, 11 Sep 2020 08:55:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&user_id=5f5b3b6aadcb0&custom_data=5f5b3b6aadcb0&gdpr=1&gdpr_consent=
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

liveCS.php
live.sekindo.com/live/ Frame 3CF8
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=93&advUuid=df783e1a-0cff-4953-b6d0-d4cfdfb76982

0
321 B

55ms
37ms

Image
text/html

185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=93&advUuid=df783e1a-0cff-4953-b6d0-d4cfdfb76982
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
content-encoding: gzip
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
content-type: text/html; charset=utf-8

Redirect headers

status: 307
date: Fri, 11 Sep 2020 08:55:08 GMT
content-length: 0
location: https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=93&advUuid=df783e1a-0cff-4953-b6d0-d4cfdfb76982

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
453 B 40ms
14ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-35676203-21&cid=1015411197.1599814507&jid=1527623219&gjid=2093890262&_gid=13939682.1599814507&_u=YEBAAEAAAAAAAC~&z=1857125522

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Sep 2020 08:55:07 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame 3CF8 88 KB
4 KB 73ms
72ms XHR
application/json 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=1&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn18%2Fvideo%2Fusers%2Fconverted%2F28530%2Fvideo_5d5baf9fe4c32389620327%2Fvid5f59fc3db2dba935186371.mp4&vid_content_id=1001144&vid_content_desc=Limited+edition+%243%2C299+Galaxy+Z+Fold+2+wanted+by+230%2C000+Koreans&vid_content_title=Limited+edition+%243%2C299+Galaxy+Z+Fold+2+wanted+by+230%2C000+Koreans&vid_content_duration=49&debugInformation=&x=320&y=180&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&ri=6C69766553746174737C736B317B54307D7B64323032302D30392D31315F31317D7B7331323334383830387D7B4336317D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&isApp=0&geoLati=48.9335&geoLong=2.3661&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5f5b3b6aadcb0&cbuster=1599814507140&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30392D31315F31317D7B7331323334383830387D7B4336317D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=5f5b3b6aadcb0&debugInfo=12348808_&debugPlayerSession=&pubUrlDEMO=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=48.9335&geoLong=2.3661&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: ac276b36c24e247d8c755e4729fe8bb31c4021d986ca4039a45fada9625b319b

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 3521

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame 3CF8 34 KB
2 KB 66ms
65ms XHR
application/json 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=0&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn18%2Fvideo%2Fusers%2Fconverted%2F28530%2Fvideo_5d5baf9fe4c32389620327%2Fvid5f59fc3db2dba935186371.mp4&vid_content_id=1001144&vid_content_desc=Limited+edition+%243%2C299+Galaxy+Z+Fold+2+wanted+by+230%2C000+Koreans&vid_content_title=Limited+edition+%243%2C299+Galaxy+Z+Fold+2+wanted+by+230%2C000+Koreans&vid_content_duration=49&debugInformation=&x=320&y=180&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&ri=6C69766553746174737C736B317B54307D7B64323032302D30392D31315F31317D7B7331323334383830387D7B4336317D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&isApp=0&geoLati=48.9335&geoLong=2.3661&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5f5b3b6aadcb0&cbuster=1599814507142&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30392D31315F31317D7B7331323334383830387D7B4336317D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=5f5b3b6aadcb0&debugInfo=12348808_&debugPlayerSession=&pubUrlDEMO=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=48.9335&geoLong=2.3661&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: d571aea1740b707b7c2789e84b2e985e691145541247d6982d0b795e9f8f8499

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:06 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 2039

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 27ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://threatpost.com
Referer: https://fonts.googleapis.com/css?family=Roboto&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:03:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 345073
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Tue, 07 Sep 2021 09:03:54 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
276 B 30ms
29ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-35676203-21&cid=1015411197.1599814507&jid=1527623219&_u=YEBAAEAAAAAAAC~&z=1217541045

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
513 B 62ms
31ms Image
image/gif 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-35676203-21&cid=1015411197.1599814507&jid=1527623219&_u=YEBAAEAAAAAAAC~&z=1217541045

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 3CF8 6 KB
3 KB 54ms
52ms XHR
application/javascript 99.86.5.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-213.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:30:27 GMT
content-encoding: gzip
vary: Origin
age: 77081
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Wed, 09 Sep 2020 11:16:19 GMT
server: AmazonS3
etag: "a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 1gUzI35R2wf0sNnhP-fYPiyREcP481e-M06NofFBYpwOPD6KutO9pQ==

GET
H2 200 pixel;r=190392479;source=gtm;rf=0;uh=65ce955d6ae6;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F;fpan=1;fpa=P0-1566517433-15998...
pixel.quantserve.com/ 35 B
371 B 12ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=190392479;source=gtm;rf=0;uh=65ce955d6ae6;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F;fpan=1;fpa=P0-1566517433-1599814507201;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=threatpost.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1599814507200;tzo=-120;ogl=image.https%3A%2F%2Fmedia%252Ethreatpost%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F103%2F2020%2F02%2F25094413%2FTikTo%2Ctype.article%2Ctitle.Spyware%20Labeled%20'TikTok%20Pro'%20Exploits%20Fears%20of%20U%252ES%252E%20Ban%2Cdescription.Malware%20can%20take%20over%20common%20device%20functions%20as%20well%20as%20creates%20a%20phishing%20page%2Curl.https%3A%2F%2Fthreatpost%252Ecom%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F15905

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 198ms
144ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 117
pragma: no-cache
last-modified: Fri, 11 Sep 2020 08:55:07 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 41fc11e987f2241a3fd7f7fb9d3a61ef
x-transaction: 00bb939100efec9f
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 3CF8 0
215 B 1367ms
270ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 3CF8 0
59 B 41ms
41ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 11 Sep 2020 08:55:07 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://threatpost.com

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/ 336 KB
132 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=explicit&ver=5.4.2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854f7a7915f240546d3950dd2b067466da13c013d04a3f8c790880c58ec61151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 15:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 04:06:55 GMT
server: sffe
age: 234586
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134800
x-xss-protection: 0
expires: Wed, 08 Sep 2021 15:45:21 GMT

GET
H2 200 flipboard.svg
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/ 236 B
565 B 352ms
352ms Image
image/svg+xml 2600:9000:2156:4800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/flipboard.svg
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cf1c8861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cf1c8861
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Fri, 11 Sep 2020 08:55:07 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 16:09:39 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: W/"5f58fe43-ec"
x-cache: Miss from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=604800, public
x-amz-cf-id: tO8KW49_rAU8oPOModOHI_qNLWBcbFQ4qSm8WQ5MRhnh8G12oSlLfw==
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
expires: Fri, 18 Sep 2020 08:55:07 GMT

GET
H2 200 fontawesome-webfont.woff2
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/ 75 KB
76 KB 368ms
352ms Font
font/woff2 2600:9000:2156:4800:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cf1c8861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4800:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://threatpost.com
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cf1c8861
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:07 GMT
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
status: 200
content-length: 77160
pragma: public
last-modified: Wed, 09 Sep 2020 16:09:40 GMT
server: nginx
etag: "5f58fe44-12d68"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: 6jB66nSNCs0Cmn3E6NMVx8qisT6EWwFvMqgqira4ueUWMt4SL9m3aA==
expires: Sat, 11 Sep 2021 08:55:07 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
652 B 221ms
154ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 123
pragma: no-cache
last-modified: Fri, 11 Sep 2020 08:55:07 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 8823b3028bd2e717c948c5decf2d67a1
x-transaction: 0043a95300db7d1e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame 124F 0
0 26ms
24ms Document
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&theme=standard&size=normal&cb=r6eef3s7i3wf

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5Vbium2B5U4Atmsco8drgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&theme=standard&size=normal&cb=r6eef3s7i3wf
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Sep 2020 08:55:07 GMT
content-security-policy: script-src 'report-sample' 'nonce-5Vbium2B5U4Atmsco8drgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10673
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
graph.facebook.com/ 97 B
508 B 45ms
31ms XHR
application/json 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

604b7529c0a44d41e672f0ba25d97652e2418263c9ce00c1581cddce2da42708

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "1a7e03dd4f7555310b443c1db0226449c4cd89ca"
status: 200
x-fb-rev: 1002650811
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 97
pragma: no-cache
x-fb-debug: Zww3eYrGUlIhKMxXiOexOsTgs2A9WbQgwXiNXcCrmCvsJTqZZZ2pDjkO7enEEr3VBJ4guXxc/ZOeAnwoHoSCow==
x-fb-trace-id: CjxBcu3c30H
date: Fri, 11 Sep 2020 08:55:07 GMT
content-type: application/json
access-control-allow-origin: *
x-fb-request-id: AWyyjFJPhGFMTQPYzk_n4aK
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 404 share
www.linkedin.com/countserv/count/ 0
0 153ms
136ms Script
text/html 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linkedin.com/countserv/count/share?url=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&format=jsonp&callback=jQuery112409309793156726671_1599814506642&_=1599814506643
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 info.json Show response
www.reddit.com/api/ 3 KB
2 KB 211ms
150ms XHR
application/json 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

c234e1f74fff003b0cd2eaf3ecf278def8ca577faf95a24dcc9281da2f11470f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
status: 200
vary: accept-encoding
content-length: 1137
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
server: snooserv
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: -1

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 34ms
14ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=threatpost.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Sep 2020 08:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 34ms
15ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=threatpost.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Sep 2020 08:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 202 KB
23 KB 470ms
435ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1382542237226250&correlator=399661549618957&output=ldjh&impl=fifs&eid=21065139%2C21066806&vrg=2020090301&gdpr=0&tfua=0&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200911&iu_parts=21707124336%2CThreatPost-970x250-ATF%2CThreatPost-300x250-ATF%2CThreatPost-300x600-ATF%2CThreatPost-2x2-Skin&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C336x280%2C300x250%7C300x600%2C2x2&prev_scp=amznbid%3D2%26amznp%3D2%26hb_adid_nobid%3D639c4d1f94496de%26hb_bidder_nobid%3Dnobid%26dyn_bids%3D0.01%26hb_adid%3D639c4d1f94496de%26hb_bidder%3Dnobid%7Camznbid%3D2%26amznp%3D2%26hb_adid_nobid%3D6415f1bf8a8e8b1%26hb_bidder_nobid%3Dnobid%26dyn_bids%3D0.01%26hb_adid%3D6415f1bf8a8e8b1%26hb_bidder%3Dnobid%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=urlhost%3Dhttps%253A%252F%252Fthreatpost.com%252F%26urlpath%3D%252Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%252F159050%252F%26urlquery%3Dgoogfc%26contentid%3D159050%26category%3Dmobile-security%26contenttags%3Dandroid%252Ccredential-theft%252Cfacebook%252Cfake-apps%252Cgoogle-play-store%252Cmalware%252Cmobile-apps%252Csmartphone%252Cspyware%252Ctiktok%252Ctiktok-pro%252Czscaler&cookie_enabled=1&bc=31&abxe=1&lmt=1599814507&dt=1599814507478&dlt=1599814505946&idt=635&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1082%2C1082%2C0&adys=10%2C257%2C1568%2C0&adks=1015519800%2C654286612%2C375389812%2C3385906655&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&dssz=51&icsg=171851648000&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90%7C300x250%7C300x250%7C1600x2&msz=728x90%7C300x250%7C300x250%7C1600x2&ga_vid=1015411197.1599814507&ga_sid=1599814507&ga_hid=1281724384&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e96cccd32e217d77100b2a1e935fde85c1bcfc6ebb96c4f913c3ee15ddc40436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23169
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,5283645110
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,138301519116
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://threatpost.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
332def0639a087c9e01f4dfef2d8e2dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 82ms
38ms Other
text/html 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://332def0639a087c9e01f4dfef2d8e2dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 25ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame 9BDC 0
0 25ms
24ms Document
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&theme=light&size=normal&cb=lftzzrece7j4

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x+R35CvKzDFp1xGDGSL/pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&theme=light&size=normal&cb=lftzzrece7j4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Sep 2020 08:55:07 GMT
content-security-policy: script-src 'report-sample' 'nonce-x+R35CvKzDFp1xGDGSL/pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10699
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame A35F 0
0 19ms
18ms Document
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=59o51yjkt7jl

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Htqpv6HQTHdaUwrMvTqn9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=59o51yjkt7jl
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Sep 2020 08:55:07 GMT
content-security-policy: script-src 'report-sample' 'nonce-Htqpv6HQTHdaUwrMvTqn9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1174
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame C290 0
0 54ms
54ms Document
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&cb=dgycdtbsqt5b

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7SN7xMIwj0jlKhjx5v0rBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&cb=dgycdtbsqt5b
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Sep 2020 08:55:07 GMT
content-security-policy: script-src 'report-sample' 'nonce-7SN7xMIwj0jlKhjx5v0rBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1173
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bl-9a4f7ce-b01f8ccd.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame F2BC 80 KB
23 KB 32ms
31ms Script
application/javascript 143.204.215.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-9a4f7ce-b01f8ccd.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-61.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8581d6108c8b6f78740974a1d5061bbf88104d2b68a9c9f6ce3e7edb49d5f1d9

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 18:05:07 GMT
content-encoding: gzip
age: 53402
x-cache: Hit from cloudfront
status: 200
content-length: 22819
x-amz-meta-git_commit: 9a4f7ce
last-modified: Thu, 10 Sep 2020 17:57:47 GMT
server: AmazonS3
etag: "95f23873136261e5dd00f4851bba65f6"
x-amz-version-id: 2gOzh2lBW0iGe.bnrz5gR1.ZCEl.nPi5
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 3Rw1F1hL0C7vatOT8yIrroMd1PXrOziSYQ-7UyYLQfkO4MOI2p0HEA==

GET
H2 200 b-9a4f7ce-a7f6098c.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame F2BC 61 KB
21 KB 35ms
34ms Script
application/javascript 143.204.215.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-9a4f7ce-a7f6098c.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-61.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0119689800eadf6270855a19b65d74251e7da6be5e4686f36c15bf81281ddb4c

