urlscan.io logo urlscan.io
SecurityTrails logo

threatpost.com Open in urlscan Pro
35.173.160.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mkto-sj130112.com/MDAxLVZKWC0xMDQAAAGCEt0J8LI9v8JxgYvqLgXl6APRuu1d1YGIV5XGSM6TGKnoLOOfGOO5e-0sfujfZbJBhliqJek=
Effective URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&u...
Submission: On January 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 58 IPs in 8 countries across 45 domains to perform 203 HTTP transactions. The main IP is 35.173.160.135, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is threatpost.com. The Cisco Umbrella rank of the primary domain is 138175.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 2nd 2021. Valid for: a year.
This is the only time threatpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.17.70.206 13335 (CLOUDFLAR...)
17 35.173.160.135 14618 (AMAZON-AES)
9 18.64.79.46 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700:7::... 13335 (CLOUDFLAR...)
18 2600:9000:205... 16509 (AMAZON-02)
11 2600:9000:214... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
5 18.64.119.176 16509 (AMAZON-02)
1 19 151.101.130.137 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
15 142.250.186.130 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
1 151.101.12.157 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.89.31.187 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
1 104.244.42.5 13414 (TWITTER)
1 2600:9000:231... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 64.140.160.2 18450 (WEBNX)
1 104.244.42.195 13414 (TWITTER)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 51.89.21.30 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 185.33.220.244 29990 (ASN-APPNEX)
1 134.209.129.254 14061 (DIGITALOC...)
3 34.98.64.218 15169 (GOOGLE)
1 54.194.35.12 16509 (AMAZON-02)
3 18.184.27.79 16509 (AMAZON-02)
3 185.64.189.112 62713 (AS-PUBMATIC)
4 2602:803:c004... 26667 (RUBICONPR...)
5 213.19.147.42 3356 (LEVEL3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 72.251.249.9 29791 (VOXEL-DOT...)
3 2.21.111.28 16625 (AKAMAI-AS)
1 35.156.28.35 16509 (AMAZON-02)
2 147.75.61.140 ()
3 52.28.203.152 16509 (AMAZON-02)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
1 18.195.249.59 16509 (AMAZON-02)
2 2a00:1450:400... ()
2 2a00:1450:400... ()
1 2a00:1450:400... ()
1 2a00:1450:400... ()
3 2a00:1450:400... ()
1 8 185.29.134.249 ()
2 2602:803:c004... ()
1 2a00:1450:400... ()
2 46.4.10.49 ()
2 2.18.233.201 ()
1 185.29.132.241 ()
1 142.250.186.34 ()
203 58
1    104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)
mkto-sj130112.com
17    35.173.160.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com
threatpost.com
kasperskycontenthub.com
9    18.64.79.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-46.txl50.r.cloudfront.net
tagan.adlightning.com
4    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2606:4700:7::a29f:8a55 (United States)

ASN13335 (CLOUDFLARENET, US)
qd.admetricspro.com
18    2600:9000:2057:0:2:9275:3d40:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.threatpost.com
11    2600:9000:214f:2400:0:5c46:4f40:93a1 (United States)

ASN16509 (AMAZON-02, US)
media.threatpost.com
4    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    18.64.119.176 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-119-176.txl50.r.cloudfront.net
c.amazon-adsystem.com
19    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
vid.connatix.com
img.connatix.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
15    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
4    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    104.89.31.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-31-187.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    2600:9000:2315:7400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    64.140.160.2 (Ogden, United States)

ASN18450 (WEBNX, US)
PTR: threatintelligenceplatform.com
geo.ipify.org
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    51.89.21.30 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p25.id5-sync.com
id5-sync.com
1    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    134.209.129.254 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
3    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
teachingaids-d.openx.net
1    54.194.35.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-35-12.eu-west-1.compute.amazonaws.com
ads.servenobid.com
3    18.184.27.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-27-79.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
3    2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    35.156.28.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-28-35.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    147.75.61.140 (None, )

ASN- ()
prebid.a-mo.net
3    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    18.195.249.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-249-59.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
2    2a00:1450:4001:808::2002 (None, )

ASN- ()
adservice.google.se
adservice.google.de
2    2a00:1450:4001:830::2002 (None, )

ASN- ()
adservice.google.com
1    2a00:1450:4001:80f::2002 (None, )

ASN- ()
pagead2.googlesyndication.com
1    2a00:1450:4001:802::2001 (None, )

ASN- ()
bdfdb78263003bdb71a7b35e2f77bf9d.safeframe.googlesyndication.com
3    2a00:1450:4001:82a::2001 (None, )

ASN- ()
tpc.googlesyndication.com
8    185.29.134.249 (None, )

ASN- ()
tags.mathtag.com
2    2602:803:c004:200::154 (None, )

ASN- ()
beacon-fra2.rubiconproject.com
1    2a00:1450:4001:82f::2002 (None, )

ASN- ()
googleads.g.doubleclick.net
2    46.4.10.49 (None, )

ASN- ()
hal9000.redintelligence.net
2    2.18.233.201 (None, )

ASN- ()
pixel.mathtag.com
1    185.29.132.241 (None, )

ASN- ()
sync.mathtag.com
1    142.250.186.34 (None, )

ASN- ()
partner.googleadservices.com
Apex Domain
Subdomains		 Transfer
44 threatpost.com
threatpost.com — Cisco Umbrella Rank: 138175
assets.threatpost.com — Cisco Umbrella Rank: 330464
media.threatpost.com — Cisco Umbrella Rank: 284469
772 KB
19 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3412
cds.connatix.com — Cisco Umbrella Rank: 3516
capi.connatix.com — Cisco Umbrella Rank: 3102
vid.connatix.com — Cisco Umbrella Rank: 4031
img.connatix.com — Cisco Umbrella Rank: 4155
2 MB
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
bdfdb78263003bdb71a7b35e2f77bf9d.safeframe.googlesyndication.com
tpc.googlesyndication.com
229 KB
11 mathtag.com
tags.mathtag.com
pixel.mathtag.com
sync.mathtag.com
7 KB
10 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
googleads.g.doubleclick.net
176 KB
9 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1362
216 KB
7 admetricspro.com
qd.admetricspro.com — Cisco Umbrella Rank: 26329
324 KB
6 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 467
beacon-fra2.rubiconproject.com
11 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 13
adservice.google.com
3 KB
5 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1334
850 B
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 281
41 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 369
mug.criteo.com — Cisco Umbrella Rank: 2864
1 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
3 KB
4 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 418
711 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
138 KB
3 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 693
475 B
3 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 461
989 B
3 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
233 B
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1349
337 B
3 openx.net
teachingaids-d.openx.net — Cisco Umbrella Rank: 27698
1 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2366
mp.4dex.io — Cisco Umbrella Rank: 2499
24 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1872
id5-sync.com — Cisco Umbrella Rank: 596
12 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
2 redintelligence.net
hal9000.redintelligence.net
hal90006.redintelligence.net Failed
hal900016.redintelligence.net Failed
6 KB
2 a-mo.net
prebid.a-mo.net
577 B
2 google.de
www.google.de — Cisco Umbrella Rank: 5557
adservice.google.de
1 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1019
pixel.quantserve.com — Cisco Umbrella Rank: 424
10 KB
2 gstatic.com
www.gstatic.com
279 KB
2 kasperskycontenthub.com
kasperskycontenthub.com — Cisco Umbrella Rank: 316471
1 KB
1 googleadservices.com
partner.googleadservices.com
476 B
1 google.se
adservice.google.se
792 B
1 advertising.com
ads.adaptv.advertising.com — Cisco Umbrella Rank: 1127
215 B
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 600
311 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
643 B
1 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1823
597 B
1 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3054
984 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
17 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 537
459 B
1 ipify.org
geo.ipify.org — Cisco Umbrella Rank: 67728
599 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 898
354 B
1 t.co
t.co — Cisco Umbrella Rank: 487
336 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 2705
17 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 630
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
60 KB
1 mkto-sj130112.com
mkto-sj130112.com
1 KB
203 45
Domain Requested by
18 assets.threatpost.com threatpost.com
assets.threatpost.com
15 threatpost.com mkto-sj130112.com
threatpost.com
11 media.threatpost.com threatpost.com
9 tagan.adlightning.com threatpost.com
tagan.adlightning.com
8 tags.mathtag.com 1 redirects tagan.adlightning.com
threatpost.com
8 pagead2.googlesyndication.com srcdoc
securepubads.g.doubleclick.net
tagan.adlightning.com
tpc.googlesyndication.com
8 securepubads.g.doubleclick.net www.googletagservices.com
tagan.adlightning.com
securepubads.g.doubleclick.net
threatpost.com
7 capi.connatix.com cd.connatix.com
7 qd.admetricspro.com threatpost.com
qd.admetricspro.com
6 vid.connatix.com cd.connatix.com
5 tag.1rx.io qd.admetricspro.com
cds.connatix.com
5 c.amazon-adsystem.com qd.admetricspro.com
c.amazon-adsystem.com
4 fastlane.rubiconproject.com qd.admetricspro.com
4 ib.adnxs.com qd.admetricspro.com
cds.connatix.com
4 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
4 www.google.com threatpost.com
tagan.adlightning.com
4 www.googletagservices.com threatpost.com
tagan.adlightning.com
3 tpc.googlesyndication.com tagan.adlightning.com
3 c2shb.ssp.yahoo.com qd.admetricspro.com
3 htlb.casalemedia.com qd.admetricspro.com
cds.connatix.com
3 hbopenbid.pubmatic.com qd.admetricspro.com
cds.connatix.com
3 btlr.sharethrough.com qd.admetricspro.com
3 teachingaids-d.openx.net qd.admetricspro.com
cds.connatix.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
threatpost.com
3 cds.connatix.com threatpost.com
cd.connatix.com
2 pixel.mathtag.com tagan.adlightning.com
2 hal9000.redintelligence.net tagan.adlightning.com
2 beacon-fra2.rubiconproject.com tagan.adlightning.com
2 adservice.google.com tagan.adlightning.com
2 mug.criteo.com threatpost.com
2 gum.criteo.com 1 redirects
2 prebid.a-mo.net qd.admetricspro.com
cds.connatix.com
2 id5-sync.com qd.admetricspro.com
cdn.id5-sync.com
2 script.4dex.io qd.admetricspro.com
script.4dex.io
2 img.connatix.com threatpost.com
2 www.gstatic.com www.google.com
2 kasperskycontenthub.com threatpost.com
1 adservice.google.de tagan.adlightning.com
1 partner.googleadservices.com tagan.adlightning.com
1 sync.mathtag.com tagan.adlightning.com
1 googleads.g.doubleclick.net tagan.adlightning.com
1 bdfdb78263003bdb71a7b35e2f77bf9d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.se tagan.adlightning.com
1 pixel.quantserve.com threatpost.com
1 ads.adaptv.advertising.com cds.connatix.com
1 tlx.3lift.com qd.admetricspro.com
1 ap.lijit.com qd.admetricspro.com
1 mp.4dex.io qd.admetricspro.com
1 ads.servenobid.com qd.admetricspro.com
1 e.serverbid.com qd.admetricspro.com
1 www.google.de threatpost.com
1 s0.2mdn.net imasdk.googleapis.com
1 analytics.twitter.com tagan.adlightning.com
1 geo.ipify.org qd.admetricspro.com
1 stats.g.doubleclick.net www.google-analytics.com
1 rules.quantcount.com secure.quantserve.com
1 t.co threatpost.com
1 cdn.id5-sync.com tagan.adlightning.com
1 secure.cdn.fastclick.net tagan.adlightning.com
1 static.ads-twitter.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 www.googletagmanager.com threatpost.com
1 cd.connatix.com 1 redirects
1 mkto-sj130112.com
0 hal900016.redintelligence.net Failed threatpost.com
0 hal90006.redintelligence.net Failed threatpost.com
203 66
Subject Issuer Validity Valid
mkto-sj130112.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
threatpost.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-07-03		 a year crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-11 -
2022-08-10		 a year crt.sh
assets.threatpost.com
Amazon		 2022-01-05 -
2023-02-03		 a year crt.sh
media.threatpost.com
Amazon		 2022-01-05 -
2023-02-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
kasperskycontenthub.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-07-03		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2021-03-11 -
2022-03-15		 a year crt.sh
cdn.id5-sync.com
R3		 2021-11-24 -
2022-02-22		 3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-06 -
2023-01-05		 a year crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2021-01-19 -
2022-02-19		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-06 -
2023-01-05		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
e.serverbid.com
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
ads.servenobid.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.a-mo.net
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.google.se
GTS CA 1C3		 2021-12-09 -
2022-03-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
redintelligence.net
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh

This page contains 17 frames:

Primary Page: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Frame ID: BE77827E7F938FF43B507848D6B8B21F
Requests: 122 HTTP requests in this frame

Frame: https://cds.connatix.com/p/146566/connatix.player.dc.js
Frame ID: 340B20A788F72C2352FA3477D6E4C1E3
Requests: 16 HTTP requests in this frame

Frame: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Frame ID: E3B9D9D899802846627D369029DA9F5E
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: D05F018C9275616345595B597DB85104
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: B8EAF29CDC10B01A2CDE703609AA53B2
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: D61C96B2D50510FF636D78A58B9A4B40
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 80F0B95F6CD30F20CDAA11B870F3BC31
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A2FDF08F1B47127D78424CCD508C72F6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B8D5FFF625FD51D9B1CDAA93DE71C678
Requests: 1 HTTP requests in this frame

Frame: https://bdfdb78263003bdb71a7b35e2f77bf9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 68CE94D9C7A8B09768F0908D7F8B70CA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8E208B8C726F6AFAF3F509F34099E9D8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4C979AB59DAA1FDD82E8BA901A17843E
Requests: 2 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-00265970.js
Frame ID: 64756757AEC4E0D2841078F73E21D384
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-00265970.js
Frame ID: 1640A88D34FAAB3F4845815072A78962
Requests: 12 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-00265970.js
Frame ID: ACEF50318D697DA01181E392EFEF3D50
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20190131/zrt_lookup.html
Frame ID: 9FEBA56FB966FCE99F74B7AECF6CE666
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=90&slotname=7759284332&adk=4262696766&adf=776186318&pi=t.ma~as.7759284332&w=728&psa=0&format=728x90&url=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642633458709&bpp=5&bdt=660&idt=91&shv=r20220118&mjsv=m202201130101&ptt=9&saldr=aa&cookie=ID%3Dd8b0113cd16a440b-220438b525cd0053%3AT%3D1642633457%3AS%3DALNI_Mag96czHnsdTZtSGakyfUioqwId9g&correlator=2621351465045&frm=23&ife=4&pv=2&ga_vid=2143096394.1642633457&ga_sid=1642633459&ga_hid=679952921&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=8&biw=1600&bih=1200&isw=728&ish=90&ifk=3256183738&scr_x=0&scr_y=0&eid=44753738%2C31064116%2C31064125&oid=2&pvsid=4116688331418487&pem=552&tmod=384196052&nvt=1&ref=https%3A%2F%2Fmkto-sj130112.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8i4t18lf66zn&fsb=1&dtd=114
Frame ID: CE22D666F997DA22FADBBD962F17A42D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

All in One SEO Plugin Bug Threatens 3M Websites with Takeovers | Threatpost

Page URL History Show full URLs

  1. https://mkto-sj130112.com/MDAxLVZKWC0xMDQAAAGCEt0J8LI9v8JxgYvqLgXl6APRuu1d1YGIV5XGSM6TGKnoLOOfGOO5e-0s... Page URL
  2. https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

203
Requests

97 %
HTTPS

44 %
IPv6

45
Domains

66
Subdomains

58
IPs

8
Countries

4714 kB
Transfer

10944 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mkto-sj130112.com/MDAxLVZKWC0xMDQAAAGCEt0J8LI9v8JxgYvqLgXl6APRuu1d1YGIV5XGSM6TGKnoLOOfGOO5e-0sfujfZbJBhliqJek= Page URL
  2. https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/146566/connatix.player.dc.js
Request Chain 125
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=AdUn-HxoK3RaZWJ0ZDBRUUZzU3Fhek1yTEhQU0hYVDlZZG5xcjg1OHZ5VlJzS0FaL0RhWFBMY1ZsTlZRcW5lQ0cva1o5Zm0yelljd3FNdHR1bHphUE1UR3ZNRWtJMThjcEo2Zzd3RWxSc3h0SUlGZy9xMHdxbjAyNEh4R2hpdzVFT29YeVVVOGt4Vk95cDg5TjNaNXk0WnFUMjhBUktFZzIwTUMyT1BZK0FLemxBdUxaS1ZuOWVZRmw5b09HL1BCcjNOcjIxWnFwRStXcXA2ZzBydnhMSFAxUmU1d202aUdtb0paRklJVkJKWDdZK1RBPXw&cppv=2
Request Chain 175
  • https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT1dFMU9UYzBNbUl0WkdaaE5pMWlZekppTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MzM1MDI1ODMyOTE2NjAyNTAvOTY5NjA0NC85OTY4MjAyLzkvYlFyZVpXbG5LZjBpNXd1SHF5TjRURVhmdl9hT2FNSGFfQk9MQkpkRm8zby8xLzkvMC8wLzE3NjQwNzUvMC8yMjY1ODkvMTA0MTgwMi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzE2MzM1MDI1ODMyOTE2NjAyNTAvYW1zLzAvNTY0Mi83Lzk5OS8yLzIwMDE6MWI2MDoxMDEwOjovMC4wMDAvMTY0MjYzMzQ1Ny8xNjQyNjM3MDU3LzkvMTkyNTQv/LYZcERPYnLO7kU8vOIVywOkvctc&nodeid=1602&group=cdg&auctionid=1633502583291660250&shardkey=1633502583291660250&sid=9968202&cid=9696044&price=F50F83C7015E5A5C&bp=a_cfjjig&nfy_act=LD5wfn0&type=burl&client=c2s&src=imp&bfip=185.29.135.135 HTTP 302
  • https://tags.mathtag.com/ck-confirm?bid_id=1633502583291660250&node_id=1602&exch_id=9
Request Chain 199
  • https://hal90006.redintelligence.net/request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=3f93b3dddb&subid=&uid=e3b39de9338b9439&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D42df5c7ed92c61f4b30428536d3dd65745f8b72c_15%26mt_aid%3D1633502583291660250%26mt_id%3D9696044%26mt_adid%3D226589%26mt_sid%3D9968202%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df32061e8-98f2-4a01-bec5-513d467dd22f%26mt_cid%3Df32061e8-98f2-4a01-bec5-513d467dd22f%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F3921dc64-bfe0-4e68-afd1-2530812e3f77%2F%26redirect%3D&documentReferer=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&ancestorOrigins=https%3A%2F%2Fthreatpost.com&random=3232159560236&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90006.redintelligence.net/request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=3f93b3dddb&subid=&uid=e3b39de9338b9439&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D42df5c7ed92c61f4b30428536d3dd65745f8b72c_15%26mt_aid%3D1633502583291660250%26mt_id%3D9696044%26mt_adid%3D226589%26mt_sid%3D9968202%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df32061e8-98f2-4a01-bec5-513d467dd22f%26mt_cid%3Df32061e8-98f2-4a01-bec5-513d467dd22f%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F3921dc64-bfe0-4e68-afd1-2530812e3f77%2F%26redirect%3D&documentReferer=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&ancestorOrigins=https%3A%2F%2Fthreatpost.com&random=3232159560236&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 200
  • https://hal900016.redintelligence.net/request.php?zone=qdxf4l9d1c32&nw=20&renderingType=javascript&namespace=996a96078c&subid=&uid=bb6b0a4387c25f39&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4c7191ff46ab720e2850059289fe9fd0f31b724c_10%26mt_aid%3D8551031610932837932%26mt_id%3D9690032%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df32061e8-98f2-4a01-bec5-513d467dd22f%26mt_cid%3Df32061e8-98f2-4a01-bec5-513d467dd22f%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F2d910ada-f883-42de-8731-ebd0e6aa7221%2F%26redirect%3D&documentReferer=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&ancestorOrigins=https%3A%2F%2Fthreatpost.com&random=7649857315026&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900016.redintelligence.net/request.php?zone=qdxf4l9d1c32&nw=20&renderingType=javascript&namespace=996a96078c&subid=&uid=bb6b0a4387c25f39&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4c7191ff46ab720e2850059289fe9fd0f31b724c_10%26mt_aid%3D8551031610932837932%26mt_id%3D9690032%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df32061e8-98f2-4a01-bec5-513d467dd22f%26mt_cid%3Df32061e8-98f2-4a01-bec5-513d467dd22f%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F2d910ada-f883-42de-8731-ebd0e6aa7221%2F%26redirect%3D&documentReferer=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&ancestorOrigins=https%3A%2F%2Fthreatpost.com&random=7649857315026&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

203 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
MDAxLVZKWC0xMDQAAAGCEt0J8LI9v8JxgYvqLgXl6APRuu1d1YGIV5XGSM6TGKnoLOOfGOO5e-0sfujfZbJBhliqJek=
mkto-sj130112.com/ 		611 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mkto-sj130112.com/MDAxLVZKWC0xMDQAAAGCEt0J8LI9v8JxgYvqLgXl6APRuu1d1YGIV5XGSM6TGKnoLOOfGOO5e-0sfujfZbJBhliqJek=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31057482493b6e0921be97c52e0423a2fb25d355c52cf27c0757d5c2e2ece2f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 23:04:13 GMT
content-type
text/html
cache-control
private, no-cache, no-store, max-age=0
x-content-type-options
nosniff
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d03b36c3d62696a-FRA
content-encoding
gzip
Primary Request /
threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/ 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Requested by
Host: mkto-sj130112.com
URL: https://mkto-sj130112.com/MDAxLVZKWC0xMDQAAAGCEt0J8LI9v8JxgYvqLgXl6APRuu1d1YGIV5XGSM6TGKnoLOOfGOO5e-0sfujfZbJBhliqJek=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7b122226a3373d0030fd6b398c7707fd55441b91cf8bcda6e61e76d0fcf998a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mkto-sj130112.com/

Response headers

Server
nginx
Date
Wed, 19 Jan 2022 23:04:14 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Link
<https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/wp-json/wp/v2/posts/177240>; rel="alternate"; type="application/json" <https://threatpost.com/?p=177240>; rel=shortlink
X-Frame-Options
SAMEORIGIN
X-Debug-Auth
off
X-Request-Host
threatpost.com
x-cache-hit
MISS
Content-Encoding
gzip
museosans-900italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8edaef698e025c37ba9e8d632a895d7252c62251df3f095d5cff17b6f3304854

Request headers

Referer
https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:15 GMT
Last-Modified
Mon, 17 Jan 2022 08:00:27 GMT
Server
nginx
ETag
"61e5221b-3ca8"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
15528
museosans-900-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398

Request headers

Referer
https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:15 GMT
Last-Modified
Mon, 17 Jan 2022 08:00:29 GMT
Server
nginx
ETag
"61e5221d-5124"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20772
museosans-700italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Referer
https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:15 GMT
Last-Modified
Mon, 17 Jan 2022 08:00:30 GMT
Server
nginx
ETag
"61e5221e-3dcc"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
15820
museosans-700-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Referer
https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:15 GMT
Last-Modified
Mon, 17 Jan 2022 08:00:27 GMT
Server
nginx
ETag
"61e5221b-51a4"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20900
museosans-500italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
17aee1fe3d7d16e647b97f568230c2ff36c1855ce35ce930c26aec5d2c58eaf4

Request headers

Referer
https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:15 GMT
Last-Modified
Mon, 17 Jan 2022 08:00:27 GMT
Server
nginx
ETag
"61e5221b-5c74"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
23668
museosans-500-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Referer
https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:15 GMT
Last-Modified
Mon, 17 Jan 2022 08:00:30 GMT
Server
nginx
ETag
"61e5221e-5194"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20884
museosans-300italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

Referer
https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:15 GMT
Last-Modified
Mon, 17 Jan 2022 08:00:27 GMT
Server
nginx
ETag
"61e5221b-5bac"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
23468
museosans-300-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Referer
https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:15 GMT
Last-Modified
Mon, 17 Jan 2022 08:00:30 GMT
Server
nginx
ETag
"61e5221e-51b8"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20920
museosans-100italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
038fc4d49a9191d416d49841f371b6e0b06bb40f719124099d40fe8f393b9e2c