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 18 Aug 2020 17:46:30 GMT
content-encoding: gzip
age: 2041719
x-cache: Hit from cloudfront
status: 200
content-length: 20808
x-amz-meta-git_commit: 9a4f7ce
last-modified: Tue, 18 Aug 2020 17:45:57 GMT
server: AmazonS3
etag: "98ae1c21c96b68b5f173604d82c35d5d"
x-amz-version-id: PzdVsYQ0bdCd7Kp..jKBw4vE53Z4BW7z
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: _wFmDAmLegBRw9IqHAUt-ofVRMolXGfDFui0MC11Ii1nhzoEHJowjg==

GET
H2 200 bl-9a4f7ce-b01f8ccd.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 7985 80 KB
23 KB 30ms
29ms Script
application/javascript 143.204.215.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-9a4f7ce-b01f8ccd.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-61.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8581d6108c8b6f78740974a1d5061bbf88104d2b68a9c9f6ce3e7edb49d5f1d9

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 18:05:07 GMT
content-encoding: gzip
age: 53402
x-cache: Hit from cloudfront
status: 200
content-length: 22819
x-amz-meta-git_commit: 9a4f7ce
last-modified: Thu, 10 Sep 2020 17:57:47 GMT
server: AmazonS3
etag: "95f23873136261e5dd00f4851bba65f6"
x-amz-version-id: 2gOzh2lBW0iGe.bnrz5gR1.ZCEl.nPi5
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 1UBQzU6MwBZxCyGSJaIE4LZBDHO28Wmnhz01wsw1si4uU9RDRBqoCg==

GET
H2 200 b-9a4f7ce-a7f6098c.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 7985 61 KB
21 KB 32ms
32ms Script
application/javascript 143.204.215.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-9a4f7ce-a7f6098c.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-61.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0119689800eadf6270855a19b65d74251e7da6be5e4686f36c15bf81281ddb4c

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 18 Aug 2020 17:46:30 GMT
content-encoding: gzip
age: 2041719
x-cache: Hit from cloudfront
status: 200
content-length: 20808
x-amz-meta-git_commit: 9a4f7ce
last-modified: Tue, 18 Aug 2020 17:45:57 GMT
server: AmazonS3
etag: "98ae1c21c96b68b5f173604d82c35d5d"
x-amz-version-id: PzdVsYQ0bdCd7Kp..jKBw4vE53Z4BW7z
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: VkDU_aSSffh02GWb7PAMc3nc8p6XOUF84sagCJa8GButMNa4wdNHvA==

GET
H2 200 bl-9a4f7ce-b01f8ccd.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame EF61 80 KB
23 KB 29ms
29ms Script
application/javascript 143.204.215.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-9a4f7ce-b01f8ccd.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-61.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8581d6108c8b6f78740974a1d5061bbf88104d2b68a9c9f6ce3e7edb49d5f1d9

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 18:05:07 GMT
content-encoding: gzip
age: 53402
x-cache: Hit from cloudfront
status: 200
content-length: 22819
x-amz-meta-git_commit: 9a4f7ce
last-modified: Thu, 10 Sep 2020 17:57:47 GMT
server: AmazonS3
etag: "95f23873136261e5dd00f4851bba65f6"
x-amz-version-id: 2gOzh2lBW0iGe.bnrz5gR1.ZCEl.nPi5
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: dfEgb9ehvhBhV00Tnja2SYJH5s41NI-r3KYCOtnb5WXPoKl3pd7cvg==

GET
H2 200 b-9a4f7ce-a7f6098c.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame EF61 61 KB
21 KB 30ms
29ms Script
application/javascript 143.204.215.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-9a4f7ce-a7f6098c.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-61.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0119689800eadf6270855a19b65d74251e7da6be5e4686f36c15bf81281ddb4c

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 18 Aug 2020 17:46:30 GMT
content-encoding: gzip
age: 2041719
x-cache: Hit from cloudfront
status: 200
content-length: 20808
x-amz-meta-git_commit: 9a4f7ce
last-modified: Tue, 18 Aug 2020 17:45:57 GMT
server: AmazonS3
etag: "98ae1c21c96b68b5f173604d82c35d5d"
x-amz-version-id: PzdVsYQ0bdCd7Kp..jKBw4vE53Z4BW7z
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: l5w-NV8TkizxKFtYSxEruQDBHJwwAi2blr36-B8ikO6PngjgckJvwQ==

GET
H2 200 bl-9a4f7ce-b01f8ccd.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 045A 80 KB
23 KB 30ms
30ms Script
application/javascript 143.204.215.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-9a4f7ce-b01f8ccd.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-61.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8581d6108c8b6f78740974a1d5061bbf88104d2b68a9c9f6ce3e7edb49d5f1d9

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 18:05:07 GMT
content-encoding: gzip
age: 53402
x-cache: Hit from cloudfront
status: 200
content-length: 22819
x-amz-meta-git_commit: 9a4f7ce
last-modified: Thu, 10 Sep 2020 17:57:47 GMT
server: AmazonS3
etag: "95f23873136261e5dd00f4851bba65f6"
x-amz-version-id: 2gOzh2lBW0iGe.bnrz5gR1.ZCEl.nPi5
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: mNNnrXhFQcD5sAiDzbcGCP87ngA8lUThL8ICIgykIgXS8sZjk8YtWA==

GET
H2 200 b-9a4f7ce-a7f6098c.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 045A 61 KB
21 KB 31ms
30ms Script
application/javascript 143.204.215.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-9a4f7ce-a7f6098c.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-61.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0119689800eadf6270855a19b65d74251e7da6be5e4686f36c15bf81281ddb4c

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 18 Aug 2020 17:46:30 GMT
content-encoding: gzip
age: 2041719
x-cache: Hit from cloudfront
status: 200
content-length: 20808
x-amz-meta-git_commit: 9a4f7ce
last-modified: Tue, 18 Aug 2020 17:45:57 GMT
server: AmazonS3
etag: "98ae1c21c96b68b5f173604d82c35d5d"
x-amz-version-id: PzdVsYQ0bdCd7Kp..jKBw4vE53Z4BW7z
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: BbR-1VNmkX5rpKHoKX2vH7zvppYWoId9jFfVBRB5dIBkBvjh3jY8yw==

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012009010507000/ Frame F2BC 206 KB
56 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12a24c1feb4b8e8e3872a9fedee80fcce55a6f59b14607d640fcf4f3054ec43e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 81718
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57296
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 10:13:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9e379dcbf00ec980"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 10:13:10 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame F2BC 16 KB
6 KB 39ms
14ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-ad-exit-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d337aa4ea0cace6bd743ef8c3b5d1d20e6e676bb4a650c7335a7383635529f31

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 84153
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 09:32:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c8394c73e5080432"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 09:32:35 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame F2BC 95 KB
30 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-analytics-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76a8c8ef4cde9cbd17bbaecf11ee316fab4e55cc661093e4b2d80a4e1ff52897

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 81718
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29275
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 10:13:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56557b91d9fb04b1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 10:13:10 GMT

GET
H3-Q050 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame F2BC 4 KB
2 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-fit-text-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fca0b40781598023aed9b45225711771eafce8f14392a49d6ed57d567255002

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 84166
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1795
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 09:32:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0cc102b09e8903d"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 09:32:22 GMT

GET
H3-Q050 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame F2BC 47 KB
14 KB 43ms
23ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-form-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21cb9221d772cfd0d3de7240fe5c07ee1c06b9bd945111a2e0491ae243eb0b41

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 81713
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14591
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 10:13:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4ca25f57e218a94a"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 10:13:15 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame F2BC 7 KB
750 B 43ms
25ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=fr

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Sep 2020 08:55:08 GMT
server: ESF
date: Fri, 11 Sep 2020 08:55:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Sep 2020 08:55:08 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame F2BC 5 KB
1 KB 42ms
24ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Sep 2020 07:57:01 GMT
server: ESF
date: Fri, 11 Sep 2020 08:55:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Sep 2020 08:55:08 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9439197713898437378/ Frame F2BC 29 KB
29 KB 39ms
21ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9439197713898437378/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI2gMQ-AEYASABLQAAAD8w2gM4-AFFAACAPw&rs=AOga4qlrHSzTvnF5ZLNG7MlFPRakBZ6VZA

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

063a514420ebdd7a836d3d93841dddad453e3ff40556addbe271da3f312c41fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 12:48:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Apr 2020 10:23:56 GMT
server: sffe
age: 504410
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30055
x-xss-protection: 0
expires: Sun, 05 Sep 2021 12:48:18 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/45712214869687147/ Frame F2BC 10 KB
10 KB 34ms
17ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/45712214869687147/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qlsJDh17S7M52deCqWeLNY2rgX3BA

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7315d4062362b1dc51630b9e3dd2f6a47d2e4b561a0c925a9c353e62cb86d173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 17:50:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Aug 2018 13:45:24 GMT
server: sffe
age: 313506
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10356
x-xss-protection: 0
expires: Tue, 07 Sep 2021 17:50:02 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F2BC 0
0 65ms
63ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Coj9CaztbX_uMJNbE-ga2zKGIAcD7k4Jf0Ofp0L8M8YXFypkOEAEg0YfSIGD7gYCAiAqgAdTItNADyAEGqQK3gFAxzdqzPuACAKgDAcgDCqoEmgJP0O0oJPyY4lvIf6xebPUmmYgs5ufd6jIIaExhhw1BAarXitW6fkwanfQlUhO9yB-MZvYUFkI_z9saRWHVA7Vf4IVY_8jfH6bw4EsBrQWpEosgfXnnQbT4goeR4pHCNjTDeeDydwzmlTOGt0f16O5r3WWcN_r9WK5xKneVyxnR0D_we2kEWNxQE88g35_-Kbgoy16nsx4POUlVhG2GqPq7sv8ahCHBzSAbR1-OjUy14VmfGLEb_o2kK83I3tMSTRpNR59Wr6tgAiJxXmWXGbwsKKKu4IEPyIJCrnWPwPQA-tIZUZflBMZfm-xtZ9TZO8wLEY06sH_rYRT_MxD-dBfHnyryY3sdC43QmsyJpoqjpdNB8RSmvasdYbDABM6-ssrLAuAEAZIFBAgEGAGSBQQIBRgEoAY3gAeUt8svqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEENLpL9IICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tNzI2MzU3MzQ0NjgwNDA3OIAKA8gLAdgTDYgUBA&sigh=fw29rC1mEH0&template_id=492&tpd=AGWhJmuwe1erumysepmNgQ_8K3iOeAbC82Q1da6zvAXmV5wTrQ
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame F2BC 0
0 17ms
15ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQhtKvjzldxcpsCd2Aj_DfwoPWmy6GuwKMjoiJ5hrSh9EV2Caxqg_SYMyFHESu6TZsUpdEx
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F2BC 2 KB
3 KB 31ms
14ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 23:34:14 GMT
x-content-type-options: nosniff
server: cafe
age: 33654
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 11 Sep 2020 23:34:14 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F2BC 295 B
756 B 29ms
12ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 39707
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 11 Sep 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame F2BC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b0d23ccdf4dfc06cfcab66f38b0ec5a1885ad4972f928d98225223148cead74

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012009010507000/ Frame 7985 206 KB
56 KB 25ms
15ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12a24c1feb4b8e8e3872a9fedee80fcce55a6f59b14607d640fcf4f3054ec43e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 81718
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57296
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 10:13:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9e379dcbf00ec980"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 10:13:10 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 7985 16 KB
6 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-ad-exit-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d337aa4ea0cace6bd743ef8c3b5d1d20e6e676bb4a650c7335a7383635529f31

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 84153
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 09:32:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c8394c73e5080432"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 09:32:35 GMT

GET
H3-Q050 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 7985 95 KB
29 KB 41ms
21ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-analytics-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76a8c8ef4cde9cbd17bbaecf11ee316fab4e55cc661093e4b2d80a4e1ff52897

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 81718
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29275
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 10:13:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56557b91d9fb04b1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 10:13:10 GMT

GET
H3-Q050 200 amp-animation-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 7985 76 KB
18 KB 34ms
15ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-animation-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1ee7d241bb9729ba813536e6a54d708b6d809a87f9d02457170d61904d52ac8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 143210
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18081
x-xss-protection: 0
server: sffe
date: Wed, 09 Sep 2020 17:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ce99181b35637f75"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Sep 2021 17:08:18 GMT

GET
H3-Q050 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 7985 4 KB
2 KB 48ms
29ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-fit-text-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fca0b40781598023aed9b45225711771eafce8f14392a49d6ed57d567255002

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 84166
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1795
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 09:32:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0cc102b09e8903d"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 09:32:22 GMT

GET
H3-Q050 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 7985 47 KB
15 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-form-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21cb9221d772cfd0d3de7240fe5c07ee1c06b9bd945111a2e0491ae243eb0b41

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 81713
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14591
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 10:13:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4ca25f57e218a94a"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 10:13:15 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7985 2 KB
2 KB 18ms
13ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 23:34:14 GMT
x-content-type-options: nosniff
server: cafe
age: 33654
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 11 Sep 2020 23:34:14 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7985 295 B
319 B 17ms
14ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 39707
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 11 Sep 2020 21:53:21 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7985 0
0 72ms
67ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTIS6aztbX_yMJNbE-ga2zKGIAcjttelewqf0vJALmJL4h7MCEAEg0YfSIGD7gYCAiAqgAbmHqaIDyAEJqQK3gFAxzdqzPuACAKgDAcgDCKoEnQJP0Ekrur_ndZBelPlGY2pyt9ezaGdV1uICi8TGj-DIMuWcXl-UVahHiUFIU9mMIGQnW_Ep7O3ayQQSYrdgWnrwPSeVkr4P2TyAOpLiP2vAoMkJYfn9VAqTwB6mryQsU5IEbQiDgnA17EfEF5MdZu9jgbBlyqIKmOBeUto4lYWrVc2GEGimiRjX43F12kRiGHWbt2de1OQu5_2inko4Tzhu28VjYzACOsO3orhVegIVUscD-5CyG88pv3wG90yT6Dw-7vdGiUYmHOJSfLSSu1xV7WTJa2JnW_Xr9JRJoBELaXHF0X0da6smFEMooIfPqWOO4Ifwe8iwJiVSVFbU8f9zsF-3X9RdS4wTlL8MvBg49bUe4AoNGM35okMT25rABNff18rmAuAEAZIFBAgEGAGSBQQIBRgEoAYugAfouutfqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcA8gcEEOfZFdIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tNzI2MzU3MzQ0NjgwNDA3OIAKA8gLAdgTDQ&sigh=s3AVVJMm8ls&template_id=419&tpd=AGWhJmv7ow8orKUqd660TDTlv-jTB3gyOaqj56ve0XgsMLDBuw
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 06cab17d68737198f8b31dce38ef6793.svg
tpc.googlesyndication.com/sadbundle/4809603656147653704/images/ Frame 7985 1 KB
841 B 17ms
14ms Image
image/svg+xml 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4809603656147653704/images/06cab17d68737198f8b31dce38ef6793.svg

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c5ef1eb596d75c03f5fa68e702a60af221b8b4c983bd9d10b9c162f9fdadeb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 13:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328083
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 668
x-xss-protection: 0
last-modified: Thu, 13 Feb 2020 10:27:32 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Sep 2021 13:47:05 GMT

GET
H3-Q050 200 7ddee116bd0afedf3c87eea90dfa010e.svg
tpc.googlesyndication.com/sadbundle/4809603656147653704/images/ Frame 7985 10 KB
3 KB 26ms
23ms Image
image/svg+xml 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4809603656147653704/images/7ddee116bd0afedf3c87eea90dfa010e.svg

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c63a2b296e7b639deb0bf45d203cfda26134d8804ece8c344a35d0a46f57cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 13:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328083
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2901
x-xss-protection: 0
last-modified: Thu, 13 Feb 2020 10:27:32 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Sep 2021 13:47:05 GMT

GET
H3-Q050 200 abcd46cac977d94f439a50c174b288f7.svg
tpc.googlesyndication.com/sadbundle/4809603656147653704/images/ Frame 7985 3 KB
2 KB 30ms
27ms Image
image/svg+xml 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4809603656147653704/images/abcd46cac977d94f439a50c174b288f7.svg

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2defb967cc832389234bf3b00efbfa13667b471693254fb4b1f7073da2c042e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 13:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328083
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1621
x-xss-protection: 0
last-modified: Thu, 13 Feb 2020 10:27:32 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Sep 2021 13:47:05 GMT

GET
DATA 200
OK truncated
/ Frame 7985 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb28873ff060162df3af7084bd21df6b375e08289a14cb77aba4956bbdfab791

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 9f2952e6850c0ffb137d58f28ff424d6.jpg
tpc.googlesyndication.com/sadbundle/4809603656147653704/images/ Frame 7985 49 KB
49 KB 25ms
23ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4809603656147653704/images/9f2952e6850c0ffb137d58f28ff424d6.jpg

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eeac0308b6a878340c311b33deeceb9d1460761239a680727b8409aac54876db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 13:47:05 GMT
x-content-type-options: nosniff
age: 328083
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50212
x-xss-protection: 0
last-modified: Thu, 13 Feb 2020 10:27:32 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Sep 2021 13:47:05 GMT

GET
H3-Q050 200 0a16e4376d46908010854d41a12b65e4.svg
tpc.googlesyndication.com/sadbundle/4809603656147653704/images/ Frame 7985 3 KB
1 KB 35ms
33ms Image
image/svg+xml 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4809603656147653704/images/0a16e4376d46908010854d41a12b65e4.svg

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78f75ab2aed4cb1c3f11b10b04817b83b2179c8cbca1bdfbd7b5fe35ba5525b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 13:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328083
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1406
x-xss-protection: 0
last-modified: Thu, 13 Feb 2020 10:27:32 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Sep 2021 13:47:05 GMT

GET
H3-Q050 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012009010507000/ Frame EF61 206 KB
56 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12a24c1feb4b8e8e3872a9fedee80fcce55a6f59b14607d640fcf4f3054ec43e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 81718
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57296
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 10:13:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9e379dcbf00ec980"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 10:13:10 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame EF61 16 KB
6 KB 17ms
7ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-ad-exit-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d337aa4ea0cace6bd743ef8c3b5d1d20e6e676bb4a650c7335a7383635529f31

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 84153
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 09:32:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c8394c73e5080432"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 09:32:35 GMT

GET
H3-Q050 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame EF61 95 KB
29 KB 17ms
8ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-analytics-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76a8c8ef4cde9cbd17bbaecf11ee316fab4e55cc661093e4b2d80a4e1ff52897

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 81718
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29275
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 10:13:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56557b91d9fb04b1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 10:13:10 GMT

GET
H3-Q050 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame EF61 4 KB
2 KB 19ms
9ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-fit-text-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fca0b40781598023aed9b45225711771eafce8f14392a49d6ed57d567255002

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 84166
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1795
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 09:32:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0cc102b09e8903d"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 09:32:22 GMT

GET
H3-Q050 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame EF61 47 KB
14 KB 19ms
7ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-form-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21cb9221d772cfd0d3de7240fe5c07ee1c06b9bd945111a2e0491ae243eb0b41

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 81713
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14591
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 10:13:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4ca25f57e218a94a"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 10:13:15 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame EF61 7 KB
750 B 32ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=fr

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Sep 2020 08:52:01 GMT
server: ESF
date: Fri, 11 Sep 2020 08:55:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Sep 2020 08:55:08 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame EF61 5 KB
687 B 29ms
14ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Sep 2020 07:54:59 GMT
server: ESF
date: Fri, 11 Sep 2020 08:55:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Sep 2020 08:55:08 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/45712214869687147/ Frame EF61 10 KB
10 KB 25ms
6ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7315d4062362b1dc51630b9e3dd2f6a47d2e4b561a0c925a9c353e62cb86d173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 17:50:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Aug 2018 13:45:24 GMT
server: sffe
age: 313506
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10356
x-xss-protection: 0
expires: Tue, 07 Sep 2021 17:50:02 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9524345456606241998/ Frame EF61 24 KB
24 KB 27ms
8ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9524345456606241998/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQqgIYASABLQAAAD8wqgI4qgJFAACAPw&rs=AOga4qmpQiBISWg6fGJVF9-uUh9gIcO0Jw

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f158f67c125fdb6ecf0fa7923a678b17a8471596f6fa711a71febaad570a0ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 06:43:39 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Apr 2020 10:31:50 GMT
server: sffe
age: 526289
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24114
x-xss-protection: 0
expires: Sun, 05 Sep 2021 06:43:39 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EF61 0
0 81ms
62ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CozD4aztbX_2MJNbE-ga2zKGIAcD7k4Jf0Ofp0L8M8YXFypkOEAEg0YfSIGD7gYCAiAqgAdTItNADyAEGqQK3gFAxzdqzPuACAKgDAcgDCqoEnQJP0A0tzygUAkPHQ6rTXUx00MxSFQy5nMk7bdoIFLhVP_xzhhc7wsQnr-JMqqhjwxLV5PuRHv_ZbkHlTlSttcGJ6T3LRKTsE8P2uOo8iyBjJebNvx9id3q0uYy0R0cT0AtWgtKTbV3lSYc2C9RUrSZmlLTLq45Z6TnWVUN9ItkEAzbTprJLJ7viBAk8gwA7Iu07McpqCmwbgYAD3WdDHmSr542ZHNlM9uLh9D-KO74dMYvghsEl6xh9n7UaTOLW4kUUYIGmP4zX3DE6y8K7Whk2Z81ZDr6Cucs5VsS0c-w8UdhnH4f9ci5DWUkIMCbXW9nYM5qgeN0Mph9eRjSf_q82qLDsAJLmVQE3_l4em0FMjSS5QVwVTqNWj2VASprABM6-ssrLAuAEAZIFBAgEGAGSBQQIBRgEoAY3gAeUt8svqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEELzRHdIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tNzI2MzU3MzQ0NjgwNDA3OIAKA8gLAdgTDYgUBA&sigh=Vpx0EoOawXQ&template_id=492&tpd=AGWhJmsk-8YI8J0Isp-DVjym_VrkOBVv9YXwJFshXFwrZ9B_2g
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EF61 2 KB
2 KB 25ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 23:34:14 GMT
x-content-type-options: nosniff
server: cafe
age: 33654
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 11 Sep 2020 23:34:14 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EF61 295 B
319 B 26ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 39707
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 11 Sep 2020 21:53:21 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame EF61 0
0 33ms
13ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_RMKMN9U-U5d9UmVQywyYr1sLTMT1axT4j5RX6oZaTXdSG5UF9yTS2-CUhqnzDH5d58ak
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame EF61 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed27c1a3263dace9445e50ad9f3c37e5f2be2a7a58189ef486596d51359b1b88

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012009010507000/ Frame 045A 206 KB
56 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12a24c1feb4b8e8e3872a9fedee80fcce55a6f59b14607d640fcf4f3054ec43e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 81718
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57296
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 10:13:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9e379dcbf00ec980"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 10:13:10 GMT

GET
H3-Q050 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 045A 95 KB
29 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-analytics-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76a8c8ef4cde9cbd17bbaecf11ee316fab4e55cc661093e4b2d80a4e1ff52897

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 81718
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29275
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 10:13:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56557b91d9fb04b1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 10:13:10 GMT

GET
H3-Q050 200 7464639028652035684
tpc.googlesyndication.com/simgad/ Frame 045A 330 B
434 B 10ms
9ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7464639028652035684

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f19e7ee6cdf20bd478c037707c447b7cd469051de4dadeac32a795efb463c2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 16:04:38 GMT
x-content-type-options: nosniff
age: 319830
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
last-modified: Tue, 28 Jan 2020 23:02:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Sep 2021 16:04:38 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 045A 0
31 B 65ms
64ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOddI9A2X7HiLuK-V1tsJ9zdxwYvm7nE9Ujk339C11GP2HNVHwMFTSB4Q0iIl5fdYwKu8XCndAqwDqTIz8KEmqCMr9KRQwsJoPDT6mP1zniZe8lkavoP3bi-NSmLUKK6CujyI-A990ugvWFjLcveijOBbkOFNZVinD7kdb4jclHzzSVTn2heRHGwenKeKa5VJ5-ZcpmfuNVOf0ApYyhSlNHsewQdUyzyYmCzLWbWaFaZ9d71HlbArhwsW3AcT18cQM2BLiSJar4Eb286oOkg&sai=AMfl-YQuPwc8kwj_UYELPuXx-EmR6oJe6qgQym6RDfO9b1zWJh3-UpKW0j3cPdIrUuw-SkpZROG9EGSCROTR7CbRBfJ4yJacoKWf6kyD8rUNa_M0p-buWXHMLIMgJxbIUhg&sig=Cg0ArKJSzNu-wBoR3BxTEAE&adurl=

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Sep 2020 08:55:08 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 045A 0
0 14ms
13ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaShu2f1nq6d0Cfo0klayS7ivOmsThYti2chjBw7m2BjKub7cDOFM6I-ZI3h0GDG6Rxw-lgS
Requested by: Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 045A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b434a0b7295a2c5cdaa73f0064815b7da5130faddfc18ac324b882cc81c136e7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame F2BC 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=fr

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://threatpost.com
Referer: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:03:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 345074
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Tue, 07 Sep 2021 09:03:54 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame F2BC 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=fr

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://threatpost.com
Referer: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:03:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 345074
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 07 Sep 2021 09:03:54 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame EF61 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=fr

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://threatpost.com
Referer: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:07:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 344885
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 07 Sep 2021 09:07:03 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame EF61 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=fr

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://threatpost.com
Referer: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:03:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 345074
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Tue, 07 Sep 2021 09:03:54 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F2BC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

72ms
40ms

Image
text/html

2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 11 Sep 2020 08:55:08 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame EF61
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

43ms
39ms

Image
text/html

2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 11 Sep 2020 08:55:08 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 54ms
22ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020090301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b102873c575a2dbb70ac77fda23a602bee5d0c519149b5ca441510e8c5a5b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Sep 2020 08:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6600
x-xss-protection: 0

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9439197713898437378/ Frame F2BC 29 KB
29 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

063a514420ebdd7a836d3d93841dddad453e3ff40556addbe271da3f312c41fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 12:48:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Apr 2020 10:23:56 GMT
server: sffe
age: 504410
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30055
x-xss-protection: 0
expires: Sun, 05 Sep 2021 12:48:18 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/45712214869687147/ Frame F2BC 10 KB
10 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7315d4062362b1dc51630b9e3dd2f6a47d2e4b561a0c925a9c353e62cb86d173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 17:50:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Aug 2018 13:45:24 GMT
server: sffe
age: 313506
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10356
x-xss-protection: 0
expires: Tue, 07 Sep 2021 17:50:02 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F2BC 2 KB
2 KB 11ms
10ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 23:34:14 GMT
x-content-type-options: nosniff
server: cafe
age: 33654
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 11 Sep 2020 23:34:14 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F2BC 295 B
319 B 12ms
11ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 39707
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 11 Sep 2020 21:53:21 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7985 2 KB
2 KB 12ms
11ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 23:34:14 GMT
x-content-type-options: nosniff
server: cafe
age: 33654
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 11 Sep 2020 23:34:14 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7985 295 B
319 B 12ms
12ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 39707
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 11 Sep 2020 21:53:21 GMT

GET
H3-Q050 200 06cab17d68737198f8b31dce38ef6793.svg
tpc.googlesyndication.com/sadbundle/4809603656147653704/images/ Frame 7985 1 KB
695 B 12ms
11ms Image
image/svg+xml 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4809603656147653704/images/06cab17d68737198f8b31dce38ef6793.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c5ef1eb596d75c03f5fa68e702a60af221b8b4c983bd9d10b9c162f9fdadeb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 13:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328083
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 668
x-xss-protection: 0
last-modified: Thu, 13 Feb 2020 10:27:32 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Sep 2021 13:47:05 GMT