Request headers

Referer
https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:15 GMT
Last-Modified
Mon, 17 Jan 2022 08:00:27 GMT
Server
nginx
ETag
"61e5221b-5b34"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
23348
museosans-100-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Referer
https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:15 GMT
Last-Modified
Mon, 17 Jan 2022 08:00:30 GMT
Server
nginx
ETag
"61e5221e-50c8"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20680
op.js
tagan.adlightning.com/math-aids-threatpost/ 		44 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/op.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-46.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
550e9608428530e8ef34eb025410412396246d6f22feabc5a3afeda22fa01d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
Lmgyp6.xBa.tJzWi5Q_Xw_UxOOKHIVdg
content-encoding
gzip
etag
"586ec75ce8d6f89b2dbeb90aae87ff03"
age
2800
x-cache
Hit from cloudfront
content-length
18557
x-amz-meta-git_commit
7b120a5
last-modified
Wed, 19 Jan 2022 18:32:17 GMT
server
AmazonS3
date
Wed, 19 Jan 2022 22:41:40 GMT
content-type
application/javascript
via
1.1 0cd2c3fbaf7659321a893cd5ab933aa4.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
x-amz-cf-id
NfmJQupNHZzhj_tOrOKlMkPTOKzy4N57sp0ZewGQx8jLC4PcYqwCSw==
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebd54000f9d220138387bae5b4a04b6149b6cae44cc6faf77dec192947fed790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26997
x-xss-protection
0
server
sffe
etag
"1107 / 184 of 1000 / last-modified: 1642594113"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Jan 2022 23:04:16 GMT
ros-layout.js
qd.admetricspro.com/js/threatpost/ 		26 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/ros-layout.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fddec1cb13ee6848cce386a733d405fff2be9ab4d904f55a1d15c7cc84f410d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
440
content-length
3093
last-modified
Wed, 03 Nov 2021 12:58:13 GMT
server
cloudflare
etag
W/"67a6-5cfe1f68177b1-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIT4X4TrhPcHuBLhdT%2BDDlLtDWqBkbmCC0eoJ8vIrZDhCkRwEEZ%2BhWiE0KCdTrO4IFyh0yRk2%2F2TN6ccA6fwYRF8FbNGPVIXsQfjIbhT%2BBkS8BQm7CJ8vK59GDKD6ZPp6zm43zJdfIwUGf%2FITqsUEQwJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6d03b37791b18bcf-FRA
expires
Wed, 19 Jan 2022 23:04:44 GMT
cmp.js
qd.admetricspro.com/js/threatpost/ 		310 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/cmp.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
440
last-modified
Tue, 01 Jun 2021 14:47:10 GMT
server
cloudflare
etag
W/"4d957-5c3b56abf6028-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NB0jcsq6krcOo0IJW9QiiEo9YsIILPFRkYu157w8YBu6s2Ct3Vy4HnBRCcslaVpY6sjfuMD50K8AbkxvLXexi3qCYghRLxkkt4CpPtTeWfAcO1dT%2Bt2Sjx6%2FrFdxizq6rSkieR5Kci9oU4XkfMtUQqMr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6d03b37c64a88bcf-FRA
expires
Wed, 19 Jan 2022 23:04:45 GMT
uspcmp.js
qd.admetricspro.com/js/threatpost/ 		148 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/uspcmp.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
440
last-modified
Sat, 08 Aug 2020 22:40:07 GMT
server
cloudflare
etag
W/"24e50-5ac65673cef1c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToY9EDGb4fHuBK0bArO2JNAPXZByruEDr0wgqxAo20DhizvXqPSewN1yLbN5WVxaYJjYDTwoROFPjJYRLc%2BL9WBvKbRv0lPYsarSWK4cl5soGZCLgBJff0QdPGrxi1uBYc2T3MmV0SANEC%2B84peWA32N"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6d03b37c74a98bcf-FRA
expires
Wed, 19 Jan 2022 23:04:45 GMT
targeting.js
qd.admetricspro.com/js/threatpost/ 		393 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/targeting.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03cc687f0c8a2d1694e509b91fcd6c62c0fbdbdbdb850b8007b8052f649c7f77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
440
content-length
172
last-modified
Wed, 04 Aug 2021 21:50:12 GMT
server
cloudflare
etag
W/"189-5c8c2c96f96c7-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eU%2BFqnsjkt%2BGQYcjMpRqGQRbHWuf5Cr259pjTPaJDgbgp4D%2FO3QhJ%2B%2Bz8%2BlCtf0%2BsBqNDGH5%2Bdol2ZOydMLlt1k8v1ep%2B3V9PygEBRb1i%2BulDlwrsX7ZnbEatesz%2FGvjFERBtfnQ%2BGuoqjlKM2i9dgRe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6d03b37c74ab8bcf-FRA
expires
Wed, 19 Jan 2022 23:04:45 GMT
prebid.js
qd.admetricspro.com/js/threatpost/ 		430 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/prebid.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8c03fd4dea0f2c83fa05b10dfd913bfcff51d05e0c6e84b7f340b857fdda517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
440
last-modified
Thu, 14 Oct 2021 15:35:01 GMT
server
cloudflare
etag
W/"6b738-5ce51d26ef74c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYrqmi5DM9ZDeUC7xZACA7W2%2F6t%2B%2BRtLld%2FolsDJwfpHj3jflxvAulW50BNrMDl6KXbuhtxLfo%2B3Yg%2FzCdvL%2FmzYeakQhNtUjNkG8ird7%2FfLtNojK3rczWMGs%2BYc%2Fg5o2yGxLXVGqaTZ6Io57RpKGqTI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6d03b37c74ac8bcf-FRA
expires
Wed, 19 Jan 2022 23:04:45 GMT
engine.js
qd.admetricspro.com/js/threatpost/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/engine.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a355508d811ac666d1b61e566f7f1daf5d39b8915c036b271f14a4cfb9247ac3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
440
last-modified
Fri, 15 Oct 2021 02:14:43 GMT
server
cloudflare
etag
W/"8b7c-5ce5ac22db48b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcWSTxIlDIEkIOZbza7eVf7yQ4xLXFzL7SvHtSoUx0zMj0Nnr0xy%2F7JypQvSei9ntPelZMCIp6rTwIU8W7c9F7zvuvH5GdKqXJdnsF2Jle9IJBoqxSkjjhJP%2FxyRmC7AuEL07YWb2RtJMblr2nx77k8k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6d03b37791b08bcf-FRA
expires
Wed, 19 Jan 2022 23:04:44 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		294 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
62cbf085d014439b719c84c3d2f3222fde66e299c2da1b41dfc4dbb315db0456
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:15 GMT
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
42696
x-cache-hit
HIT
last-modified
Mon, 17 Jan 2022 08:00:30 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
TdyZTjN6YmSJsjilvBXm7fom1pj6VhSeYQwzRjB6XysaCX3WB4y3Mg==
expires
Thu, 20 Jan 2022 13:39:08 GMT
jquery-1.12.4-wp.js
threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
public
Date
Wed, 19 Jan 2022 23:04:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jan 2022 08:00:26 GMT
Server
nginx
ETag
W/"61e5221a-17a56"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Wed, 26 Jan 2022 23:04:15 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=3a70a31c
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b813e47b551a74f55e504ad2e4a7fdb97ee55a9497486ffa61f4dfc34e6fd338
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:15 GMT
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
6410
x-cache-hit
HIT
last-modified
Mon, 17 Jan 2022 08:00:30 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
Lh1xqpGdO7G0QqJ71_WhV-R1VG0TN_yhi3dQWJl3JRjJD4IrZ-KI3A==
expires
Thu, 20 Jan 2022 13:39:02 GMT
wordpress_plugin_vuln.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/01/28092447/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2019/01/28092447/wordpress_plugin_vuln.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07548e026bf3fba76bebc09a94e259e1773373ffb367626880ac8df62484aa17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 05:52:51 GMT
via
1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront), 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified
Mon, 28 Jan 2019 14:24:48 GMT
server
AmazonS3
age
3690686
etag
"c4bcd2e64f5d5dee5dbf78c2eaa102df"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2, FRA53-C1
accept-ranges
bytes
content-length
42865
x-amz-cf-id
vz1r8_bNCYd7tgLIZ_WZs0rYKfdM8E7KLgo84s8L26koV1hfRI95Pw==
expires
Tue, 28 Jan 2020 14:24:47 GMT
api.js
www.google.com/recaptcha/ 		852 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=en&render=explicit
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7575b234b15077a7c6980876f5f2f64ae88b57cf80ea912432d588c06b0b2fa2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
556
x-xss-protection
1; mode=block
expires
Wed, 19 Jan 2022 23:04:16 GMT
scripts.js
kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/scripts.js?ver=1.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
public
Date
Wed, 19 Jan 2022 23:04:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jan 2022 08:00:29 GMT
Server
nginx
ETag
W/"61e5221d-828"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Wed, 26 Jan 2022 23:04:16 GMT
api.js
www.google.com/recaptcha/ 		852 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6ad5f6df798cb19bb0df218efa3e40c11afb9c2d6874dee5747765862ccc5527
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Wed, 19 Jan 2022 23:04:16 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/jquery.json.min.js&ver=3a70a31c
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
926
x-cache-hit
HIT
last-modified
Mon, 17 Jan 2022 08:00:30 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
1WLOIsc0EVVwQkVLXtsbnxGVOBQxOY7plSg7z9dQqeZF7ttS1PN8sA==
expires
Thu, 20 Jan 2022 13:39:04 GMT
gravityforms.min.js
threatpost.com/wp-content/plugins/gravityforms/js/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.17.15
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
public
Date
Wed, 19 Jan 2022 23:04:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jan 2022 08:00:29 GMT
Server
nginx
ETag
W/"61e5221d-88c2"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Wed, 26 Jan 2022 23:04:16 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/conditional_logic.min.js&ver=3a70a31c
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
2685
x-cache-hit
HIT
last-modified
Mon, 17 Jan 2022 08:00:26 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
xepLzz0USQzBKY0ckXL-Q99lNyq-ljhNv5ceRgAbg9AAidXtfsCBVg==
expires
Thu, 20 Jan 2022 13:39:04 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/placeholders.jquery.min.js&ver=3a70a31c
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
1747
x-cache-hit
HIT
last-modified
Mon, 17 Jan 2022 08:00:30 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
w3FTY42oLuz4SyvIypSKNfUuNK-aeYS-UNdiBFglrsY3hXNr51Rebg==
expires
Thu, 20 Jan 2022 13:39:04 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-gravity-forms-dynamic-recaptcha/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-includes/js/wp-embed.min.js,wp-content/plugins/akismet/_inc/form.js&ver=3a70a31c
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bdb19f9b971a1026f59a86b5a185008b1b735ac4e1d81aaac3acdc0a15886c62
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
36706
x-cache-hit
HIT
last-modified
Mon, 17 Jan 2022 08:00:29 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
r0KviYRXKaFr1lZwyMWox3Z3HSySUjEUfCOVSYedC0oKS4QpGvQ9Sg==
expires
Thu, 20 Jan 2022 13:39:08 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.119.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-119-176.txl50.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
552
x-cache
Hit from cloudfront
server
Server
x-amz-rid
021CHY71WXYQRNGD9ZMF
date
Wed, 19 Jan 2022 22:55:15 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 1b9454b38723d47cf9a28d1fb8f9546c.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
TXL50-P4
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
7wuoKg1lAVnqItkX8pqL17I2MMHAOAE5usWAHXhppOn8tLmBYJZhIw==
connatix.player.dc.js
cds.connatix.com/p/146566/ Frame 340B
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/146566/connatix.player.dc.js
1 MB
236 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/146566/connatix.player.dc.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
99155ab8da91aa92828722d0c547012321a2e9801e68132f172e5c315a12ffb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:15 GMT
content-encoding
br
last-modified
Wed, 19 Jan 2022 15:02:30 GMT
age
28705
etag
"250e5155ef703f9e766585e987b82886"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
241135