GET
H3-Q050 200 7ddee116bd0afedf3c87eea90dfa010e.svg
tpc.googlesyndication.com/sadbundle/4809603656147653704/images/ Frame 7985 10 KB
3 KB 12ms
10ms Image
image/svg+xml 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4809603656147653704/images/7ddee116bd0afedf3c87eea90dfa010e.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c63a2b296e7b639deb0bf45d203cfda26134d8804ece8c344a35d0a46f57cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 13:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328083
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2901
x-xss-protection: 0
last-modified: Thu, 13 Feb 2020 10:27:32 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Sep 2021 13:47:05 GMT

GET
H3-Q050 200 abcd46cac977d94f439a50c174b288f7.svg
tpc.googlesyndication.com/sadbundle/4809603656147653704/images/ Frame 7985 3 KB
2 KB 11ms
11ms Image
image/svg+xml 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4809603656147653704/images/abcd46cac977d94f439a50c174b288f7.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2defb967cc832389234bf3b00efbfa13667b471693254fb4b1f7073da2c042e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 13:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328083
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1621
x-xss-protection: 0
last-modified: Thu, 13 Feb 2020 10:27:32 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Sep 2021 13:47:05 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9524345456606241998/ Frame EF61 24 KB
24 KB 16ms
5ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f158f67c125fdb6ecf0fa7923a678b17a8471596f6fa711a71febaad570a0ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 06:43:39 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Apr 2020 10:31:50 GMT
server: sffe
age: 526289
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24114
x-xss-protection: 0
expires: Sun, 05 Sep 2021 06:43:39 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/45712214869687147/ Frame EF61 10 KB
10 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7315d4062362b1dc51630b9e3dd2f6a47d2e4b561a0c925a9c353e62cb86d173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 17:50:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Aug 2018 13:45:24 GMT
server: sffe
age: 313506
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10356
x-xss-protection: 0
expires: Tue, 07 Sep 2021 17:50:02 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EF61 2 KB
2 KB 12ms
5ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 23:34:14 GMT
x-content-type-options: nosniff
server: cafe
age: 33654
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 11 Sep 2020 23:34:14 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EF61 295 B
319 B 12ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 39707
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 11 Sep 2020 21:53:21 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 045A 0
21 B 62ms
61ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_24R7ziys_w-TR__jpIp5-ZgptkJta594NdfInJV72kvNguchH8WDQ-gqX_Gxem7K0HCAIkEe_M555S9_72Z8kzLjsESb-DZ2Ep2fZu99YVsdTwGjyVqjriS2Yd4g7Z9dDLBvvSjIqVvO1RmsmxH7qAqC3ElFuEX5q4I71HOj32_AhszQqmmf7tbn1qsS_-XiMUXXxaBUISCebYylGYMQpNLfgys9I1NH7Yi5Hsrbncj82Q5r_WtEeSh6y1psJH5P0cn4mPfnTjpEJWfG5PXv&sai=AMfl-YQb5vvNgJNLIHjK2pWz3x-Rf-wI6rSmp4cWy_9Zlj7FadBhVyGPk3vzY_9BlCqUqVu3l_gYA2wtmqIfxOkUS0lLoXiDgyov6rU4rGgHMtKlP2iUsOsVsycR4By6fvQ&sig=Cg0ArKJSzNu7ymQILCEYEAE&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Sep 2020 08:55:08 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H/1.1 204
No Content 171621 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 3CF8 0
1 KB 224ms
74ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/171621
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 11 Sep 2020 08:55:08 GMT
X-SpotX-Timing-Transform: 0.000252
X-SpotX-Timing-SpotMarket: 0.019278
X-SpotX-Timing-Page-Mux: 0.000301
X-SpotX-Timing-Page-Require: 0.000410
X-fe: 128
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000033
X-SpotX-Timing-Page: 0.024394
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000433
Last-Modified: Fri, 11 Sep 2020 08:55:08 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.013971
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://threatpost.com
X-SpotX-Timing-Page-Misc: 0.003675
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.005307
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 3CF8 0
215 B 217ms
216ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ 43 B
437 B 40ms
40ms Image
image/gif 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=6&serverTime=1599814507&vid_playerVer=3.1.0&s=58057&sta=11072897&x=320&y=180&msta=12348808&vid_vastType=3&vid_viewabilityState=0&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f5b3b6aadcb0&rvn=${VP_RVN_MACRO}&attemptMultiplier=10&contentFileId=0&mediaPlayListId=0&mediaListId=0&cbuster=1599814508658&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f5b3b6adf0ed&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:07 GMT
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="pixel.gif"
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 11 Sep 2020 08:55:08 GMT

GET
H3-Q050 200 7464639028652035684
tpc.googlesyndication.com/simgad/ Frame 045A 330 B
355 B 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7464639028652035684

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f19e7ee6cdf20bd478c037707c447b7cd469051de4dadeac32a795efb463c2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 16:04:38 GMT
x-content-type-options: nosniff
age: 319830
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
last-modified: Tue, 28 Jan 2020 23:02:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Sep 2021 16:04:38 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 5379 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 11 Sep 2020 08:18:47 GMT
expires: Sat, 11 Sep 2021 08:18:47 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2181
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
223 B 40ms
40ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020090301&jk=1382542237226250&bg=!uLulu6NY1XWxhDx2liACAAAAQ1IAAAALCgFcEzLtxtIw5_w9PzEN4Ff13BcOSCjoi5MQxUSNJ7iVYY8qJgWtojDvDMJtjdHOopwhG9xT1JRPPBUh4dvoU6LEP2NIc-hnwU1evYCweb4AUlMPe7TNhXa-VFSa78YcoWZnc_Z0iFL0hmFEft1-UOuiq7y1pGede0lJ4Ez8QNLHcyQrZ7bvQ8t2xbwGHmN5F9GPGD2hKPM9r5b8eJ1I-7l3nenNpq2LYS9TeB70pu0kYOrGfnW7TIIR7s-WeWjtdNNc2yL7LP0s8FVPCgPa9uoT5X0D0RY9Wx7kLcp8obXpJlxiu9ajLJL5paehqWFbPRwGcTUU-2Ci826R1AL1oNByc3DZJUKE7CQkhHouBWpfq2Q0ym9kg0VbdWkj95BWkmwtShG2xAggnhKYDmgh03ZMXM3cDe1mA2Rvi0VzgwFgIrF1RGljM-OIY1pErVENfQ8sFIrfz5SxpW9pbmcHmQGnjvcI1t95e3S2IQpbdxcIkHlKV5bf3ZyRtUuXzIpmjyf9IM-KfWYFFzFRlAjLwlxvY1aZ_Y75FU0UajWQ-gSRrEwVR1TnCoeFfbVKqZiURQnfvlg6tRokgzz1VsS8zSD5leC3_LQKxi0S5qWQ7MZNCMso1YcKovZkoacqYHGGL2BmOHmr5LOLGAKonRSkYWcFSLdrVjlJo1sWkSk3uqCUrLMvq6WDJ79W8JbEF2V34XuCsxWvuuaMP505NCuqC8JAn8lxx4M-wglao9Ca8LcIWNSYtbPTI0-Ny7ObvWBVohpeI8sBNbD2Yq18RGjwo5vs_a_dGJLTO9hSMJx2ApgItQqRM6qrSrioqybKjUnlpXTTY65NkFFXDsheygaZu2f8K5OvnDhl69dvON_eQ_nzV1C17CjwmkYYn052XwaA2TdP3ZZlAG_zvPoWQ61sAW8bbuJ-Qz-IfLq2yYfQ4dq_C1wQseyX2m2zPTs5niRxOxfzHu-BuqhHhUw8g2C-O3Rd2RPufwCHxey_hjT9IaMtvqyA4nzk5vW71OdGNnc0lrhEVcTwtkmA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 avjp Show response
teachingaids-d.openx.net/v/1.0/ Frame 3CF8 92 B
285 B 123ms
122ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=bfbb664b-0162-415b-95b7-c4aeb06877b3&nocache=1599814508892&gdpr_consent=&gdpr=1&schain=1.0,1!admetricspro.com,1005,1,,,&skip=1&auid=540882778&vwd=320&vht=180
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:08 GMT
via: 1.1 google
server: OXGW/16.193.0
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 92
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 3CF8 25 B
673 B 150ms
149ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=435871&v=8.1&r={%22id%22:%221129639c13ddd82%22,%22imp%22:[{%22id%22:%22121b07285856a0b%22,%22ext%22:{%22siteID%22:%22435871%22,%22sid%22:%22320x180%22},%22bidfloor%22:3,%22bidfloorcur%22:%22USD%22,%22video%22:{%22mimes%22:[%22video/mp4%22,%22application/javascript%22,%22video/webm%22],%22minduration%22:1,%22maxduration%22:200,%22api%22:[1,2],%22protocols%22:[1,2,3,4,5,6],%22linearity%22:1,%22startdelay%22:0,%22skip%22:1,%22w%22:320,%22h%22:180,%22placement%22:1}},{%22id%22:%2213ccddabfd720d%22,%22ext%22:{%22siteID%22:%22435870%22,%22sid%22:%22320x180%22},%22bidfloor%22:3,%22bidfloorcur%22:%22USD%22,%22video%22:{%22mimes%22:[%22video/mp4%22,%22application/javascript%22,%22video/webm%22],%22minduration%22:1,%22maxduration%22:200,%22api%22:[1,2],%22protocols%22:[1,2,3,4,5,6],%22linearity%22:1,%22startdelay%22:0,%22skip%22:1,%22w%22:320,%22h%22:180,%22placement%22:1}}],%22site%22:{%22page%22:%22https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F%22},%22ext%22:{%22source%22:%22prebid%22},%22source%22:{%22ext%22:{%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22admetricspro.com%22,%22sid%22:%221005%22,%22hp%22:1}]}}},%22regs%22:{%22ext%22:{%22gdpr%22:1}},%22user%22:{%22ext%22:{%22consent%22:%22%22}}}&ac=j&sd=1&nf=1
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1b4ba96162cf2e5699c6ca627dece9a210d2056bf0c32cdea000b06b0342204c

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Sep 2020 08:55:09 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 45
Expires: Fri, 11 Sep 2020 08:55:09 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 3CF8 0
59 B 40ms
39ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 11 Sep 2020 08:55:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://threatpost.com

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3CF8 144 B
835 B 33ms
33ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

5c5114fb62d567312ea67317599bd7421fb12a6f3fb123f052e09492ff9b8558

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Sep 2020 08:55:08 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.57:80
AN-X-Request-Uuid: 331cbade-ba1a-4f8b-8c0c-dbc929cc9bb1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 3CF8 0
215 B 247ms
247ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ 43 B
437 B 39ms
39ms Image
image/gif 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=6&serverTime=1599814507&vid_playerVer=3.1.0&s=58057&sta=12723363&x=320&y=180&msta=12348808&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f5b3b6aadcb0&rvn=${VP_RVN_MACRO}&attemptMultiplier=10&contentFileId=0&mediaPlayListId=0&mediaListId=0&cbuster=1599814508888&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f5b3b6adf0ed&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:08 GMT
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="pixel.gif"
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ 43 B
437 B 38ms
38ms Image
image/gif 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=6&serverTime=1599814507&vid_playerVer=3.1.0&s=58057&sta=12381395&x=320&y=180&msta=12348808&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f5b3b6aadcb0&rvn=${VP_RVN_MACRO}&attemptMultiplier=10&contentFileId=0&mediaPlayListId=0&mediaListId=0&cbuster=1599814508888&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f5b3b6adf0ed&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:08 GMT
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="pixel.gif"
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 3CF8 0
215 B 219ms
219ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 3CF8 173 B
380 B 98ms
32ms XHR
application/json 3.120.64.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.64.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-64-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 9426385f91706a280f4ca459e5bee8478e62530692fda8a127bfce67f288e5e2

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:09 GMT
content-encoding: gzip
status: 200
content-type: application/json
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 167
expires: 0

POST
H/1.1 204
No Content 171621 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 3CF8 0
1 KB 77ms
77ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/171621
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 11 Sep 2020 08:55:09 GMT
X-SpotX-Timing-Transform: 0.000559
X-SpotX-Timing-SpotMarket: 0.020580
X-SpotX-Timing-Page-Mux: 0.000290
X-SpotX-Timing-Page-Require: 0.000442
X-fe: 143
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000033
X-SpotX-Timing-Page: 0.027946
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000467
Last-Modified: Fri, 11 Sep 2020 08:55:09 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.015360
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://threatpost.com
X-SpotX-Timing-Page-Misc: 0.005562
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.005220
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 avjp Show response
primis-d.openx.net/v/1.0/ Frame 3CF8 92 B
282 B 172ms
165ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=8f15c35e-cfaf-4c81-9e8d-b39c67333fc6&nocache=1599814509152&gdpr_consent=&gdpr=1&schain=1.0,1!admetricspro.com,1005,1,,,!primis.tech,19668,1,,,&skip=1&auid=540392761&vwd=320&vht=180
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:09 GMT
via: 1.1 google
server: OXGW/16.193.0
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 92
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ 43 B
437 B 43ms
43ms Image
image/gif 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=6&serverTime=1599814507&vid_playerVer=3.1.0&s=58057&sta=11623857&x=320&y=180&msta=12348808&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f5b3b6aadcb0&rvn=${VP_RVN_MACRO}&attemptMultiplier=10&contentFileId=0&mediaPlayListId=0&mediaListId=0&cbuster=1599814509145&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f5b3b6adf0ed&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:08 GMT
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="pixel.gif"
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ 0
353 B 40ms
39ms Image
text/html 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=36&serverTime=1599814506&vid_playerVer=3.1.0&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f5b3b6aadcb0&contentFileId=0&mediaPlayListId=0&mediaListId=0&cbuster=1599814509189&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f5b3b6adf0ed&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:08 GMT
content-encoding: gzip
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 6D84 0
0 109ms
35ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu3J576ZFHOusT2oCWDGFUXIXiL9K1yv8wNUuQw1v0N7O/GHFHInoAX9UM8CP6/6VPKGajCebujdy0A1b3+vmJA0ZLc6qJsyB+6eej/GZLgKraMB; ses15=; vis15=300372^1; khaos=KEY091ZU-4-D7G4; ses2=; vis2=300372^1; audit=1|hLZGFuTafB1KCOhr+LnEPnQnVL2heOLCkhVcA5RDeub10v052X1dTUD3pCcW8TpHcpj76PKZXj8oT2OqK/B16qwRNgFmLHdP
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 19 Aug 2020 18:23:01 GMT
Content-Encoding: gzip
Content-Length: 9455
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=54225
Expires: Fri, 11 Sep 2020 23:58:54 GMT
Date: Fri, 11 Sep 2020 08:55:09 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd
u.openx.net/w/1.0/ Frame BB32 0
0 38ms
37ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=1709af71-0894-469a-9c0d-6ae39b46ab9f|1599814507
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=1709af71-0894-469a-9c0d-6ae39b46ab9f|1599814507; Version=1; Expires=Sat, 11-Sep-2021 08:55:09 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1599814509|gekin0vNiygu; Version=1; Expires=Sat, 26-Sep-2020 08:55:09 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.193.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 11 Sep 2020 08:55:09 GMT
content-type: text/html
content-length: 419
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 7366 0
0 44ms
44ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=159196:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
ETag: "13006b6-94fd-5abd223c2ac92"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=103741
Expires: Sat, 12 Sep 2020 13:44:10 GMT
Date: Fri, 11 Sep 2020 08:55:09 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd
u.openx.net/w/1.0/ Frame 675D 0
0 36ms
35ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=1709af71-0894-469a-9c0d-6ae39b46ab9f|1599814507
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=1709af71-0894-469a-9c0d-6ae39b46ab9f|1599814507; Version=1; Expires=Sat, 11-Sep-2021 08:55:09 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1599814509|gekin0vNiygu; Version=1; Expires=Sat, 26-Sep-2020 08:55:09 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.193.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 11 Sep 2020 08:55:09 GMT
content-type: text/html
content-length: 419
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame 3189 0
0 106ms
34ms Document
text/html 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

Server: Apache
Last-Modified: Mon, 19 Jun 2017 19:18:19 GMT
ETag: "74087b-112-55254ff6699bb"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 211
Date: Fri, 11 Sep 2020 08:55:09 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 7418 0
0 110ms
36ms Document
text/html 23.210.249.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-83.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIzLJhEAoYASABKAEw6_bs-gU4AUABSAEQ6_bs-gUYAA..; uuid2=1838061608304456015
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Sat, 11 Sep 2021 08:55:09 GMT
Date: Fri, 11 Sep 2020 08:55:09 GMT
Connection: keep-alive

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame B81D 0
0 80ms
42ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=159196:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
ETag: "13006b6-94fd-5abd223c2ac92"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=103741
Expires: Sat, 12 Sep 2020 13:44:10 GMT
Date: Fri, 11 Sep 2020 08:55:09 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

204

sync
pixel.advertising.com/ups/55986/ Frame 3CF8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_...
https://pixel.advertising.com/ups/55986/sync?uid=X1s7bQAAAHw3PSJb&_origin=0&gdpr=1&gdpr_consent=&_test=X1s7bQAAAHw3PSJb

0
124 B

37ms
36ms

Image
text/plain

52.57.10.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55986/sync?uid=X1s7bQAAAHw3PSJb&_origin=0&gdpr=1&gdpr_consent=&_test=X1s7bQAAAHw3PSJb

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.10.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 11 Sep 2020 08:55:10 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:09 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1599814510.982771,VS0,VE0
x-served-by: cache-fra19171-FRA
status: 302
x-cache: HIT
location: https://pixel.advertising.com/ups/55986/sync?uid=X1s7bQAAAHw3PSJb&_origin=0&gdpr=1&gdpr_consent=&_test=X1s7bQAAAHw3PSJb
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 %7Bcombo_uid%7D
pr-bh.ybp.yahoo.com/sync/adaptv_ortb/ Frame 3CF8 43 B
836 B 133ms
43ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/adaptv_ortb/%7Bcombo_uid%7D

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 08:55:09 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

sync
pixel.advertising.com/ups/55953/ Frame 3CF8
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
https://pixel.advertising.com/ups/55953/sync?uid=20f36cdb-7f16-42fd-9394-00487acff805&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=20f36cdb-7f16-42fd-9394-00487acff805

0
124 B

58ms
50ms

Image
text/plain

52.57.10.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55953/sync?uid=20f36cdb-7f16-42fd-9394-00487acff805&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=20f36cdb-7f16-42fd-9394-00487acff805

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.10.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 11 Sep 2020 08:55:09 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:09 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.advertising.com/ups/55953/sync?uid=20f36cdb-7f16-42fd-9394-00487acff805&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=20f36cdb-7f16-42fd-9394-00487acff805
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 369

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/57304/ Frame 3CF8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc
https://pixel.advertising.com/ups/57304/sync?uid=CAESEMu1QdhmHp03reAroH-XxYQ&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMu1QdhmHp03reAroH-XxYQ&google_cver=1&apid=1A7d990c72-f40c-11ea-af88-12ff01cc4d58
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMu1QdhmHp03reAroH-XxYQ&google_cver=1&apid=1A7d990c72-f40c-11ea-af88-12ff01cc4d58&verify=true

0
506 B

39ms
39ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMu1QdhmHp03reAroH-XxYQ&google_cver=1&apid=1A7d990c72-f40c-11ea-af88-12ff01cc4d58&verify=true

Requested by

Host: threatpost.com
URL: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:10 GMT
Server: ATS/7.1.2.113
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Fri, 11 Sep 2020 08:55:10 GMT
Server: ATS/7.1.2.113
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMu1QdhmHp03reAroH-XxYQ&google_cver=1&apid=1A7d990c72-f40c-11ea-af88-12ff01cc4d58&verify=true
Connection: keep-alive
Content-Length: 0

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 045A 42 B
93 B 39ms
38ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwqG-dn91XV2_Q1VuC1U3o_xwQ9agilXavKg6O9TUm5YSl7pUJmJ0oqaYdN7UhNRFpHkkbEQvb0MUEE2B-VCykNRkQ7WsLUD9SBOgk1c4&sig=Cg0ArKJSzCP1oFlEewa-EAE&id=ampim&o=0,0&d=2,2&ss=1600,1200&bs=1600,1200&mcvt=1012&mtos=0,0,1012,1012,1012&tos=0,0,1012,0,0&tfs=140&tls=1152&g=100&h=100&tt=1153&r=v&avms=ampa&adk=3385906655

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F2BC 42 B
65 B 44ms
43ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuexGfWulO8uNNo8hniEmWaIcKFsLyEJEmoKi92KThGENqm1AM-Kg0iG0dWUwNL0PlO06h5euu_6qih-AkI9d6N4zroCfp2NatXshbMAtNRSIod-K3VHwOte8SWkw&sai=AMfl-YSe00ESJqc5d9TgJ57ncJ9-J3pWCm7iyu5-sxOycYosciYqDgmZquqeyMMuQi15ShWhi98ugwc33KT5Jesvv5wzyJEztMYj4AZBPwHWZ3MdOJ8vzZNwikQB9JxI5PQ&sig=Cg0ArKJSzIZKsM5qFiWfEAE&cid=CAASPeRo8MPjbbR74fxiBpVgNbKFOey_k_6mEbVaSBJzOmQi99t8PKVREExgT7dcjl__9YMXjtXfPhEh8GvURvA&id=ampim&o=315,10&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1010&mtos=0,0,0,1010,1010&tos=0,0,0,1010,0&tfs=247&tls=1257&g=100&h=100&tt=1257&r=v&avms=ampa&adk=1015519800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7985 42 B
65 B 42ms
41ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-D6ZHT3-zRjZyvt9M5ZYQxDzT_sCz0APOD3XLZMzdad5Q377gK4A7eAjpBNc9sJgn80BrVS0JG2RNwWOXLzFDUyUoKqd2-rzfZbDDHI2RCcWHMKnKpPWEs8S2tQ&sai=AMfl-YQ_vA1RODer8VClp180TmmS_F5G8e4mEQvKS8L_Lv4WjlcYe_Jdt3yg27KA3o15axFytz-O6Vqqmrfo8eXjgJegR1I-yRlSxhTWFFjTNIAixuJQJJl8XLZqlMI1U20&sig=Cg0ArKJSzCtEhCsmqCFPEAE&cid=CAASPeRoYdvs46_vqaHna3rIocgjCM43uN5-jILFHi15tGDZjghEIhcFrVRJtrH8yPGA3tcrs2Ne4d6ffvS96V4&id=ampim&o=1064,417&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1010&mtos=0,0,1010,1010,1010&tos=0,0,1010,0,0&tfs=277&tls=1287&g=100&h=100&tt=1287&r=v&avms=ampa&adk=654286612

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync.html
public.servenobid.com/ Frame 40F8 0
0 71ms
35ms Document
text/html 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

status: 200
cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Fri, 11 Sep 2020 01:45:09 GMT
accept-ranges: bytes
etag: "f5b818a65bad8fbb775af4b86dfa305c"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: KaAaeZO1Gus34yIyPpNVoq4LPOvduhGH52utNywuMguRVddwdvQaeyk3ZbQVaziMHmBJK2qQzPg=
x-amz-request-id: 2564785E1CD8D86D
x-azure-ref-originshield: 0o9paXwAAAADZWM5d3VXHQ7xzQB9HvpybTE9OMjFFREdFMTUxMQA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0bjtbXwAAAAD6UlltD++uQLW4zKpDlI1BQlJVMzBFREdFMDQxMQA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
date: Fri, 11 Sep 2020 08:55:09 GMT

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame 3595 0
0 34ms
34ms Document
text/html 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

Server: Apache
Last-Modified: Mon, 19 Jun 2017 19:18:19 GMT
ETag: "74087b-112-55254ff6699bb"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 211
Date: Fri, 11 Sep 2020 08:55:10 GMT
Connection: keep-alive

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame F04F 0
0 39ms
38ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=1709af71-0894-469a-9c0d-6ae39b46ab9f|1599814507; pd=v2|1599814509|gekin0vNiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=1709af71-0894-469a-9c0d-6ae39b46ab9f|1599814507; Version=1; Expires=Sat, 11-Sep-2021 08:55:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1599814509.1|kiiygevNgun0.mWgqsLommOns; Version=1; Expires=Sat, 26-Sep-2020 08:55:10 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.193.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 11 Sep 2020 08:55:10 GMT
content-type: text/html
content-length: 316
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK Cookie set beacon
ap.lijit.com/ Frame 2CB5 0
0 40ms
40ms Document
text/html 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13394437
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=07c11d4a2cf3056e13921c86
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

Server: nginx
Date: Fri, 11 Sep 2020 08:55:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxlkDkSwDAIA%2F%2FiOgWywUC%2Blsnf4xwNSrmMWQkfDW2HZaZIQrZmCFuTKZCuuCdzVu4VR0VHZUjllUR%2BkNDfPFHk%2BDb85whyUMeg1KCWocTUKdhHDTr5%2Bnx%2FMcz9Ya83DPIp7WtWNnpv5d7zArdBU6o%3D;Path=/;Domain=.lijit.com;Expires=Sat, 11-Sep-2021 08:55:10 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=07c11d4a2cf3056e13921c86;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Sat, 11-Sep-2021 08:55:10 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap5ams1

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame CE5A 0
0 39ms
38ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=159196:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
ETag: "13006b6-94fd-5abd223c2ac92"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=103740
Expires: Sat, 12 Sep 2020 13:44:10 GMT
Date: Fri, 11 Sep 2020 08:55:10 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 sync
eb2.3lift.com/ Frame 7E67 0
0 1133ms
31ms Document
text/html 52.59.125.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.125.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-125-145.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=8688290109584059377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

status: 200
date: Fri, 11 Sep 2020 08:55:11 GMT
content-type: text/html; charset=utf-8
content-length: 468
set-cookie: sync=CgoIgQIQ_NeA48cuCgoIoQEQ_NeA48cuCgoI4gEQ_NeA48cuCgoI5gEQ_NeA48cuCgoI1gEQ_NeA48cuCgoIhwIQ_NeA48cuCgkIOhD814Djxy4KCQgLEPzXgOPHLgoJCF8Q_NeA48cuCgkIHxD814Djxy4=; Max-Age=7776000; Expires=Thu, 10 Dec 2020 08:55:11 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=8688290109584059377; Max-Age=7776000; Expires=Thu, 10 Dec 2020 08:55:11 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H/1.1

200
OK

2000891.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 84DF
Redirect Chain

https://sync.serverbid.com/ss/2000891.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html

0
0

92ms
19ms

Document
text/html

205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

Date: Fri, 11 Sep 2020 08:55:11 GMT
Connection: Keep-Alive
Cache-Control: max-age=31939
Content-Length: 4947
Content-Type: text/html
Last-Modified: Wed, 20 Nov 2019 20:29:05 GMT
Accept-Ranges: bytes
ETag: "1b0ebac83fe30af80513039edbdf566f"
x-amz-request-id: tx0000000000000011a29b5-005f5a66b2-3d23690-nyc3a
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1599814511.dop006.pa1.t,1599814511.cds204.pa1.shn,1599814511.cds204.pa1.c

Redirect headers

status: 302
content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
cache-control: no-cache

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame A1DD 0
0 53ms
53ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu3J576ZFHOusT2oCWDGFUXIXiL9K1yv8wNUuQw1v0N7O/GHFHInoAX9UM8CP6/6VPKGajCebujdy0A1b3+vmJA0ZLc6qJsyB+6eej/GZLgKraMB; ses15=; vis15=300372^1; khaos=KEY091ZU-4-D7G4; ses2=; vis2=300372^1; audit=1|hLZGFuTafB1KCOhr+LnEPnQnVL2heOLCkhVcA5RDeub10v052X1dTUD3pCcW8TpHcpj76PKZXj8oT2OqK/B16qwRNgFmLHdP; pux=1512%3D93753%262231%3D93753%262249%3D93753%262307%3D93753%262974%3D93753%263778%3D93753%26idl%3D93753%262249-DV360-Hosted%3D93753%26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 19 Aug 2020 18:23:01 GMT
Content-Encoding: gzip
Content-Length: 9455
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=54224
Expires: Fri, 11 Sep 2020 23:58:54 GMT
Date: Fri, 11 Sep 2020 08:55:10 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame D47D 0
0 53ms
52ms Document
text/html 23.210.249.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-83.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIzLJhEAoYASABKAEw6_bs-gU4AUABSAEQ6_bs-gUYAA..; uuid2=1838061608304456015
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/