Redirect headers

location
https://cds.connatix.com/p/146566/connatix.player.dc.js
date
Wed, 19 Jan 2022 23:04:15 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
/
kasperskycontenthub.com/ 		0
399 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=1247622818&back=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:16 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Connection
close
Content-Type
application/javascript
x-cache-hit
MISS
Transfer-Encoding
chunked
X-Debug-Auth
off
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Request-Host
kasperskycontenthub.com
X-XSS-Protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		179 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8474e50bcf2c46562bb76826e78d6c2056fab0a08257fc7abef3d007efffaf74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60962
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 21:00:30 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jan 2022 23:04:16 GMT
icons.svg
threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/ 		13 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/icons.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:16 GMT
Last-Modified
Mon, 17 Jan 2022 08:00:27 GMT
Server
nginx
ETag
"61e5221b-328e"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
12942
icons.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 		13 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:16 GMT
Last-Modified
Mon, 17 Jan 2022 08:00:29 GMT
Server
nginx
ETag
"61e5221d-328e"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
12942
logo.png
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo.png
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Wed, 19 Jan 2022 23:04:16 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jan 2022 08:00:27 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"61e5221b-4a32"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
18994
x-amz-cf-id
xK4-ULAhm0lb5FB_bM2FeuqrV3U-hgXPmxm6anOFDZr0i1a4y5DbLA==
expires
Wed, 26 Jan 2022 23:04:16 GMT
mail-plane-light.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		828 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-light.svg
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jan 2022 08:00:30 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"61e5221e-33c"
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
828
x-amz-cf-id
Mnw-rkAaLZjuwk9GPVvZUhhrM5qVcJg1PHsXRthzQC1PYcpJufKdig==
twitter-blue.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		868 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/twitter-blue.svg
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jan 2022 08:00:30 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"61e5221e-364"
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
868
x-amz-cf-id
YDJgvrfNTjnX05nW5-60Ho13cla_iZT1ersaia0oF2nLr74_jH5MqQ==
museosans-700-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jan 2022 08:00:29 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"61e5221d-51a4"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20900
x-amz-cf-id
TRE0WNdH6BuxAfHNpafkkfGkCN2rxiDssvYi6oo2US43w8_OtOojlA==
museosans-100-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jan 2022 08:00:27 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"61e5221b-50c8"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20680
x-amz-cf-id
FviKK0akALz3nsbadzwrNMa_iW6yiEEpZ7BKAxOe6rwmnAJB0mQTHQ==
museosans-300-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jan 2022 08:00:29 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"61e5221d-51b8"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20920
x-amz-cf-id
T8OgcCs1oNN2YVRgmDWhnG7BYvJqQ8KgOjLJWYW7bwxcvhnBMMoWUg==
museosans-500-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jan 2022 08:00:27 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"61e5221b-5194"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20884
x-amz-cf-id
SmLXihf0mAOn5WILV1njhpH8aqqZY0c5Wn9IbOPTxsfjBVjZyPEPGQ==
museosans-700italic-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jan 2022 08:00:30 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"61e5221e-3dcc"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
15820
x-amz-cf-id
OA33y-WJdVqah-HP9a2ugM8fRWk1KaVXSjUGqo3gUqiYUpQKvfwnOQ==
player.css
cds.connatix.com/p/146566/ 		54 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/146566/player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1cc9f616bd372ae964eec0a11061ac73c070372be1f6442dda535b69b12cb28d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
br
last-modified
Wed, 19 Jan 2022 15:02:30 GMT
age
28706
etag
"de6f3533fb435fa3f7d0104764b594b6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
8462
mail-plane-large-dark.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		812 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-large-dark.svg
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jan 2022 08:00:30 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"61e5221e-32c"
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
812
x-amz-cf-id
dKULuXQc55s_82MBtV9usxF5Tjt78brmDmEU3JQZBS-5PstGRwMDxg==
logo-white.png
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo-white.png
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Wed, 19 Jan 2022 23:04:16 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jan 2022 08:00:30 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"61e5221e-260a"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
9738
x-amz-cf-id
TqL14HDqvoEEkJWoihw0DMS1RJIr82c0Q3Ee-38GQq5lo0biJ7RnjA==
expires
Wed, 26 Jan 2022 23:04:16 GMT
Tara-headshot.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/08/15114841/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2018/08/15114841/Tara-headshot.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89ce08431545cd3c6d42419d99ee0152027a68c1d0c7c82838cc9a51d9d52451

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 17:03:54 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront), 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified
Fri, 17 Aug 2018 16:22:08 GMT
server
AmazonS3
age
15487223
etag
"dee18dfeea6de13bec60c1e5237eb723"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA53-C1
accept-ranges
bytes
content-length
13097
x-amz-cf-id
ryklqh9ytZixK5djMGrTku34HJeb4zLqBXw9o7uHtoLZHn7ZXxu8lw==
expires
Sat, 17 Aug 2019 16:22:07 GMT
infosec_insiders_in_article_promo.png
media.threatpost.com/wp-content/uploads/sites/103/2021/07/10165815/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/07/10165815/infosec_insiders_in_article_promo.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbe4e4e4e847a32bd717d963f0ac04b619a7a9cdd631a7454d9dfec16fbae73f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 23:44:31 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d31.cloudfront.net (CloudFront), 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified
Tue, 10 Aug 2021 20:58:17 GMT
server
AmazonS3
age
1293586
etag
"101ba02c43488b8b07cf42f9aa850f6a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2, FRA53-C1
accept-ranges
bytes
content-length
20484
x-amz-cf-id
8TGTgNewX8exdWri4HAZkItWtZ8czukXHb7qkcmeopfDu6sBdjM9bA==
expires
Wed, 10 Aug 2022 20:58:15 GMT
2FA_two-factor-authentication-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/01/11104331/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2019/01/11104331/2FA_two-factor-authentication-540x270.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42d1a1fbcb2775fe46ece55745acac2c09a2f831c786d095aff3bf75f5a85051

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:31:11 GMT
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront), 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified
Fri, 11 Jan 2019 15:43:35 GMT
server
AmazonS3
age
16386
etag
"8aec01d66e9bcaa73190868ba1bbeaa0"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2, FRA53-C1
accept-ranges
bytes
content-length
22490
x-amz-cf-id
KoQQN700fEotua-fkNOvWvNdmSgU-fjviI8AZH6uUT3F3ZUguf8Fsw==
expires
Sat, 11 Jan 2020 15:43:31 GMT
winter-olympics-540x270.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2022/01/19082649/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2022/01/19082649/winter-olympics-540x270.jpeg
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa173955c0904e56b7dadc2ac330faa0d12746bd2d39deaaca6cc6692238eabc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 13:36:44 GMT
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront), 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jan 2022 13:26:54 GMT
server
AmazonS3
age
34052
etag
"68f378b1562abfedf85e3e6210089b8b"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2, FRA53-C1
accept-ranges
bytes
content-length
34459
x-amz-cf-id
nM4-OOUiEUIEULND9xdFHgLIhd4gNHXo9xCRRra8Pwl6RtxSfzJqHA==
expires
Thu, 19 Jan 2023 13:26:53 GMT
spear-phishing--540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/01/23124846/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2020/01/23124846/spear-phishing--540x270.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d80a3a4ebfc53949f804e490de2977cd981fdba8c796d938742f9098e4ef88eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 11:02:55 GMT
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront), 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified
Thu, 23 Jan 2020 17:48:50 GMT
server
AmazonS3
age
43282
etag
"de54b01a4f5f94462293221272786f32"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2, FRA53-C1
accept-ranges
bytes
content-length
29067
x-amz-cf-id
LrZSaF6FFCpCTg1qcTUzuMXwFun_x3cuYizRfXR9-kM1U4nDMsHw8A==
expires
Fri, 22 Jan 2021 17:48:46 GMT
honda-data-leak-64x64.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2019/07/31143348/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2019/07/31143348/honda-data-leak-64x64.jpeg
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aed74ca5263f835a96dd0e79a8cb9ab61f5b52bbf136dfc51498771a8b6baef7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 20:22:02 GMT
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront), 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jul 2019 18:33:51 GMT
server
AmazonS3
age
96135
etag
"fe8ccf55bc2ee0c72c0e7f16dda11720"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2, FRA53-C1
accept-ranges
bytes
content-length
2001
x-amz-cf-id
wHjeMkPBEoiPtO62C5Qy0_z1uHva3leKqV-oArFkCaLYodmI7rYIcA==
expires
Thu, 30 Jul 2020 18:33:48 GMT
031920-phishing-article-800x550-1-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/03/17141301/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2020/03/17141301/031920-phishing-article-800x550-1-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
512e5c052cd0cd1ee7f0f94787112b73900f5e2ff3bafabf0e564853d81b3689

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 02:12:48 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront), 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified
Tue, 17 Mar 2020 18:13:05 GMT
server
AmazonS3
age
593488
etag
"76b6931f5c7793dd398e398fa6b18c5f"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA53-C1
accept-ranges
bytes
content-length
1584
x-amz-cf-id
TMZL0Ic-eXXPVcY7EeKZfcvs1LbHvIq8Unf4jxziuDYGukxOlyJNVw==
expires
Wed, 17 Mar 2021 18:13:04 GMT
zero-trust-64x64.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2021/06/11165310/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/06/11165310/zero-trust-64x64.jpeg
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2601819d7387eaa39cdce9df2aac15559572e9974bfe2d83bfb89b5873cf638a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 22:14:24 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront), 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified
Fri, 11 Jun 2021 20:53:15 GMT
server
AmazonS3
age
694193
etag
"0dbac1a64b0c995eba2c1af030a0b84b"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA53-C1
accept-ranges
bytes
content-length
2204
x-amz-cf-id
r2AX3yYf1pASZvbLvU3wEnYudNq_jLbMKAorkgkFQGFEKlgCJSlXNw==
expires
Sat, 11 Jun 2022 20:53:14 GMT
recon-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/12/30124538/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/12/30124538/recon-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
349800380315640a14d780af22ca75763983aea66d0133c19b53d55b25a86df4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 18:45:12 GMT
via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront), 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified
Thu, 30 Dec 2021 17:45:42 GMT
server
AmazonS3
age
1397945
etag
"54615b661379d68958934e1b77704530"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA53-C1
accept-ranges
bytes
content-length
1554
x-amz-cf-id
tfB03lMgS8KRYG2B017KzSezIwWw_EA3x7jStpTmd4-MdR29fSy1XA==
expires
Fri, 30 Dec 2022 17:45:41 GMT
Botnet2-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/05/19122836/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/05/19122836/Botnet2-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bac1a542ae1dec22fe126d856b0516197e46cc8b8282832b83feb39ef1e6f235

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 19:13:59 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront), 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified
Wed, 19 May 2021 16:28:42 GMT
server
AmazonS3
age
1828218
etag
"9a4a57a8ba2c01ac93ece3558db6d5ec"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2, FRA53-C1
accept-ranges
bytes
content-length
1745
x-amz-cf-id
5HXwLZKjGWgRwQeeUQ59rAMENOC6130nq5YHRVBcIoIlDQCETebZxw==
expires
Thu, 19 May 2022 16:28:41 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ 		351 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8bf0b735b32ad006ebb24281f26003602080d6da979243af106c1962777cac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:39:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141749
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 17:39:34 GMT
pls
capi.connatix.com/core/ Frame 340B 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
07d5be9aa710358a2a335a319776d03682af8f0c95512254935161939cefdc39

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
3456
vendor-list.json
qd.admetricspro.com/js/cmp2/ 		256 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/cmp2/vendor-list.json
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aeb3ee07f4b462935c5d8047ff038c8e279d75f9be1dcd0b848ba68223a3ee2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 31 May 2021 16:54:38 GMT
server
cloudflare
etag
W/"3ffae-5c3a314b5dcb2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOTzybZ9j3T2XbO2WG%2FbP9tQHFlPl4G1jIVNP2LrKDW%2Fd7n1TnIyRftIUn0G5IQoylcp%2BC3GRUydleUWe5kyKbkCtb2N286IvZ%2FPlLGBKNL3oBTolS4iXp3hqtBVdXnU6C4rRAzUww2%2B7HCHzF9jy77G"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=600
cf-ray
6d03b37d8419432d-FRA
expires
Wed, 19 Jan 2022 23:14:16 GMT
pubads_impl_2022011002.js
securepubads.g.doubleclick.net/gpt/ 		352 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064136
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 20:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95573
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121009
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 21:10:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Jan 2023 20:31:23 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		115 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=threatpost.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
bb66dbe2867f4bd08186615c104fefef105858870dd23550d3fd33100115f4e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91
x-xss-protection
0
expires
Wed, 19 Jan 2022 23:04:16 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		662 B
1019 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthreatpost.com&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.119.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-119-176.txl50.r.cloudfront.net
Software
Server /
Resource Hash
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:36:24 GMT
via
1.1 1b9454b38723d47cf9a28d1fb8f9546c.cloudfront.net (CloudFront)
server
Server
age
16072
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://threatpost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
TXL50-P4
content-length
662
x-amz-cf-id
-nE4H5lsFilnAtVcvgJPSRI_sEMF7qyDRLAKBuQnmtN21aXAQwoZqg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.119.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-119-176.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
58982
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 22 Dec 2021 01:41:37 GMT
server
AmazonS3
date
Wed, 19 Jan 2022 06:41:15 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
TXL50-P4
x-amz-cf-id
lhuUptvSlEuiM9oDs0Fp3XIdp0DkN1WkhlAXWCOm_4cx29plHaDqrg==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-46.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 20:58:51 GMT
content-encoding
gzip
age
9511526
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 0cd2c3fbaf7659321a893cd5ab933aa4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
11-S8B0DbyU2YoN4X_2Bz3BM-F7uEz58bVbPSfckJgTc-fxZxed7oA==
bl-0af0356-00265970.js
tagan.adlightning.com/math-aids-threatpost/ 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-00265970.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-46.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10ac6502b2c5a4627156951838e56e9cd0a1b0b797d4a36249a878959ee4d281