Response headers

Last-Modified: Tue, 24 Mar 2020 15:52:19 GMT
ETag: "5e7a2cb3-cefd"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17037
Cache-Control: max-age=86402
Expires: Sat, 12 Sep 2020 08:55:12 GMT
Date: Fri, 11 Sep 2020 08:55:10 GMT
Connection: keep-alive

GET
H2 403 /
c1.adform.net/serving/cookie/match/ 0
187 B 61ms
58ms Image
text/plain 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?CC=1&party=15&gdpr=1&gdpr_consent=&curl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55944%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3d1%26gdpr_consent%3d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:10 GMT
server: nginx
status: 403
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2

204

setuid
aas.dc-1.net/
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Faas.dc-1.net%2Fsetuid%3FA%3D8f7725b2-fe52-4a01-adcd-b1969cf32882%26D%3D%26bidder%3Dindex_rtb%26uid%3D
https://aas.dc-1.net/setuid?A=8f7725b2-fe52-4a01-adcd-b1969cf32882&D=&bidder=index_rtb&uid=X1s7bVVbLnUAAAceTZoAAABd%261853

0
193 B

242ms
99ms

Image
text/plain

18.210.170.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aas.dc-1.net/setuid?A=8f7725b2-fe52-4a01-adcd-b1969cf32882&D=&bidder=index_rtb&uid=X1s7bVVbLnUAAAceTZoAAABd%261853
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.170.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 11 Sep 2020 08:55:10 GMT
cache-control: max-age=0, private, must-revalidate
server: Cowboy

Redirect headers

Pragma: no-cache
Date: Fri, 11 Sep 2020 08:55:10 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://aas.dc-1.net/setuid?A=8f7725b2-fe52-4a01-adcd-b1969cf32882&D=&bidder=index_rtb&uid=X1s7bVVbLnUAAAceTZoAAABd%261853
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 318
Expires: Fri, 11 Sep 2020 08:55:10 GMT

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
104 B 94ms
64ms Image
text/plain 2a02:fa8:8806:13::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A7d92850a-f40c-11ea-a49a-12795fd23bd8&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 11 Sep 2020 08:55:10 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

204

setuid
aas.dc-1.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Faas.dc-1.net%2Fsetuid%3FA%3D8f7725b2-fe52-4a01-adcd-b1969cf32882%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
https://aas.dc-1.net/setuid?A=8f7725b2-fe52-4a01-adcd-b1969cf32882&D=&bidder=appnexus&uid=1838061608304456015

0
193 B

373ms
97ms

Image
text/plain

18.210.170.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aas.dc-1.net/setuid?A=8f7725b2-fe52-4a01-adcd-b1969cf32882&D=&bidder=appnexus&uid=1838061608304456015
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.170.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 11 Sep 2020 08:55:10 GMT
cache-control: max-age=0, private, must-revalidate
server: Cowboy

Redirect headers

Pragma: no-cache
Date: Fri, 11 Sep 2020 08:55:10 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.42:80
AN-X-Request-Uuid: 961c80b5-dc35-4f33-aa1e-a54e9254cae7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://aas.dc-1.net/setuid?A=8f7725b2-fe52-4a01-adcd-b1969cf32882&D=&bidder=appnexus&uid=1838061608304456015
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 62ms
60ms Image
image/gif 52.212.184.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.184.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:10 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2

204

setuid
aas.dc-1.net/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faas.dc-1.net%2Fsetuid%3FA%3D8f7725b2-fe52-4a01-adcd-b1969cf32882%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
https://aas.dc-1.net/setuid?A=8f7725b2-fe52-4a01-adcd-b1969cf32882&D=&bidder=pubmatic&uid=C5A06737-282A-47D2-8931-B627560B81DE

0
198 B

98ms
98ms

Image
text/plain

18.210.170.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aas.dc-1.net/setuid?A=8f7725b2-fe52-4a01-adcd-b1969cf32882&D=&bidder=pubmatic&uid=C5A06737-282A-47D2-8931-B627560B81DE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.170.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 11 Sep 2020 08:55:10 GMT
cache-control: max-age=0, private, must-revalidate
server: Cowboy

Redirect headers

Location: https://aas.dc-1.net/setuid?A=8f7725b2-fe52-4a01-adcd-b1969cf32882&D=&bidder=pubmatic&uid=C5A06737-282A-47D2-8931-B627560B81DE
Date: Fri, 11 Sep 2020 08:55:10 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length: 458
Content-Type: text/html; charset=iso-8859-1

GET
H2

204

sync
pixel.advertising.com/ups/55965/
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=YnET2mR1ENp6JEDaZ3ILiGYiE9l6JkeINi49AjNs

0
124 B

51ms
51ms

Image
text/plain

52.57.10.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=YnET2mR1ENp6JEDaZ3ILiGYiE9l6JkeINi49AjNs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.10.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 11 Sep 2020 08:55:10 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:10 GMT
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=YnET2mR1ENp6JEDaZ3ILiGYiE9l6JkeINi49AjNs
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

204

setuid
aas.dc-1.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Faas.dc-1.net%2Fsetuid%3FA%3D8f7725b2-fe52-4a01-adcd-b1969cf32882%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
https://aas.dc-1.net/setuid?A=8f7725b2-fe52-4a01-adcd-b1969cf32882&D=&bidder=sovrn&uid=07c11d4a2cf3056e13921c86

0
193 B

322ms
99ms

Image
text/plain

18.210.170.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aas.dc-1.net/setuid?A=8f7725b2-fe52-4a01-adcd-b1969cf32882&D=&bidder=sovrn&uid=07c11d4a2cf3056e13921c86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.170.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 11 Sep 2020 08:55:10 GMT
cache-control: max-age=0, private, must-revalidate
server: Cowboy

Redirect headers

Date: Fri, 11 Sep 2020 08:55:10 GMT
Server: nginx
Location: https://aas.dc-1.net/setuid?A=8f7725b2-fe52-4a01-adcd-b1969cf32882&D=&bidder=sovrn&uid=07c11d4a2cf3056e13921c86
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 sync
pixel.advertising.com/ups/56465/ 0
124 B 39ms
37ms Image
text/plain 52.57.10.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.10.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 11 Sep 2020 08:55:10 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ 0
353 B 38ms
37ms Image
text/html 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1599814506&vid_playerVer=3.1.0&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f5b3b6aadcb0&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=500&viewPct={%22w%22:0,%22h%22:0}&cbuster=1599814512287&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f5b3b6adf0ed&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:11 GMT
content-encoding: gzip
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3CF8 144 B
836 B 42ms
41ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

fd1cddbf6591e5d3a909055fb4e878005dbf8348447dbe0b611b3c3d9f383276

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Sep 2020 08:55:16 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid: ffbc9e7d-10e2-443a-8691-a0f3d5a07d9c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 3CF8 0
59 B 39ms
39ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 11 Sep 2020 08:55:16 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://threatpost.com

GET
H2 200 avjp Show response
teachingaids-d.openx.net/v/1.0/ Frame 3CF8 92 B
282 B 44ms
42ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=dd1ecc1a-709b-4fe9-973a-5afd0d17fc8d&nocache=1599814516379&gdpr_consent=&gdpr=1&schain=1.0,1!admetricspro.com,1005,1,,,&skip=1&auid=540882778&vwd=320&vht=180
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:16 GMT
via: 1.1 google
server: OXGW/16.193.0
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 92
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 3CF8 0
215 B 242ms
241ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 3CF8 25 B
673 B 122ms
121ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=435871&v=8.1&r={%22id%22:%2243dcaacd858c95e%22,%22imp%22:[{%22id%22:%22444fa6d168bad66%22,%22ext%22:{%22siteID%22:%22435871%22,%22sid%22:%22320x180%22},%22bidfloor%22:2.7,%22bidfloorcur%22:%22USD%22,%22video%22:{%22mimes%22:[%22video/mp4%22,%22application/javascript%22,%22video/webm%22],%22minduration%22:1,%22maxduration%22:200,%22api%22:[1,2],%22protocols%22:[1,2,3,4,5,6],%22linearity%22:1,%22startdelay%22:0,%22skip%22:1,%22w%22:320,%22h%22:180,%22placement%22:1}},{%22id%22:%2245c4aeb0af45cba%22,%22ext%22:{%22siteID%22:%22435870%22,%22sid%22:%22320x180%22},%22bidfloor%22:2.7,%22bidfloorcur%22:%22USD%22,%22video%22:{%22mimes%22:[%22video/mp4%22,%22application/javascript%22,%22video/webm%22],%22minduration%22:1,%22maxduration%22:200,%22api%22:[1,2],%22protocols%22:[1,2,3,4,5,6],%22linearity%22:1,%22startdelay%22:0,%22skip%22:1,%22w%22:320,%22h%22:180,%22placement%22:1}}],%22site%22:{%22page%22:%22https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F%22},%22ext%22:{%22source%22:%22prebid%22},%22source%22:{%22ext%22:{%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22admetricspro.com%22,%22sid%22:%221005%22,%22hp%22:1}]}}},%22regs%22:{%22ext%22:{%22gdpr%22:1}},%22user%22:{%22ext%22:{%22consent%22:%22%22}}}&ac=j&sd=1&nf=1
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: abf06d8839953c53ac2e250b83e80e30c99fa8216df15afd9d0b6404bd05c618

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Sep 2020 08:55:16 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 45
Expires: Fri, 11 Sep 2020 08:55:16 GMT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ 43 B
437 B 40ms
39ms Image
image/gif 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=6&serverTime=1599814507&vid_playerVer=3.1.0&s=58057&sta=12381370&x=320&y=180&msta=12348808&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f5b3b6aadcb0&rvn=${VP_RVN_MACRO}&attemptMultiplier=10&contentFileId=0&mediaPlayListId=0&mediaListId=0&cbuster=1599814516372&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f5b3b6adf0ed&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:15 GMT
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="pixel.gif"
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 3CF8 0
215 B 311ms
311ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 171621 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 3CF8 0
1 KB 82ms
81ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/171621
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 11 Sep 2020 08:55:16 GMT
X-SpotX-Timing-Transform: 0.000283
X-SpotX-Timing-SpotMarket: 0.027436
X-SpotX-Timing-Page-Mux: 0.000228
X-SpotX-Timing-Page-Require: 0.000294
X-fe: 134
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000033
X-SpotX-Timing-Page: 0.032222
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000250
Last-Modified: Fri, 11 Sep 2020 08:55:16 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.021737
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://threatpost.com
X-SpotX-Timing-Page-Misc: 0.003687
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.005699
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 3CF8 173 B
380 B 32ms
32ms XHR
application/json 3.120.64.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.64.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-64-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 10f0d5686d912f7294d1a0626266658ad1f08cf6e7bb2c287cd9488acd7bd10a

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:16 GMT
content-encoding: gzip
status: 200
content-type: application/json
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 167
expires: 0

GET
H2 200 avjp Show response
primis-d.openx.net/v/1.0/ Frame 3CF8 92 B
282 B 104ms
104ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=79a04145-f78f-4e75-af90-72f6fa2a1e2d&nocache=1599814516629&gdpr_consent=&gdpr=1&schain=1.0,1!admetricspro.com,1005,1,,,!primis.tech,19668,1,,,&skip=1&auid=540392761&vwd=320&vht=180
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:16 GMT
via: 1.1 google
server: OXGW/16.193.0
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 92
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ 0
353 B 42ms
42ms Image
text/html 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=25&serverTime=1599814506&vid_playerVer=3.1.0&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f5b3b6aadcb0&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=1000&cbuster=1599814517066&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f5b3b6adf0ed&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:16 GMT
content-encoding: gzip
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 3CF8 0
59 B 40ms
40ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 11 Sep 2020 08:55:17 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://threatpost.com

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 3CF8 25 B
673 B 270ms
270ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=435871&v=8.1&r={%22id%22:%2256c1d2b0b346169%22,%22imp%22:[{%22id%22:%225758675e7be966e%22,%22ext%22:{%22siteID%22:%22435871%22,%22sid%22:%22320x180%22},%22bidfloor%22:2.4,%22bidfloorcur%22:%22USD%22,%22video%22:{%22mimes%22:[%22video/mp4%22,%22application/javascript%22,%22video/webm%22],%22minduration%22:1,%22maxduration%22:200,%22api%22:[1,2],%22protocols%22:[1,2,3,4,5,6],%22linearity%22:1,%22startdelay%22:0,%22skip%22:1,%22w%22:320,%22h%22:180,%22placement%22:1}},{%22id%22:%2258ef4f30edf525d%22,%22ext%22:{%22siteID%22:%22435870%22,%22sid%22:%22320x180%22},%22bidfloor%22:2.4,%22bidfloorcur%22:%22USD%22,%22video%22:{%22mimes%22:[%22video/mp4%22,%22application/javascript%22,%22video/webm%22],%22minduration%22:1,%22maxduration%22:200,%22api%22:[1,2],%22protocols%22:[1,2,3,4,5,6],%22linearity%22:1,%22startdelay%22:0,%22skip%22:1,%22w%22:320,%22h%22:180,%22placement%22:1}}],%22site%22:{%22page%22:%22https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F%22},%22ext%22:{%22source%22:%22prebid%22},%22source%22:{%22ext%22:{%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22admetricspro.com%22,%22sid%22:%221005%22,%22hp%22:1}]}}},%22regs%22:{%22ext%22:{%22gdpr%22:1}},%22user%22:{%22ext%22:{%22consent%22:%22%22}}}&ac=j&sd=1&nf=1
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 03028c2011cf72dc860803b62fbd095c0edbd63867bc69c6ae10103be9438435

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Sep 2020 08:55:17 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 45
Expires: Fri, 11 Sep 2020 08:55:17 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3CF8 144 B
835 B 37ms
37ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

fdb56f53220617f49ce1bf71c50a7b5c8e632d19d408e51176db64da085a4293

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Sep 2020 08:55:17 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.42:80
AN-X-Request-Uuid: 2c551aad-b8fa-4fcc-8ec8-63ff77c6fd1c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 3CF8 0
215 B 244ms
243ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 avjp Show response
teachingaids-d.openx.net/v/1.0/ Frame 3CF8 92 B
282 B 102ms
102ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=b11f2324-cbc6-4ae8-b21b-b679accfd9c0&nocache=1599814517297&gdpr_consent=&gdpr=1&schain=1.0,1!admetricspro.com,1005,1,,,&skip=1&auid=540882778&vwd=320&vht=180
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:17 GMT
via: 1.1 google
server: OXGW/16.193.0
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 92
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ 0
353 B 39ms
39ms Image
text/html 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1599814506&vid_playerVer=3.1.0&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f5b3b6aadcb0&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=501&viewPct={%22w%22:0,%22h%22:0}&cbuster=1599814517299&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f5b3b6adf0ed&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:16 GMT
content-encoding: gzip
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 3CF8 173 B
380 B 33ms
33ms XHR
application/json 3.120.64.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.64.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-64-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c27f87c9d32778e1ffd15ec0206ad68dd1dee12747e2ff5c5b54902414d2e8f9

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:17 GMT
content-encoding: gzip
status: 200
content-type: application/json
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 167
expires: 0

GET
H2 200 avjp Show response
primis-d.openx.net/v/1.0/ Frame 3CF8 92 B
282 B 87ms
87ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=d11a598d-9cd5-47f1-9161-733ecc4c4de7&nocache=1599814517572&gdpr_consent=&gdpr=1&schain=1.0,1!admetricspro.com,1005,1,,,!primis.tech,19668,1,,,&skip=1&auid=540392761&vwd=320&vht=180
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:17 GMT
via: 1.1 google
server: OXGW/16.193.0
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 92
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 3CF8 0
215 B 295ms
294ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 171621 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 3CF8 0
1 KB 74ms
74ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/171621
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 11 Sep 2020 08:55:17 GMT
X-SpotX-Timing-Transform: 0.000269
X-SpotX-Timing-SpotMarket: 0.021264
X-SpotX-Timing-Page-Mux: 0.000285
X-SpotX-Timing-Page-Require: 0.000354
X-fe: 082
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000033
X-SpotX-Timing-Page: 0.025100
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000310
Last-Modified: Fri, 11 Sep 2020 08:55:17 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.016356
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://threatpost.com
X-SpotX-Timing-Page-Misc: 0.002572
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.004908
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ 43 B
437 B 38ms
37ms Image
image/gif 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=6&serverTime=1599814507&vid_playerVer=3.1.0&s=58057&sta=10813933&x=320&y=180&msta=12348808&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f5b3b6aadcb0&rvn=${VP_RVN_MACRO}&attemptMultiplier=10&contentFileId=0&mediaPlayListId=0&mediaListId=0&cbuster=1599814517568&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f5b3b6adf0ed&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:16 GMT
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="pixel.gif"
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ 43 B
437 B 39ms
38ms Image
image/gif 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=6&serverTime=1599814507&vid_playerVer=3.1.0&s=58057&sta=11623857&x=320&y=180&msta=12348808&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f5b3b6aadcb0&rvn=${VP_RVN_MACRO}&attemptMultiplier=10&contentFileId=0&mediaPlayListId=0&mediaListId=0&cbuster=1599814517568&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f5b3b6adf0ed&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:16 GMT
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="pixel.gif"
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK chunklist_480.m3u8 Show response
video.sekindo.com/uploads/cn18/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5f59fc3db2dba935186371.mp4/ 410 B
810 B 211ms
25ms XHR
application/vnd.apple.mpegurl 185.127.17.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn18/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5f59fc3db2dba935186371.mp4/chunklist_480.m3u8
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.17.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 632cf82ec4be5ee97b8814e106355181ccc55ccdd157ff7a09f3d5b1481c9ab4

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:16 GMT
last-modified: Thu, 10 Sep 2020 11:01:16 GMT
Server: Tengine
etag: "5f5a077c-19a"
Content-Type: application/vnd.apple.mpegurl
access-control-allow-origin: *
expires: Fri, 18 Sep 2020 08:55:16 GMT
cache-control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 410
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_480_00000.ts Show response
video.sekindo.com/uploads/cn18/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5f59fc3db2dba935186371.mp4/ 296 KB
297 KB 82ms
81ms XHR
video/mp2t 185.127.17.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn18/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5f59fc3db2dba935186371.mp4/w_480_00000.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.17.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 5c34b69c767c18ca7b8c460ecbbfceb9fa3c1b6a481e017e5c020d020210a4e3

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:16 GMT
last-modified: Thu, 10 Sep 2020 11:01:16 GMT
Server: Tengine
etag: "5f5a077c-4a148"
Content-Type: video/mp2t
access-control-allow-origin: *
expires: Fri, 18 Sep 2020 08:55:16 GMT
cache-control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 303432
X-Proxy-Cache: HIT

GET
BLOB 200
OK 7b9a593d-ed0d-47ac-b99c-cef8273cffef
https://threatpost.com/ 65 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://threatpost.com/7b9a593d-ed0d-47ac-b99c-cef8273cffef
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 66258
Content-Type: text/javascript

GET
H/1.1 200
OK w_480_00001.ts Show response
video.sekindo.com/uploads/cn18/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5f59fc3db2dba935186371.mp4/ 276 KB
277 KB 26ms
26ms XHR
video/mp2t 185.127.17.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn18/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5f59fc3db2dba935186371.mp4/w_480_00001.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.17.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: f4dba580811e445da1fbadc71dfd16b390c0945adf1e407f1d2d2486fc505e97

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:16 GMT
last-modified: Thu, 10 Sep 2020 11:01:16 GMT
Server: Tengine
etag: "5f5a077c-451f8"
Content-Type: video/mp2t
access-control-allow-origin: *
expires: Fri, 18 Sep 2020 08:55:16 GMT
cache-control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 283128
X-Proxy-Cache: HIT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ 0
353 B 40ms
40ms Image
text/html 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=16&serverTime=1599814506&vid_playerVer=3.1.0&s=0&sta=12348808&x=320&y=180&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=82.102.18.114&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f5b3b6aadcb0&contentFileId=1001144&mediaPlayListId=5946&mediaListId=4734&contentMatchType=&isExcludeFromOpt=0&cbuster=1599814518369&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f5b3b6adf0ed&pubUrl=https%3A%2F%2Fthreatpost.com%2Fspyware-labeled-tiktok-pro-exploits-fears-of-us-ban%2F159050%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 08:55:17 GMT
content-encoding: gzip
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK w_480_00002.ts Show response
video.sekindo.com/uploads/cn18/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5f59fc3db2dba935186371.mp4/ 264 KB
265 KB 35ms
34ms XHR
video/mp2t 185.127.17.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn18/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5f59fc3db2dba935186371.mp4/w_480_00002.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.17.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 19f81f440497b0c087b3021a09697ae55bc6f7ddb4cf1dc0041cb56c3b2f2e19

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:16 GMT
last-modified: Thu, 10 Sep 2020 11:01:16 GMT
Server: Tengine
etag: "5f5a077c-42180"
Content-Type: video/mp2t
access-control-allow-origin: *
expires: Fri, 18 Sep 2020 08:55:16 GMT
cache-control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 270720
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_480_00003.ts Show response
video.sekindo.com/uploads/cn18/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5f59fc3db2dba935186371.mp4/ 205 KB
205 KB 27ms
27ms XHR
video/mp2t 185.127.17.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn18/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5f59fc3db2dba935186371.mp4/w_480_00003.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.17.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: b7bd8780ebdc32932910dbe8e0e53d9d89e19b477b0d4dcb9805edc8cb993457

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:16 GMT
last-modified: Thu, 10 Sep 2020 11:01:16 GMT
Server: Tengine
etag: "5f5a077c-33390"
Content-Type: video/mp2t
access-control-allow-origin: *
expires: Fri, 18 Sep 2020 08:55:16 GMT
cache-control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 209808
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_480_00004.ts Show response
video.sekindo.com/uploads/cn18/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5f59fc3db2dba935186371.mp4/ 267 KB
267 KB 26ms
26ms XHR
video/mp2t 185.127.17.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn18/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5f59fc3db2dba935186371.mp4/w_480_00004.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.17.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: e92c358365224e6865a64727b65888e934e49181adc870a8b561eab6ae5ae964

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:16 GMT
last-modified: Thu, 10 Sep 2020 11:01:16 GMT
Server: Tengine
etag: "5f5a077c-42b0c"
Content-Type: video/mp2t
access-control-allow-origin: *
expires: Fri, 18 Sep 2020 08:55:16 GMT
cache-control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 273164
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_480_00005.ts Show response
video.sekindo.com/uploads/cn18/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5f59fc3db2dba935186371.mp4/ 293 KB
294 KB 27ms
27ms XHR
video/mp2t 185.127.17.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn18/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5f59fc3db2dba935186371.mp4/w_480_00005.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.17.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 02e0c87829426ac7277ad8b1784456dd313d7cacfe4f7b0b702809b0db349e6b

Request headers

Referer: https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 08:55:16 GMT
last-modified: Thu, 10 Sep 2020 11:01:16 GMT
Server: Tengine
etag: "5f5a077c-49588"
Content-Type: video/mp2t
access-control-allow-origin: *
expires: Fri, 18 Sep 2020 08:55:16 GMT
cache-control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 300424
X-Proxy-Cache: HIT

Verdicts & Comments Add Verdict or Comment

255 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pubmatic.com/	1970-01-19 12:25:00	Name: pi Value: 159196:2
.ads.pubmatic.com/	1970-01-19 12:25:00	Name: KCCH Value: YES
.threatpost.com/	1970-01-19 21:48:03	Name: __qca Value: P0-1566517433-1599814507201
.threatpost.com/	1970-01-20 05:54:46	Name: _ga Value: GA1.2.1015411197.1599814507
.threatpost.com/	1970-01-19 12:25:00	Name: _gid Value: GA1.2.13939682.1599814507
.threatpost.com/	1970-01-19 12:23:34	Name: _gat_UA-35676203-21 Value: 1
.pubmatic.com/	1970-01-19 14:33:10	Name: KTPCACOOKIE Value: YES
.threatpost.com/	1970-01-20 05:54:46	Name: __gads Value: ID=38617f082ecbf210-22e57e3ed7b80098:T=1599814507:S=ALNI_MarnwMdzJVhVqSsWQ59EtiYiOgq1A

41 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 372) Message: gBrowserWidth =1600
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 397) Message: OpenX Slot defined for /21707124336/ThreatPost-970x250-ATF div-gpt-ad-6794670-2
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 397) Message: OpenX Slot defined for /21707124336/ThreatPost-300x250-ATF div-gpt-ad-6794670-3
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 397) Message: OpenX Slot defined for /21707124336/ThreatPost-300x600-ATF div-gpt-ad-6794670-5
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 397) Message: OpenX Slot defined for /21707124336/ThreatPost-2x2-Skin div-gpt-ad-6794670-1
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 27) Message: CMP: Startup v238
console-api	warning	URL: https://qd.admetricspro.com/js/threatpost/prebid.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: ENGINE: gSChainNodes found, prebid configured with 1 supply chain object(s)
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: ENGINE: final pbjs config
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: [object Object]
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: Initial Ad Load
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 27) Message: __uspLaunch begin
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 27) Message: CMP: No existing consent found in cookie, local or session storage
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 27) Message: CMP: checking non TCF vendor cookie
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 27) Message: CMP: No existing non-TCF consent found in cookie, local or session storage
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 27) Message: __uspLaunch(): addEventListener:
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 27) Message: [object Object]
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 27) Message: CMP: Locale=en-us gdpr= false
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 27) Message: CMP: GDPR does not apply
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 27) Message: __uspLaunch(): addEventListener:
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 27) Message: [object Object]
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests() gPBJSTimeoutTimer=null pbjs.adserverRequestSent=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: Amazon bids returned, count=4
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: [object Object],[object Object],[object Object],[object Object]
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: pbjs bids returned
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: gPBJSTimeoutTimer cleared
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendAdserverRequest(): pbjsBidsBack
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendAdserverRequest()
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: pbjs.getAdserverTargeting: >> Amazon >> Prebid
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: [object Object]
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: pbjs.getBidResponses:
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: [object Object]
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: gThisRefreshSlots=
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: [object Object],[object Object],[object Object],[object Object]
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendAdserverRequest(): ---> Calling googletag.pubads().refresh()
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: console.groupEnd
console-api	info	URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2009010507000 https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
console-api	info	URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2009010507000 https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
console-api	info	URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2009010507000 https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
console-api	info	URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2009010507000 https://threatpost.com/spyware-labeled-tiktok-pro-exploits-fears-of-us-ban/159050/
console-api	warning	URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_24R7ziys_w-TR__jpIp5-ZgptkJta594NdfInJV72kvNguchH8WDQ-gqX_Gxem7K0HCAIkEe_M555S9_72Z8kzLjsESb-DZ2Ep2fZu99YVsdTwGjyVqjriS2Yd4g7Z9dDLBvvSjIqVvO1RmsmxH7qAqC3ElFuEX5q4I71HOj32_AhszQqmmf7tbn1qsS_-XiMUXXxaBUISCebYylGYMQpNLfgys9I1NH7Yi5Hsrbncj82Q5r_WtEeSh6y1psJH5P0cn4mPfnTjpEJWfG5PXv&sai=AMfl-YQb5vvNgJNLIHjK2pWz3x-Rf-wI6rSmp4cWy_9Zlj7FadBhVyGPk3vzY_9BlCqUqVu3l_gYA2wtmqIfxOkUS0lLoXiDgyov6rU4rGgHMtKlP2iUsOsVsycR4By6fvQ&sig=Cg0ArKJSzNu7ymQILCEYEAE&adurl=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