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 19:17:18 GMT
content-encoding
gzip
age
13619
x-cache
Hit from cloudfront
content-length
21423
x-amz-meta-git_commit
0af0356
last-modified
Wed, 19 Jan 2022 18:31:19 GMT
server
AmazonS3
etag
"f968c40458faaeb101eb287ec0f05bb0"
x-amz-version-id
zlyH7A3HVGlPnviR1SfZn9jP4Ck1BpFa
via
1.1 0cd2c3fbaf7659321a893cd5ab933aa4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
SRmfa9ZANfcij2xm90FNCIn1gUWMqE06n5paryGw5J3mlh555XhoRA==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
190
date
Wed, 19 Jan 2022 23:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 20 Jan 2022 01:01:06 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 26 Jan 2022 23:04:16 GMT
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kiad7000120-IAD, cache-fra19173-FRA
sr
capi.connatix.com/tr/ Frame 340B 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
3f7e95f93f037227d68960d6c34f74c408d8beab0237fe2eab3d91239f70f134
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26997
x-xss-protection
0
server
sffe
etag
"1107 / 177 of 1000 / last-modified: 1642594113"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Jan 2022 23:04:16 GMT
2_media.bin
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/94746258-4c66-44a3-96d3-e63c5552a1a9/ Frame 340B 		291 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/94746258-4c66-44a3-96d3-e63c5552a1a9/2_media.bin?playerId=c2ecd04f-0dca-4ffa-8761-d93b34717380
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
19a7659a2a48aa5c299dee1ac14bc4d9a47f3be58010ae2ad753509a797d6b76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 05:46:30 GMT
age
62173
etag
"c5803ee4c3208fe24e60d942fd37bd5a"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
255
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 340B 		377 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e58bc10b3948106bc0f0d27a5d4951bc2c96aeab02674bbdb7a1c7a8637842d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-instream-static
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127290
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 23:04:16 GMT
1.png
img.connatix.com/c2ecd04f-0dca-4ffa-8761-d93b34717380/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/c2ecd04f-0dca-4ffa-8761-d93b34717380/1.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
br
age
1332704
etag
"CDlq0wWU2N6Hha9Y1OkqKS7K/JyWAUvXYL5GlZ2se8g"
access-control-max-age
86400
fastly-io-info
ifsz=8114 idim=288x42 ifmt=png ofsz=6487 odim=288x42 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
6487
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.31.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-31-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Wed, 19 Jan 2022 23:19:16 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Wed, 19 Jan 2022 22:15:05 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10430
x-request-id
922060571
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=626357011&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&dr=https%3A%2F%2Fmkto-sj130112.com%2F&ul=en-us&de=UTF-8&dt=All%20in%20One%20SEO%20Plugin%20Bug%20Threatens%203M%20Websites%20with%20Takeovers%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1679897913&gjid=100778639&cid=2143096394.1642633457&tid=UA-35676203-21&_gid=1395045091.1642633457&_r=1&gtm=2wg1c0PM29HLF&z=1242878776
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 23:04:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=626357011&t=event&ni=0&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&dr=https%3A%2F%2Fmkto-sj130112.com%2F&ul=en-us&de=UTF-8&dt=All%20in%20One%20SEO%20Plugin%20Bug%20Threatens%203M%20Websites%20with%20Takeovers%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VISIBILITY&ea=elementVisibility%20%2F%20%5BHeader%5D%20%2F%20Social%20Networks%20View&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=2143096394.1642633457&tid=UA-35676203-21&_gid=1395045091.1642633457&gtm=2wg1c0PM29HLF&z=933258183
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 01:59:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75866
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
g
capi.connatix.com/rtb/ Frame 340B 		128 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c6c483679c45eb8eb879b3d17690dd23b9cf18de296dff1eab5af96c912f49c9

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
119
1_th.jpg
img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/94746258-4c66-44a3-96d3-e63c5552a1a9/ 		2 KB
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/94746258-4c66-44a3-96d3-e63c5552a1a9/1_th.jpg?crop=400:225,smart&width=400&height=225&format=jpeg&quality=60&fit=crop
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98d5f6e285ab8f7106a975b2a9cd09623e47618a24f0cdb9f7f6b1aeb4cb28f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
br
age
62181
etag
"Htt1sOOEfM9vaw4gTn1XyJ6udj75ufYD8YUBGrgNHGI"
access-control-max-age
86400
fastly-io-info
ifsz=22024 idim=2560x1440 ifmt=jpeg ofsz=1635 odim=400x225 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
497
adsct
t.co/i/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=dbace87a-0f75-4f80-8de7-3d79bd1c95bd&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
116
date
Wed, 19 Jan 2022 23:04:15 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
0f81e39ec3303e25ba5b177925eaafd208d8bf5e66a2263e4524435d6a0df35c
content-length
43
rules-p-_7kVx0t9Jqj90.js
rules.quantcount.com/ 		2 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-_7kVx0t9Jqj90.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:7400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:07:10 GMT
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
server
AmazonS3
age
3426
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-P2
content-length
2
x-amz-cf-id
ikUcUMIw5196KR_Esb1Y9Pi42-xJarX8mb-xwDQL5pQ8ghFNqRxH-A==
prebid4.43.0-4.js
cds.connatix.com/p/plugins/ Frame E3B9 		381 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
48690aaa6fff4d84b3d1de64a8ec77ed01ca244492e10fb776c794ba6c171639

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 15:13:51 GMT
age
3694219
etag
"e0908e656154cdf7c73f3852e04c6ceb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
105742
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&pr=https%3A%2F%2Fmkto-sj130112.com%2F&pid=TdWbidfOfAvOX&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22id%22%3A%22Amazon_400x225%22%2C%22mt%22%3A%22v%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.119.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-119-176.txl50.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
via
1.1 1b9454b38723d47cf9a28d1fb8f9546c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
TXL50-P4
x-amz-rid
KCYR3TXZMKKRVSMG57FZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
HuS8Xdws0xy0utH1ZlWaYHeX0XxvgexIhS-Mmgmq6lrzo22KrKBlVA==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ 		354 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:27:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143013
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 21:27:59 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-35676203-21&cid=2143096394.1642633457&jid=1679897913&gjid=100778639&_gid=1395045091.1642633457&_u=YEBAAEAAAAAAAC~&z=1339370075
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 19 Jan 2022 23:04:16 GMT
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
flipboard.svg
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/ 		236 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/flipboard.svg
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:17 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jan 2022 08:00:30 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"61e5221e-ec"
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
236
x-amz-cf-id
RW0sI1l3Dgk7PkVup8otduV-H6JMAQO3Xs9FA2oOZjxDKoz54rDcGA==
fontawesome-webfont.woff2
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=3a70a31c
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:17 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jan 2022 08:00:30 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"61e5221e-12d68"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
77160
x-amz-cf-id
O6ahE9RxrdfUq5eEeEq9nHWE49K7kkzRrzqeFoV0W6Zo_cVsTCay2A==
v1
geo.ipify.org/api/ 		385 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geo.ipify.org/api/v1?apiKey=at_riPAQYz3EiQ6JhsH05bmtozma13RA
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.140.160.2 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS
threatintelligenceplatform.com
Software
nginx /
Resource Hash
bc09f410bee268466a27e0c698d45192d5f24b6f099fe434ca49d045690857e4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
adsct
analytics.twitter.com/i/ 		31 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=dbace87a-0f75-4f80-8de7-3d79bd1c95bd&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
109
date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
server
tsa_o
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
d4a77dee6a073c249f8dc6b86f299ce69551c9812cbe31f21eaf310329679ffa
content-type
application/javascript;charset=utf-8
content-length
57
localstore.js
script.4dex.io/ 		483 B
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1166479
x-amz-request-id
tx405249188a46458ab6884-0061d5ef52
x-amz-id-2
tx405249188a46458ab6884-0061d5ef52
last-modified
Mon, 06 Dec 2021 11:00:36 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPBduzdtcnjXnEFFkbSH5jwJvSdnJVjd3YbsW6fOyGH%2FVHE3QSXPutn4LQqjyJ%2F%2BePZzEeiLVncBoz2ymZUp%2Bq0xGAqY5rZ1%2BYnFHfHmoFHbmMJ%2B17u1qlvNlnBuZwYpMaZXrO4ybvC89bgs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1638788436623244
cf-ray
6d03b382df125c6e-FRA
724.json
id5-sync.com/g/v2/ 		213 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/724.json
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.30 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p25.id5-sync.com
Software
/
Resource Hash
b63b05df40ae23c2665ab6476ebd97294cc65c20fdd10f244a0058efd6c7f96e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://threatpost.com
Date
Wed, 19 Jan 2022 23:04:16 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&pr=https%3A%2F%2Fmkto-sj130112.com%2F&pid=TdWbidfOfAvOX&cb=1&ws=1600x1200&v=7.72.0&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-6794670-2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-5%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-1%22%2C%22s%22%3A%5B%222x2%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-2x2-Skin%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.119.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-119-176.txl50.r.cloudfront.net
Software
Server /
Resource Hash
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
via
1.1 1b9454b38723d47cf9a28d1fb8f9546c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
TXL50-P4
x-amz-rid
PHBDKSQT8PH13P1XAESY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
TJDuu3zyHkcEhlDfbCmTUY30uTtaSfvy99zP7zNmTlFP5egk65LnoA==
724.json
id5-sync.com/g/v2/ 		213 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/724.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.30 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p25.id5-sync.com
Software
/
Resource Hash
85223b7d2dfd7fa6cd73957d17ee3fafdbc42a190f6d640867c15f03c5d074c2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://threatpost.com
Date
Wed, 19 Jan 2022 23:04:16 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame D05F 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 18 Jan 2022 13:03:17 GMT
expires
Wed, 18 Jan 2023 13:03:17 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
122460
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 340B 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 23:04:17 GMT
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame B8EA 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 18 Jan 2022 13:03:17 GMT
expires
Wed, 18 Jan 2023 13:03:17 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
122460
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame D61C 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 18 Jan 2022 13:03:17 GMT
expires
Wed, 18 Jan 2023 13:03:17 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
122460
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
playlist.m3u8
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/94746258-4c66-44a3-96d3-e63c5552a1a9/ Frame 340B 		309 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/94746258-4c66-44a3-96d3-e63c5552a1a9/playlist.m3u8?playerId=c2ecd04f-0dca-4ffa-8761-d93b34717380
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:16 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 05:46:29 GMT
age
62181
etag
"8a966507b13615ecdc1330a4bc9dcfe1"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
164
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35676203-21&cid=2143096394.1642633457&jid=1679897913&_u=YEBAAEAAAAAAAC~&z=353176250
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 23:04:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35676203-21&cid=2143096394.1642633457&jid=1679897913&_u=YEBAAEAAAAAAAC~&z=353176250
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 23:04:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 23:04:17 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1e7b16cf-6e08-4c7f-b091-4bc21a5a4c63
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v2
e.serverbid.com/api/ 		711 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
f4b064d961dd5c30917481f9cf22f400d352737e7dac10d70e574877eef1e8ea

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Wed, 19 Jan 2022 23:04:17 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
arj
teachingaids-d.openx.net/w/1.0/ 		174 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4ccb1d5c-0c5f-4228-8d3d-facfe48c5f58%2C4ccb1d5c-0c5f-4228-8d3d-facfe48c5f58%2Cf9caed23-12a1-4d9e-b15d-eeb2177bdfce%2C7e4f5148-2f57-4111-a98a-3a9264e0d2de%2C7e4f5148-2f57-4111-a98a-3a9264e0d2de&nocache=1642633457105&gdpr=0&x_gdpr_f=1&pubcid=a1936409-ad6f-4641-a220-cf35c86c99f8&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&aus=728x90%2C970x250%2C970x90%7C728x90%2C970x250%2C970x90%7C300x250%2C336x280%7C300x250%2C300x600%7C300x250%2C300x600&divids=div-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-3%2Cdiv-gpt-ad-6794670-5%2Cdiv-gpt-ad-6794670-5&aucs=%252F22404337467%252C21707124336%252Fthreatpost-970x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-970x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x600-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x600-ATF&auid=540932704%2C540932709%2C540932713%2C540932715%2C540932720
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
1370b13da66219a85a8027811e4524625cf9725d386044d73fb11c8f24611e5d

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 23:04:17 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
adreq
ads.servenobid.com/ 		548 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3152
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.35.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-35-12.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cd3767c9daaaaf6b31ba6dd8821d1cf09594ffdddb05a60b81d960aa4e2f44e9

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jan 2022 23:04:17 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://threatpost.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.27.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-27-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Wed, 19 Jan 2022 23:04:17 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.27.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-27-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Wed, 19 Jan 2022 23:04:17 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.27.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-27-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Wed, 19 Jan 2022 23:04:17 GMT
access-control-allow-credentials
true
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Wed, 19 Jan 2022 23:04:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 23:04:17 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5021ae90-0613-44d3-a096-0dc1ff5dbf78
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		858 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-970x250-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-970x250-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=4ccb1d5c-0c5f-4228-8d3d-facfe48c5f58&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5718585752405891
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
94dd5d2c4e96c302f4da738e884f4d1d9d8265eeb106342bd6528824cb568045

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 23:04:17 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
858
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=16&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-300x250-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-300x250-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=f9caed23-12a1-4d9e-b15d-eeb2177bdfce&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6841857973926646
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
16bb8f1eee3375926ff0a2fecbbe26359dd176a033c5240a3ab9d5f534783ba3

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 23:04:17 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
2066
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509506&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=7e4f5148-2f57-4111-a98a-3a9264e0d2de&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.21114314129041123
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
acd80d5c7d4b4a3a0499c709b4b6ab33775dcc12609a3fcd01d2f147cc52cabe