332def0639a087c9e01f4dfef2d8e2dd.safeframe.googlesyndication.com
aas.dc-1.net
acdn.adnxs.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.servenobid.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
analytics.twitter.com
aol-match.dotomi.com
ap.lijit.com
as-sec.casalemedia.com
assets.threatpost.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cm.g.doubleclick.net
csync.loopme.me
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
hbopenbid.pubmatic.com
i1.wp.com
ib.adnxs.com
image2.pubmatic.com
js-sec.indexww.com
kasperskycontenthub.com
live.sekindo.com
match.adsrvr.org
media.threatpost.com
mx.zerofox.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
primis-d.openx.net
public.servenobid.com
qd.admetricspro.com
rules.quantcount.com
search.spotxchange.com
secure.gravatar.com
secure.quantserve.com
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ssum.casalemedia.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
sync.serverbid.com
t.co
tagan.adlightning.com
teachingaids-d.openx.net
threatpost.com
tlx.3lift.com
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
video.sekindo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.reddit.com
x.bidswitch.net
100.24.218.250
104.111.230.142
104.20.45.237
104.244.42.3
104.244.42.5
134.209.131.220
143.204.215.61
151.101.12.157
151.101.14.49
172.217.23.98
18.156.0.31
18.203.164.24
18.210.170.92
185.127.17.52
185.220.204.204
185.33.221.11
185.64.189.110
185.64.189.112
185.94.180.123
185.94.180.126
192.0.77.2
195.201.246.119
199.232.53.140
205.185.216.42
206.189.254.17
216.52.2.48
216.58.206.2
23.210.249.164
23.210.249.83
23.210.249.92
2600:9000:2057:200:6:44e3:f8c0:93a1
2600:9000:2156:4800:2:9275:3d40:93a1
2600:9000:21f3:8a00:0:5c46:4f40:93a1
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:e2::ac40:861f
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:21::14
2620:1ec:bdf::10
2a00:1288:110:c305::8000
2a00:1450:4001:808::2001
2a00:1450:4001:809::200a
2a00:1450:4001:815::2003
2a00:1450:4001:816::2002
2a00:1450:4001:818::2002
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:820::2001
2a00:1450:4001:824::2001
2a00:1450:4001:824::2008
2a00:1450:4001:825::200e
2a00:1450:400c:c00::9c
2a02:fa8:8806:13::1430
2a03:2880:f01c:800e:face:b00c:0:2
2a04:fa87:fffe::c000:4902
3.120.64.232
35.157.226.135
35.173.160.135
35.244.159.8
37.157.4.25
52.212.184.249
52.28.149.230
52.29.183.32
52.57.10.248
52.59.125.145
69.173.144.140
99.86.5.213
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14
00d4fbacbadc6ecbd73be323ec77febf3d856ce00dc5334d06462a315c7da8e7
0119689800eadf6270855a19b65d74251e7da6be5e4686f36c15bf81281ddb4c
01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c
02d1987da8d124b2d60a3277ea3af1e7f8f6a979f365c355e30ef1ac4d663d29
02e0c87829426ac7277ad8b1784456dd313d7cacfe4f7b0b702809b0db349e6b
03028c2011cf72dc860803b62fbd095c0edbd63867bc69c6ae10103be9438435
031a8a375b4bbd8bbf37ff37f05d37e1a64288c8d08053bf3a6792801870976c
039f2a12a4fefd4b33bcae31f1f2f17d12cf51f4e6301792ada3885f412a2761
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
063a514420ebdd7a836d3d93841dddad453e3ff40556addbe271da3f312c41fd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0cf25abe73b03e246c0a820c825a1f433e36949c2cf456ce889d86e8dd9ec427
10f0d5686d912f7294d1a0626266658ad1f08cf6e7bb2c287cd9488acd7bd10a
12a24c1feb4b8e8e3872a9fedee80fcce55a6f59b14607d640fcf4f3054ec43e
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
15e9840f31982980328598c38e5c60434072901f2c902713ef9c4d4900e05307
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
19f81f440497b0c087b3021a09697ae55bc6f7ddb4cf1dc0041cb56c3b2f2e19
1b4ba96162cf2e5699c6ca627dece9a210d2056bf0c32cdea000b06b0342204c
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
21cb9221d772cfd0d3de7240fe5c07ee1c06b9bd945111a2e0491ae243eb0b41
21d98ae2b4353492ffe5c29d1425e6b499793f8d3af3e3b362c7720ba981420e
21e46fe44c6929876f5a413c843ae516c0ddfd1aad3e8e33446b7bc0a6781b08
226ece0a45af947ea2f87acbda563940604cae8cda048f278060c6a9cbb560c1
239fe44a63d6d1f00f687c296b2217df8befeb22fe4c6b01a0547355e5ef0088
25e9905af4313c7756de1f51f1431d35331fdf40b6a394a2e713ac804b9feb36
27fb8b952323e75440813cce206abda7235fc414d55cf3422c0d2bc00fdaa833
29257e6f0eaa20a411d881c29d9fdd181a811ec32b5fdd1cb46ec4bd4719861f
29c63a2b296e7b639deb0bf45d203cfda26134d8804ece8c344a35d0a46f57cd
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2baccee77572be967cd5f3bb9542a0f2874df3cf91402452ed65e24ce0e5f217
2dc67a54b1c238ebeb2cfdb5534e2735260d55125ee99fbc1313a95f7460dcd6
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d
2defb967cc832389234bf3b00efbfa13667b471693254fb4b1f7073da2c042e6
3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838
3435531b595fb1b2b529346e1df8c979a1fd727f56ea8c0d792316035440cac5
35e92b3c2fc4cf96c91347fb2ced20d7d0927f275449fd879fb8b2adb792ad94
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a
39f437357a2ffa0d788c9fc8563f3af59d73d529060cb407ac639513df958597
3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d
3c24c9b9d9a4f3726cf81118c06c45c8af0ac51c7f96f5d2a6c7a7a67651d1ea
41f3222c29889fb48f5dca1d481858e5339a759655510c256ef4edf56c80f7f5
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c048391de5e6664bb8361a5f39f9c95ae2816ecd13dce2e2b0cb04f6f461372
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a5cc4cc2ca2db6fb9499de88f18d1fbae26cae6328c53b98806bed0f17aa031
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf
5b0d23ccdf4dfc06cfcab66f38b0ec5a1885ad4972f928d98225223148cead74
5bf38cb24e092af3894993e47442b20d515159a8c4f82b590af1896b7a7ace3c
5c34b69c767c18ca7b8c460ecbbfceb9fa3c1b6a481e017e5c020d020210a4e3
5c5114fb62d567312ea67317599bd7421fb12a6f3fb123f052e09492ff9b8558
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
604b7529c0a44d41e672f0ba25d97652e2418263c9ce00c1581cddce2da42708
62d93965c2f575ec77be6ac931b39d08e962ed9b683d5b9843e29ee7dd8bb4e8
6325878fb4bf21abf04625fcda55ed3a463d92d549996be29efefe869055c34d
632cf82ec4be5ee97b8814e106355181ccc55ccdd157ff7a09f3d5b1481c9ab4
63a73b8edd14bae09fd92eed9f12ddb120bd751852b02fb3066a3751b814f701
670505acba726a6333181f1cedd527d7ebed390f52def6be7d90d1a35934c118
6a174b850b96326551eeba25b7b8da48200d0ba9bea289dddf738fc7866ef385
6b102873c575a2dbb70ac77fda23a602bee5d0c519149b5ca441510e8c5a5b56
6cdc57f82f4b0d09e5b4e584ca4736cd3871f20563d4ce25120b057d8ffb4eb2
6fca0b40781598023aed9b45225711771eafce8f14392a49d6ed57d567255002
7315d4062362b1dc51630b9e3dd2f6a47d2e4b561a0c925a9c353e62cb86d173
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7517792de8d4a1319afd85d8c3dcffe799ba5545129a650182e6c4b055302852
76102878c1198de858725194952ba1c6b35bdee0f870cc6a124e93d17385e64e
76a8c8ef4cde9cbd17bbaecf11ee316fab4e55cc661093e4b2d80a4e1ff52897
7860ef37e85676dcb81a99d7e5d6453bdacdf9d35aa45517a9ba9ea25bbd4c85
78f75ab2aed4cb1c3f11b10b04817b83b2179c8cbca1bdfbd7b5fe35ba5525b5
791135f98b21bbd99c1cbcd56e2827cab155856c144602a8749a57acaa5aa813
79542226b53eb3b5bdfe40b74856925123ebc5a37ac8d716648bc4bcfe633a7a
7c4dbc3ae2625b6f0a60cc155067aad081011b94a146912be50964c0039ab005
7e2b472509d9e149690aba45c5917ebdd2f52471b98d414c2726301b90e08f21
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fff1cafe6dba05db90ba87db30d1f3ffd76935ed585284954c59f270dc6a4ca
810c9c5a465ee6bdd669c1f69b4ca6325e85ecb7cc9d222beecf64aa22b1cf7a
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8353fcfb2b3a27636bc25269c7521b2d292129f18de6ca32e100bcd6b8fce94e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854f7a7915f240546d3950dd2b067466da13c013d04a3f8c790880c58ec61151
8581d6108c8b6f78740974a1d5061bbf88104d2b68a9c9f6ce3e7edb49d5f1d9
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb
8801f8fc54ab36eb09b5d000c8d18eab5780177ce573cd2889dc21cb8ba79ca6
8c5ef1eb596d75c03f5fa68e702a60af221b8b4c983bd9d10b9c162f9fdadeb6
8c665507e16736e1323acf89104e508e8cac863d30e8ca5ff5d6ac5303b25277
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f2eaa225d927efb41b590435b671345dbfaffab9693be84003e269bd612a067
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
9426385f91706a280f4ca459e5bee8478e62530692fda8a127bfce67f288e5e2
94ceb460a9845612e2ccfd0a3c54b8fc90b90a78581797f1a2403f8bfae09e7b
9aaf8ddd22b0389d07dd660c853ce82a811be92968f318721042d9a36a3aa7fc
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ee7d241bb9729ba813536e6a54d708b6d809a87f9d02457170d61904d52ac8
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22
aa90c2d77583dd25e7fbdc1411c8d718f29d9665ab48f985ffe6f3a38b34b6a7
abf06d8839953c53ac2e250b83e80e30c99fa8216df15afd9d0b6404bd05c618
ac276b36c24e247d8c755e4729fe8bb31c4021d986ca4039a45fada9625b319b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be
b0209d39595432d762f6ba2a81dc0bffa6a6e1ed9021ba24ffa06c3c7e4bcb02
b262e228a95a2cd07c848b20e43d39036c695be2d6e11ec4d3d9302dc4dcb064
b38e3464dee0d0f1007c2c1195c69202c8212455c982d1fddf214b8aeedcb417
b4284870751d6f3c294ca3e4e7b8144f09c00a8bb0e6af8a0eb0993d03a35de2
b434a0b7295a2c5cdaa73f0064815b7da5130faddfc18ac324b882cc81c136e7
b7bd8780ebdc32932910dbe8e0e53d9d89e19b477b0d4dcb9805edc8cb993457
c234e1f74fff003b0cd2eaf3ecf278def8ca577faf95a24dcc9281da2f11470f
c27f87c9d32778e1ffd15ec0206ad68dd1dee12747e2ff5c5b54902414d2e8f9
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
c75b106164ef7358fe124520bebcea209b3afb5ce214ef16446054f6c75534d4
c891a97818520e353cf5d0f67a18b98cc4c3b3dd7809bd38dc019b9c9d2994d3
c8e9453f995a8f169ce4ab04d4a8932042e01e92709317dc35490877c7b8c2da
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d1e1df10be0c5e49d999954f403b9c6e87c519c168b35d81390665e433c655fe
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af
d337aa4ea0cace6bd743ef8c3b5d1d20e6e676bb4a650c7335a7383635529f31
d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa
d40f4c8828f3801cc85e02b3645b2d4d94981ddc384cecc1af9ebcecfc4ddc42
d46e1ee137357a528299909dbd2e070220c0db397f68528ad4f515b377aa4943
d571aea1740b707b7c2789e84b2e985e691145541247d6982d0b795e9f8f8499
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d74d3cb4a1e0bc71df1ba64671be963ce2324403d892b728d255bf00c8bf8e31
d89d98593ac65c9f002b856f3e22a1479f3aea866f7fd15c85903c0a6d66f0e3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df247f3fd429b91f5687dd355f782d18231db9ddd6d86b8424bcf0a69d142298
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0
e92c358365224e6865a64727b65888e934e49181adc870a8b561eab6ae5ae964
e96cccd32e217d77100b2a1e935fde85c1bcfc6ebb96c4f913c3ee15ddc40436
ed1bd9b5fc31e624bb0b3ca2c510546c8a1bb6b41923e06768a735c75a9c704c
ed27c1a3263dace9445e50ad9f3c37e5f2be2a7a58189ef486596d51359b1b88
ee8d80d0be74777d3ae8804cb3a4f13ca91205a976c3ad7330f1bf065bd1d1bf
eeac0308b6a878340c311b33deeceb9d1460761239a680727b8409aac54876db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f158f67c125fdb6ecf0fa7923a678b17a8471596f6fa711a71febaad570a0ef4
f19e7ee6cdf20bd478c037707c447b7cd469051de4dadeac32a795efb463c2e2
f40e3d5b91387e92272b6d46fc83ce21041f130a29316d7216d3a1793d46c4f3
f4dba580811e445da1fbadc71dfd16b390c0945adf1e407f1d2d2486fc505e97
f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189
fb28873ff060162df3af7084bd21df6b375e08289a14cb77aba4956bbdfab791
fd1cddbf6591e5d3a909055fb4e878005dbf8348447dbe0b611b3c3d9f383276
fdb56f53220617f49ce1bf71c50a7b5c8e632d19d408e51176db64da085a4293

threatpost.com Open in urlscan Pro 35.173.160.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

294 Requests

98 %HTTPS

37 %IPv6

49 Domains

77 Subdomains

60 IPs

8 Countries

4898 kBTransfer

9771 kBSize

8 Cookies

16 Outgoing links

Page URL History

Redirected requests

294 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Screenshot
Live screenshot

Full Image

294
Requests

98 %
HTTPS

37 %
IPv6

49
Domains

77
Subdomains

60
IPs

8
Countries

4898 kB
Transfer

9771 kB
Size

8
Cookies

294 HTTP transactions
0 data transactions