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 23:04:17 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
2065
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		856 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=7e4f5148-2f57-4111-a98a-3a9264e0d2de&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9829216462298591
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f48d1a48e8746f99640d95ca2fcae30fcc524c4683ccbd9aa25cdfd020ccb5bb

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 23:04:17 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
856
Expires
Wed, 17 Sep 1975 21:32:10 GMT
mvo
tag.1rx.io/rmp/216477/0/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216477/0/mvo?z=1r&hbv=5.17,2.1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Wed, 19 Jan 2022 23:04:17 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
prebid
mp.4dex.io/ 		99 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d75c8d8ba0a0e05e6512c2c99e06c8a6e955dff71ca14346f14a5879f94c895b

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
6d03b38368b1440d-FRA
pragma
no-cache
date
Wed, 19 Jan 2022 23:04:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Selecting bids. No selected bids
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
expires
0
bid
ap.lijit.com/rtb/ 		24 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.17.0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
ffa9323382775d03e73c72e5f407de16c340b5715bd45d7307c02d724d17081e

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 Jan 2022 23:04:17 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
cygnus
htlb.casalemedia.com/ 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438654&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2251a5a24b8a02ffe%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4%22%2C%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%22%2C%22domain%22%3A%22threatpost.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22threatpost.com%22%7D%2C%22keywords%22%3A%22Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%225.17.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225254081c4715ecc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2253d96466519c92b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2254e5feead125ac8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22sid%22%3A%221005%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d52f6fb22672fd1c607cf802a4824e280c302565d196aa9b24d5b3196600aacf

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 23:04:17 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.183], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Wed, 19 Jan 2022 23:04:17 GMT
auction
tlx.3lift.com/header/ 		19 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.17.0&referrer=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&tmax=1200&gdpr=false
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.28.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-28-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 23:04:17 GMT
x-auction-status
12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/ 		0
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Wed, 19 Jan 2022 23:04:17 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
220
vary
origin, Accept-Encoding
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_728x90-atf&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
fad9945962349c74c3f7af47f6d3b52e1852d9b9f37278cedbf7150ecd5c606a

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jan 2022 23:04:17 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_300x250-atf&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
59675799bcc8ff04c6a9b54da3df7f7fa588b910cf29d69585e98052cc405e8e

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jan 2022 23:04:17 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_300x600-atf&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e1d1b72ffd60bc5b1170724c2d792e8f22cff0a802a5a88a3a801ad2259ef41a

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jan 2022 23:04:17 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://threatpost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://threatpost.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1603
date
Wed, 19 Jan 2022 23:04:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame E3B9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=AdUn-HxoK3RaZWJ0ZDBRUUZzU3Fhek1yTEhQU0hYVDlZZG5xcjg1OHZ5VlJzS0FaL0RhWFBMY1ZsTlZRcW5lQ0cva1o5Zm0yelljd3FNdHR1bHphUE1UR3ZNRWtJMThjcEo2Zzd3RWxSc3h0SUlGZy9xMHdxbjAyNEh4R2...
345 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=AdUn-HxoK3RaZWJ0ZDBRUUZzU3Fhek1yTEhQU0hYVDlZZG5xcjg1OHZ5VlJzS0FaL0RhWFBMY1ZsTlZRcW5lQ0cva1o5Zm0yelljd3FNdHR1bHphUE1UR3ZNRWtJMThjcEo2Zzd3RWxSc3h0SUlGZy9xMHdxbjAyNEh4R2hpdzVFT29YeVVVOGt4Vk95cDg5TjNaNXk0WnFUMjhBUktFZzIwTUMyT1BZK0FLemxBdUxaS1ZuOWVZRmw5b09HL1BCcjNOcjIxWnFwRStXcXA2ZzBydnhMSFAxUmU1d202aUdtb0paRklJVkJKWDdZK1RBPXw&cppv=2
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ba872cb8a805aa859fc6258f14e14c57ecd008a630b4154240b004ed9b6a677a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 23:04:17 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2141
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 23:04:16 GMT
location
https://mug.criteo.com/sid?cpp=AdUn-HxoK3RaZWJ0ZDBRUUZzU3Fhek1yTEhQU0hYVDlZZG5xcjg1OHZ5VlJzS0FaL0RhWFBMY1ZsTlZRcW5lQ0cva1o5Zm0yelljd3FNdHR1bHphUE1UR3ZNRWtJMThjcEo2Zzd3RWxSc3h0SUlGZy9xMHdxbjAyNEh4R2hpdzVFT29YeVVVOGt4Vk95cDg5TjNaNXk0WnFUMjhBUktFZzIwTUMyT1BZK0FLemxBdUxaS1ZuOWVZRmw5b09HL1BCcjNOcjIxWnFwRStXcXA2ZzBydnhMSFAxUmU1d202aUdtb0paRklJVkJKWDdZK1RBPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1623
content-length
482
expires
0
mvo
tag.1rx.io/rmp/216476/0/ Frame E3B9 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216476/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Wed, 19 Jan 2022 23:04:17 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/233098/0/ Frame E3B9 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/233098/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Wed, 19 Jan 2022 23:04:17 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
translator
hbopenbid.pubmatic.com/ Frame E3B9 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Wed, 19 Jan 2022 23:04:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
teachingaids-d.openx.net/v/1.0/ Frame E3B9 		106 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=40ad4b51-1fb6-4da1-b21f-0e0cf1a098a0&nocache=1642633457190&gdpr=0&pubcid=65c80f87-d2f3-44af-831c-c97f560e5f97&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22skippable%22%3Atrue%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B5%2C2%2C3%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%7D%7D%5D%7D&auid=540882779&vwd=400&vht=225
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 23:04:17 GMT
via
1.1 google
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame E3B9 		36 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?t=900&s=435871&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%229b69e8c4b526fa%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221016062b19cd9ac%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435871%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e6106a7c3a48e94b31987e801216b829e60e67334932e2389cbc94182f1e30c2

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 23:04:17 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.183], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Wed, 19 Jan 2022 23:04:17 GMT
c
prebid.a-mo.net/a/ Frame E3B9 		0
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Wed, 19 Jan 2022 23:04:16 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
159
vary
origin, Accept-Encoding
avjp
teachingaids-d.openx.net/v/1.0/ Frame E3B9 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=52788d85-efe5-40c9-ba16-b19feda0e35f&nocache=1642633457198&gdpr=0&pubcid=65c80f87-d2f3-44af-831c-c97f560e5f97&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22skippable%22%3Atrue%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B5%2C2%2C3%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%7D%7D%5D%7D&auid=540882778&vwd=400&vht=225
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 23:04:17 GMT
via
1.1 google
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame E3B9 		19 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 23:04:17 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
607fd4a9-578a-4878-a7c2-4d5a1f38b19d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/216475/0/ Frame E3B9 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216475/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Wed, 19 Jan 2022 23:04:17 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
openrtb
ads.adaptv.advertising.com/rtb/ Frame E3B9 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.249.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-249-59.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame E3B9 		19 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 23:04:17 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b319ea08-19ef-41ee-b905-0a9a84a4261c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/233148/0/ Frame E3B9 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/233148/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Wed, 19 Jan 2022 23:04:17 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
translator
hbopenbid.pubmatic.com/ Frame E3B9 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Wed, 19 Jan 2022 23:04:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame E3B9 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?t=900&s=435870&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2227ba3e1a991af38%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%2C%22rid%22%3A%22e138887d-6776-4657-bc64-dbb7cb982a59%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22282287734118bfd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435870%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ee378f088c9c89c907f7f7e99a275403ded218c6b0893a2344ae9693956b7318

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 23:04:17 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.183], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Wed, 19 Jan 2022 23:04:17 GMT
pixel;r=1524834018;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1524834018;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4;ref=https%3A%2F%2Fmkto-sj130112.com%2F;uht=2;fpan=1;fpa=P0-659584342-1642633457218;pbc=65c80f87-d2f3-44af-831c-c97f560e5f97;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;us_privacy=1---;d=threatpost.com;je=0;sr=1600x1200x24;dst=0;et=1642633457218;tzo=0;ogl=image.https%3A%2F%2Fmedia%252Ethreatpost%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F103%2F2019%2F01%2F28092447%2Fwordp%2Ctype.article%2Ctitle.All%20in%20One%20SEO%20Plugin%20Bug%20Threatens%203M%20Websites%20with%20Takeovers%2Cdescription.A%20critical%20privilege-escalation%20vulnerability%20could%20lead%20to%20backdoors%20for%20admin%20%2Curl.https%3A%2F%2Fthreatpost%252Ecom%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 23:04:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 80F0 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 20 Jan 2022 00:00:17 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A2FD 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 20 Jan 2022 00:00:17 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B8D5 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 20 Jan 2022 00:00:17 GMT
0.m3u8
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/94746258-4c66-44a3-96d3-e63c5552a1a9/ Frame 340B 		663 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/94746258-4c66-44a3-96d3-e63c5552a1a9/0.m3u8?playerId=c2ecd04f-0dca-4ffa-8761-d93b34717380
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bd6ad264bc914f8fcea212e33572550a92849e68189dc1706e7ccd600a0c3407

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:17 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 05:46:29 GMT
age
62181
etag
"52a81212f888684581d939c671dd5986"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
263
adagio.js
script.4dex.io/ 		71 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1166037
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx56f6954d69344d85a3796-0061adeed0
x-amz-id-2
tx56f6954d69344d85a3796-0061adeed0
last-modified
Mon, 06 Dec 2021 11:00:35 GMT
server
cloudflare
etag
W/"d56fadf5a52703aee9982c415a17065a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnweAq%2ByEfzseQ0nylR5qR8ArvYUHk1H%2FoQNyT7bS0P7Odwr8r5dLptRuVT%2FvAktygUYFShVtJSDfjg3eEQZQjTfNv41DFkyMH%2ByPMvIxTx45wy4DC8RGR21BcvSKabaplhSGQO7ch1Rsmgk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1638788435319991
cf-ray
6d03b3846f942bb9-FRA
access-control-allow-headers
Authorization
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/94746258-4c66-44a3-96d3-e63c5552a1a9/ Frame 340B 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/94746258-4c66-44a3-96d3-e63c5552a1a9/0.mp4?playerId=c2ecd04f-0dca-4ffa-8761-d93b34717380
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c8719b240cc0d18a2ed0d39c4bd27c24a6ae27dd871bfaedb9322093464f170c

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-1361

Response headers

date
Wed, 19 Jan 2022 23:04:17 GMT
last-modified
Wed, 19 Jan 2022 05:46:29 GMT
age
62179
etag
"55861216c86dbf2f470b7211b403dae5"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1361/5517670
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1362
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=AdUn-HxoK3RaZWJ0ZDBRUUZzU3Fhek1yTEhQU0hYVDlZZG5xcjg1OHZ5VlJzS0FaL0RhWFBMY1ZsTlZRcW5lQ0cva1o5Zm0yelljd3FNdHR1bHphUE1UR3ZNRWtJMThjcEo2Zzd3RWxSc3h0SUlGZy9xMHdxbjAyNEh4R2hpdzVFT29YeVVVOGt4Vk95cDg5TjNaNXk0WnFUMjhBUktFZzIwTUMyT1BZK0FLemxBdUxaS1ZuOWVZRmw5b09HL1BCcjNOcjIxWnFwRStXcXA2ZzBydnhMSFAxUmU1d202aUdtb0paRklJVkJKWDdZK1RBPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1095
date
Wed, 19 Jan 2022 23:04:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/94746258-4c66-44a3-96d3-e63c5552a1a9/ Frame 340B 		652 KB
653 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/94746258-4c66-44a3-96d3-e63c5552a1a9/0.mp4?playerId=c2ecd04f-0dca-4ffa-8761-d93b34717380
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36e27d1f821eb620ccfd5d9ec66cb024e06bea90ae236d8feed6d69dc80281f1

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=1362-669339

Response headers

date
Wed, 19 Jan 2022 23:04:17 GMT
last-modified
Wed, 19 Jan 2022 05:46:29 GMT
age
62179
etag
"55861216c86dbf2f470b7211b403dae5"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 1362-669339/5517670
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
667978
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/94746258-4c66-44a3-96d3-e63c5552a1a9/ Frame 340B 		606 KB
606 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/94746258-4c66-44a3-96d3-e63c5552a1a9/0.mp4?playerId=c2ecd04f-0dca-4ffa-8761-d93b34717380
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9b20a31b2e9397cda14bd570eab10a92d7757f1f93a387545183194f7feb6992

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=669340-1289565

Response headers

date
Wed, 19 Jan 2022 23:04:17 GMT
last-modified
Wed, 19 Jan 2022 05:46:29 GMT
age
62179
etag
"55861216c86dbf2f470b7211b403dae5"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 669340-1289565/5517670
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
620226
mq
capi.connatix.com/tr/ Frame 340B 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/mq?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 23:04:17 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
ps
capi.connatix.com/tr/ Frame 340B 		0
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 23:04:17 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
integrator.js
adservice.google.se/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.se/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 23:04:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 23:04:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3410283384016817&correlator=451575875111120&output=ldjh&impl=fifs&eid=31061814%2C31064027%2C31064136&vrg=2022011002&ptt=17&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&sc=1&sfv=1-0-38&ecs=20220119&iu_parts=22404337467%3A21707124336%2Cthreatpost-970x250-ATF%2Cthreatpost-300x250-ATF%2Cthreatpost-300x600-ATF%2Cthreatpost-2x2-Skin%2Cthreatpost-AdX-Interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C336x280%2C300x250%7C300x600%2C2x2%2C1x1&ists=1&fas=0%2C0%2C0%2C0%2C8&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_adid_rubicon%3D68022d2c398e6d1%26hb_bidder_rubicon%3Drubicon%26dyn_bids%3D0.26%26hb_adid%3D68022d2c398e6d1%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26hb_adid_rubicon%3D69b5e1fc679499c%26hb_bidder_rubicon%3Drubicon%26dyn_bids%3D0.19%26hb_adid%3D69b5e1fc679499c%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%7C&eri=1&cust_params=urlhost%3Dhttps%253A%252F%252Fthreatpost.com%252F%26urlpath%3D%252Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%252F177240%252F%26urlquery%3Dgoogfc%26contentid%3D177240%26category%3Dvulnerabilities%26contenttags%3D&cookie_enabled=1&bc=31&abxe=1&dt=1642633457693&lmt=1642633457&dlt=1642633455221&idt=1451&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C1082%2C1082%2C0%2C-9&adys=8%2C166%2C1206%2C8%2C-9&adks=4166723991%2C1414505084%2C1356251026%2C3771495681%2C2643643476&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&ref=https%3A%2F%2Fmkto-sj130112.com%2F&vis=1&scr_x=0&scr_y=0&psz=728x0%7C300x0%7C300x0%7C1600x0%7C0x-1&msz=728x0%7C300x0%7C300x0%7C1600x0%7C0x-1&ga_vid=2143096394.1642633457&ga_sid=1642633458&ga_hid=626357011&ga_fc=true&fws=0%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064136
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a541215d29494d4a864f8d4ce705e1064cd360243e0e72a9da815faabe15f697
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11351
x-xss-protection
0
google-lineitem-id
5794235746,5697900465,5697900660,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138364956664,138350331420,138350694268,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011002&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064136
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
28769dabb484cce68b2e59e9a870b1415e19e023d3cd27f248d1fe7a85a52b47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 23:04:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9195
x-xss-protection
0
container.html
bdfdb78263003bdb71a7b35e2f77bf9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 68CE 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bdfdb78263003bdb71a7b35e2f77bf9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 19 Jan 2022 23:04:17 GMT
expires
Thu, 19 Jan 2023 23:04:17 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2022011002.js
securepubads.g.doubleclick.net/gpt/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022011002.js?cb=31064136
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064136
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
5132d372cb173a8a03581054f07b694cf11fbdce25ca75e0b9676abeecd101f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 20:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12969
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 21:10:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Jan 2023 20:32:23 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 23:04:17 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8E20 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 19 Jan 2022 22:42:25 GMT
expires
Thu, 19 Jan 2023 22:42:25 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
1313
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4C97 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7f7e33176ed23a9a8f7e9e630ae96de68440617afcbb44a7968fc66b126087d1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DRdZUqW8q4+10et+5Eh1pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 19 Jan 2022 23:04:18 GMT
date
Wed, 19 Jan 2022 23:04:18 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-DRdZUqW8q4+10et+5Eh1pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bl-0af0356-00265970.js
tagan.adlightning.com/math-aids-threatpost/ Frame 6475 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-00265970.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-46.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10ac6502b2c5a4627156951838e56e9cd0a1b0b797d4a36249a878959ee4d281

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 19:17:18 GMT
content-encoding
gzip
age
13621
x-cache
Hit from cloudfront
content-length
21423
x-amz-meta-git_commit
0af0356
last-modified
Wed, 19 Jan 2022 18:31:19 GMT
server
AmazonS3
etag
"f968c40458faaeb101eb287ec0f05bb0"
x-amz-version-id
zlyH7A3HVGlPnviR1SfZn9jP4Ck1BpFa
via
1.1 0cd2c3fbaf7659321a893cd5ab933aa4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
gYdPXPzRcGT7CTFcPM1VB9XQ43gGTZqTzNupT1ZxCOgqIoncDYQvdA==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ Frame 6475 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-46.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 20:58:51 GMT
content-encoding
gzip
age
9511528
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 0cd2c3fbaf7659321a893cd5ab933aa4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
dEA5lwJ1fu2asZg8OI1lnsoTgr_7ySby85Hr5lZsm0X6QurD88K4iQ==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 6475 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
875be74e11cce369f11d3a223b461315e6bac8284e16d337eab1840d663fc233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52546
x-xss-protection
0
server
cafe
etag
6726456109355517178
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 23:04:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6475 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 23:04:18 GMT
bl-0af0356-00265970.js
tagan.adlightning.com/math-aids-threatpost/ Frame 1640 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-00265970.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-46.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10ac6502b2c5a4627156951838e56e9cd0a1b0b797d4a36249a878959ee4d281

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 19:17:18 GMT
content-encoding
gzip
age
13621
x-cache
Hit from cloudfront
content-length
21423
x-amz-meta-git_commit
0af0356
last-modified
Wed, 19 Jan 2022 18:31:19 GMT
server
AmazonS3
etag
"f968c40458faaeb101eb287ec0f05bb0"
x-amz-version-id
zlyH7A3HVGlPnviR1SfZn9jP4Ck1BpFa
via
1.1 0cd2c3fbaf7659321a893cd5ab933aa4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
PBvJ6sPXtVf3Z6Jm8ZW_FPOEivefm2glrKBcx1F5dG1G4fA9W7yyCA==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ Frame 1640 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-46.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 20:58:51 GMT
content-encoding
gzip
age
9511528
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 0cd2c3fbaf7659321a893cd5ab933aa4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
mwOoxboOY3IeGQF4K5Pjd3ELIi6WzES0pQuVcyj9mqMYCKvD3LCl6g==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1640 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 23:04:18 GMT
bl-0af0356-00265970.js
tagan.adlightning.com/math-aids-threatpost/ Frame ACEF 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-00265970.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-46.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10ac6502b2c5a4627156951838e56e9cd0a1b0b797d4a36249a878959ee4d281

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 19:17:18 GMT
content-encoding
gzip
age
13621
x-cache
Hit from cloudfront
content-length
21423
x-amz-meta-git_commit
0af0356
last-modified
Wed, 19 Jan 2022 18:31:19 GMT
server
AmazonS3
etag
"f968c40458faaeb101eb287ec0f05bb0"
x-amz-version-id
zlyH7A3HVGlPnviR1SfZn9jP4Ck1BpFa
via
1.1 0cd2c3fbaf7659321a893cd5ab933aa4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
hUm3jC5w4IMhutu8Mpc82HbaZp4T-KgbCR0m9LU-IvewkRIzL8CnwQ==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ Frame ACEF 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-46.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 20:58:51 GMT
content-encoding
gzip
age
9511528
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 0cd2c3fbaf7659321a893cd5ab933aa4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
tx_JStBR4tJTpxAuL68BulcHe5cqfco6iMXGZ3cLKW388kN5PjlJKA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ACEF 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 23:04:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6475 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstesVJDESoFmUlHd6ZzwiIsQc4zOJ-MPv1DHZdZ6UZRTtmjZLWS3zUkeY1k6hp2YhG9gVzqxvrRFbsmeueZILDCtdLk9GoEQ8dHQ2ETZ3FgVoGWvcC03zRNB43p73siAtI6_wEMrKZt5FrmSvNc4n0wWxZy4dYqzxM1YoXZkWO-SxtnbOseBOqMYLIwHN_q3rZMjoEsbe6A1ahofgSGGKczFyXuM_hp1EDmRDMR9aPYhjc87tZDlmALWpaqL7ppARsmeOeQyOWPx8kVqjQ0T54nDPAtnRaZqKLzANgxwQeuoRfhcujkuGcFmhzhlwOAUf8FqxQp&sai=AMfl-YQTmQQebMDRTLl80C4xQTHcrOfrN0Kc2zJ98RG-Nj3_BhxJxOzlJWxoepL96GR1PACRb6ZHvgMlraqTNj1W3tkALkFXC6xAt4oMZPBc2-mii0mBOsSuEUfIkgOFYsT7&sig=Cg0ArKJSzKPKX_i39WRTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 23:04:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 19 Jan 2022 23:04:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1640 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-wchinU1HUyuMAdflCadvBui180COZEIni6-CffbMEQ1LmoAURtXlz7CgkjDdt7UWl8wQDZOM0Zx_-YuBVcVDXkP1n9Ej4HTM1LzF8Y-8sWxG5DDAtHG4kIfpLDy8JiGDIIE1q8KKPCq2jcYSl_lNehEMKxayCFtVNKv7ZoocxbxLScRKQlnXKWAdnLU8bktyiFdPqfP3zR4brngVY6RpitbWB1gsimzQ-OGGmxrqGwMYUYIYrleB_cHDXZ8emg5h6Q4--beJY-xPp2yJWTsccytOCBMX7cIVaEZmzE3h7vgOX6W9sZve3zZoYjvSA-ilgYgGAQ&sai=AMfl-YRkQG26ahdVJgbz-2KAq7Afd53Se4nfTrKXy5EYUhHM6aerw8sX_81dGG0L1rMu8IjZxDNdvGi0jeWmF5XoxYHvPkBMKabObjTOnSrja-v4wUrjpgu5hG6uChVN4-qM&sig=Cg0ArKJSzMRnvBdwTQO3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 23:04:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
js
tags.mathtag.com/notify/ Frame 1640 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT1dFMU9UYzBNbUl0WkdaaE5pMWlZekppTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MzM1MDI1ODMyOTE2NjAyNTAvOTY5NjA0NC85OTY4MjAyLzkvYlFyZVpXbG5LZjBpNXd1SHF5TjRUT3piM2hMUWc5bzM1YXNtMjh4S0Jlay8xLzkvMC8wLzE3NjQwNzUvMC8yMjY1ODkvMTA0MTgwMi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzE2MzM1MDI1ODMyOTE2NjAyNTAvYW1zLzAvNTY0Mi83Lzk5OS8yLzIwMDE6MWI2MDoxMDEwOjovMC4wMDAvMTY0MjYzMzQ1Ny8xNjQyNjM3MDU3LzkvMTkyNTQv/O3rFBNFYdZGxsbhRFf9IvCGfmxQ&nodeid=1602&group=cdg&auctionid=1633502583291660250&shardkey=1633502583291660250&sid=9968202&cid=9696044&bp=a_cfjjig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.135&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F3921dc64-bfe0-4e68-afd1-2530812e3f77%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 -, , ASN (),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
22af7db2f75c9eda77731a6a748f46f0e4e1df7d3ce046be355d8e1feda95335

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:18 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1642633457
Last-Modified
Wed, 19 Jan 2022 23:04:17 GMT
Server
MMBD/3.300.0
x-mm-latency
1 (1)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
cdg-router-x99, cdg-bidder-x129
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Wed, 19 Jan 2022 23:04:17 GMT
3921dc64-bfe0-4e68-afd1-2530812e3f77
beacon-fra2.rubiconproject.com/beacon/d/ Frame 1640 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/3921dc64-bfe0-4e68-afd1-2530812e3f77?oo=0&accountId=19254&siteId=300372&zoneId=1509502&sizeId=15&e=6A1E40E384DA563BC5363069B7D6AAB5F302D1FF8C443CEBDF98E506F863984078955928F488ED3BE3A8CEE422A72D686D748C0D8D7FAA2241B835F3E8C8A9B4B5D87CB780E618D26418C72BD9F7D374B6D123DDCF201A9C96B8BA4E21FD762683C71DA96BC8FFF8384711E99B631E296982FD864E4382D15703CD32B5FF0D9C52F2556DBCA7D8C29C7CC3EE3035B1EE7F5112834CECE4FEA35487D28B86E9328F9B084446AD5D7E60A07B37CEFFD74107F5011102C0F5AC
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::154 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 23:04:17 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
ck-confirm
tags.mathtag.com/ Frame 1640
Redirect Chain
  • https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT1dFMU9UYzBNbUl0WkdaaE5pMWlZekppTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MzM1MDI1ODMyOTE2NjAyNTAvOTY5NjA0NC85OTY4MjAyLzkvYlFyZV...
  • https://tags.mathtag.com/ck-confirm?bid_id=1633502583291660250&node_id=1602&exch_id=9
49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=1633502583291660250&node_id=1602&exch_id=9
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
HTTP/1.1
Server
185.29.134.249 -, , ASN (),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:18 GMT
Server
MMBD/3.300.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x29, cdg-bidder-x129
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 19 Jan 2022 23:04:17 GMT

Redirect headers

Date
Wed, 19 Jan 2022 23:04:18 GMT
x-mm-bid-request-time
1642633457
Last-Modified
Wed, 19 Jan 2022 23:04:17 GMT
Server
MMBD/3.300.0
x-mm-latency
1 (0)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://tags.mathtag.com/ck-confirm?bid_id=1633502583291660250&node_id=1602&exch_id=9
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
cdg-router-x86, cdg-bidder-x129
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Keep-Alive
timeout=360
Content-Length
85
Expires
Wed, 19 Jan 2022 23:04:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ACEF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvro_23bsYv1f0zZ59bNJzt6LKsXRj0x3hsxWGBmlD0ftKb3VV-UXQDibUpe-xl53I7PwwNOCl1lN_P7vV0l2OXcQzjMyhqOF6hnPBjSNAPFDyj1GJ9nd5OMaENaQPQznGkyjIl72Pp7o52fOuLZUbvBktD_T6GOQlin0RPLqs-U2A8IEs_ZPwJUn2BINzKENOMkE-ezmFyDdX-vgaeqQEgpvj95A4OwGToE9Etov6dW_DwEuILEXcXoVF5yDpCwHm6arLkuTHijdSzi-J3wtHIHjaLkncPkZYl551vN36STsGk_EiK6AYDO8KslVRb0f4EhC63Rw&sai=AMfl-YTYiHEc-GjUix6s5fiqKJVTrnS4Rx22MUxLLg0XqE49TYcrQL840BgPb3XjBCBiDwAzq_l92zzZ4CQ6PfEj8yoSzUgyz6D88jT15YzblIOuNTIsV0O3e7-L34C2zdCh&sig=Cg0ArKJSzFrxuZPicyoqEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: threatpost.com
URL: https://threatpost.com/all-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers/177240/?utm_source=marketo&utm_medium=email&utm_campaign=newsletter-january-2022&mkt_tok=MDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 23:04:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
js
tags.mathtag.com/notify/ Frame ACEF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT1RRMU1tSTRNRFl0T1dVMk1pMDVOV013TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NTEwMzE2MTA5MzI4Mzc5MzIvOTY5MDAzMi85OTU1OTkzLzkvWmRkM1h2Nkpnc0QyYXhNbGpOWUx5SUVYSmxaNjhlUUN0U0xZY2xZeGVqay8xLzkvMC8wLzE3MzQ5NDUvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzg1NTEwMzE2MTA5MzI4Mzc5MzIvenJoLzAvODY1Ny83Lzk5OS8yLzIwMDE6MWI2MDoxMDEwOjovMC4wMDAvMTY0MjYzMzQ1Ny8xNjQyNjM3MDU3LzkvMTkyNTQv/pvqedmesgksoxOiSFPRiGie44J8&nodeid=1613&group=zrh&auctionid=8551031610932837932&shardkey=8551031610932837932&sid=9955993&cid=9690032&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.134&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F2d910ada-f883-42de-8731-ebd0e6aa7221%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 -, , ASN (),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
5aa165ca85f853a082859e232c25d3ea93b3b3e687482ab2966b99be38ba6949

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:18 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1642633457
Last-Modified
Wed, 19 Jan 2022 23:04:17 GMT
Server
MMBD/3.300.0
x-mm-latency
13 (0)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
cdg-router-x42, zrh-bidder-x124
Connection
close
Expires
Wed, 19 Jan 2022 23:04:17 GMT
2d910ada-f883-42de-8731-ebd0e6aa7221
beacon-fra2.rubiconproject.com/beacon/d/ Frame ACEF 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/2d910ada-f883-42de-8731-ebd0e6aa7221?oo=0&accountId=19254&siteId=300372&zoneId=1509506&sizeId=10&e=6A1E40E384DA563BC00A0D4EF96604634BF24536BC38FF829EE8E01FBD3B1AF7F06B6FA644E95774D832904FD2380F5E6D748C0D8D7FAA22CD9B486B37C2CF18B5D87CB780E618D26418C72BD9F7D374B6D123DDCF201A9C8A63E4E2B7DB91850C35459599C5EC06384711E99B631E29D09D7B852B65E856BFD5E3B92AA5AA1952F2556DBCA7D8C289DCC8171118B34DB29EF0A3375B1803D436C2995177F19056EF5F17893687CCE89CD7B4FFFCA78BB78EC245CD09C95D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::154 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 23:04:17 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
img
tags.mathtag.com/notify/ Frame ACEF 		49 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT1RRMU1tSTRNRFl0T1dVMk1pMDVOV013TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NTEwMzE2MTA5MzI4Mzc5MzIvOTY5MDAzMi85OTU1OTkzLzkvWmRkM1h2Nkpnc0QyYXhNbGpOWUx5TDMtT25PcTUzSllVbW91LVUwQ3dQVS8xLzkvMC8wLzE3MzQ5NDUvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzg1NTEwMzE2MTA5MzI4Mzc5MzIvenJoLzAvODY1Ny83Lzk5OS8yLzIwMDE6MWI2MDoxMDEwOjovMC4wMDAvMTY0MjYzMzQ1Ny8xNjQyNjM3MDU3LzkvMTkyNTQv/FdmwxdghDIJYFVI-gQvgXiOsEeY&nodeid=1613&group=zrh&auctionid=8551031610932837932&shardkey=8551031610932837932&sid=9955993&cid=9690032&price=6ED78E7AC106BBA4&bp=a_bjbbgg&nfy_act=LD5wfn0&type=burl&client=c2s&src=imp&bfip=185.29.135.134
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 -, , ASN (),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:18 GMT
x-mm-bid-request-time
1642633457
Last-Modified
Wed, 19 Jan 2022 23:04:17 GMT
Server
MMBD/3.300.0
x-mm-latency
44 (1)
Content-Type
image/gif
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
cdg-router-x86, zrh-bidder-x124
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 19 Jan 2022 23:04:17 GMT
truncated
/ Frame 6475 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d689b030bcc440cfbfb9db4c9b0d585f0427a4f8021950db23cb9ca1ce44ead3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
ao
capi.connatix.com/tr/ Frame 340B 		0
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 23:04:18 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
sv
capi.connatix.com/tr/ Frame 340B 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sv?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 23:04:18 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
sodar
pagead2.googlesyndication.com/pagead/ Frame 4C97 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011002&jk=3410283384016817&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201130101/ Frame 6475 		284 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7500593236707325&plah=threatpost.com&bust=31064116
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
0473c2ed9c7281af9444663ce2c7294380249aabd512f5457f3acd26d181ab11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104643
x-xss-protection
0
server
cafe
etag
14899107033066869476
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 23:04:18 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220118/r20190131/ Frame 9FEB 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220118/r20190131/zrt_lookup.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Wed, 19 Jan 2022 15:36:19 GMT
expires
Wed, 02 Feb 2022 15:36:19 GMT
cache-control
public, max-age=1209600
age
26879
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
0waha4ezfhrk
hal9000.redintelligence.net/zone/ Frame 1640 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/0waha4ezfhrk?subid=&gdpr=0&gdpr_consent=&rnd=1633502583291660250&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ruc&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D42df5c7ed92c61f4b30428536d3dd65745f8b72c_15%26mt_aid%3D1633502583291660250%26mt_id%3D9696044%26mt_adid%3D226589%26mt_sid%3D9968202%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df32061e8-98f2-4a01-bec5-513d467dd22f%26mt_cid%3Df32061e8-98f2-4a01-bec5-513d467dd22f%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F3921dc64-bfe0-4e68-afd1-2530812e3f77%2F%26redirect%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
2e90b27e02413c29e70760462cfefa4c1fa5877b0ef9329f22b3cd8ce0e047b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2961
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 1640 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=1633502583291660250&node_id=1602&exch_id=9
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 -, , ASN (),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:18 GMT
Server
MMBD/3.300.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x27, cdg-bidder-x129
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 19 Jan 2022 23:04:17 GMT
img
pixel.mathtag.com/event/ Frame 1640 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=1633502583291660250&v3=1041802&v4=9968202&v5=9696044&mt_nsync=1&no_attr=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 -, , ASN (),
Reverse DNS
Software
MT3 4133 baa842e master zrh-pixel-x15 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:18 GMT
Server
MT3 4133 baa842e master zrh-pixel-x15 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 23:04:17 GMT
img
tags.mathtag.com/event/ Frame 1640 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=1633502583291660250&st=9968202&time=1642633458&nodeid=1602
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 -, , ASN (),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:18 GMT
Server
MMBD/3.300.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x83, cdg-bidder-x129
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 19 Jan 2022 23:04:17 GMT
qdxf4l9d1c32
hal9000.redintelligence.net/zone/ Frame ACEF 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/qdxf4l9d1c32?subid=&gdpr=0&gdpr_consent=&rnd=8551031610932837932&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ruc&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4c7191ff46ab720e2850059289fe9fd0f31b724c_10%26mt_aid%3D8551031610932837932%26mt_id%3D9690032%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df32061e8-98f2-4a01-bec5-513d467dd22f%26mt_cid%3Df32061e8-98f2-4a01-bec5-513d467dd22f%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F2d910ada-f883-42de-8731-ebd0e6aa7221%2F%26redirect%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
4c04a0f751336b1199d443f9e691679c84ffd4133978e8d9d178118cf609c16b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2957
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
pixel.mathtag.com/event/ Frame ACEF 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=8551031610932837932&v3=1040879&v4=9955993&v5=9690032&mt_nsync=1&no_attr=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 -, , ASN (),
Reverse DNS
Software
MT3 4133 baa842e master zrh-pixel-x26 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:18 GMT
Server
MT3 4133 baa842e master zrh-pixel-x26 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 23:04:17 GMT
img
tags.mathtag.com/event/ Frame ACEF 		49 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=8551031610932837932&st=9955993&time=1642633458&nodeid=1613
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 -, , ASN (),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:18 GMT
Server
MMBD/3.300.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x103, zrh-bidder-x124
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 19 Jan 2022 23:04:17 GMT
js
sync.mathtag.com/sync/ Frame ACEF 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 -, , ASN (),
Reverse DNS
Software
MT3 4133 baa842e master zrh-pixel-x13 config:1.0.0 /
Resource Hash
b76a960cf035ffc837e4917f25665bd5736c1e838729a3f47cd3432d7029cd32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 23:04:18 GMT
Content-Encoding
gzip
Server
MT3 4133 baa842e master zrh-pixel-x13 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Type
text/javascript
Expires
Wed, 19 Jan 2022 23:04:17 GMT
RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
pagead2.googlesyndication.com/bg/ Frame 8E20 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 10:24:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
45583
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13497
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 10:24:35 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 6475 		12 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=threatpost.com&callback=_gfp_s_&client=ca-pub-7500593236707325&cookie=ID%3Dd8b0113cd16a440b-220438b525cd0053%3AT%3D1642633457%3AS%3DALNI_Mag96czHnsdTZtSGakyfUioqwId9g
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 6475 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 23:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6475 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 23:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CE22 		0
0
request.php
hal90006.redintelligence.net/ Frame 1640
Redirect Chain
  • https://hal90006.redintelligence.net/request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=3f93b3dddb&subid=&uid=e3b39de9338b9439&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90006.redintelligence.net/request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=3f93b3dddb&subid=&uid=e3b39de9338b9439&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
0
0
request.php
hal900016.redintelligence.net/ Frame ACEF
Redirect Chain
  • https://hal900016.redintelligence.net/request.php?zone=qdxf4l9d1c32&nw=20&renderingType=javascript&namespace=996a96078c&subid=&uid=bb6b0a4387c25f39&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900016.redintelligence.net/request.php?zone=qdxf4l9d1c32&nw=20&renderingType=javascript&namespace=996a96078c&subid=&uid=bb6b0a4387c25f39&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
0
0
generate_204
tpc.googlesyndication.com/ Frame 8E20 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6Iu2LQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 23:04:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=90&slotname=7759284332&adk=4262696766&adf=776186318&pi=t.ma~as.7759284332&w=728&psa=0&format=728x90&url=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642633458709&bpp=5&bdt=660&idt=91&shv=r20220118&mjsv=m202201130101&ptt=9&saldr=aa&cookie=ID%3Dd8b0113cd16a440b-220438b525cd0053%3AT%3D1642633457%3AS%3DALNI_Mag96czHnsdTZtSGakyfUioqwId9g&correlator=2621351465045&frm=23&ife=4&pv=2&ga_vid=2143096394.1642633457&ga_sid=1642633459&ga_hid=679952921&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=8&biw=1600&bih=1200&isw=728&ish=90&ifk=3256183738&scr_x=0&scr_y=0&eid=44753738%2C31064116%2C31064125&oid=2&pvsid=4116688331418487&pem=552&tmod=384196052&nvt=1&ref=https%3A%2F%2Fmkto-sj130112.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8i4t18lf66zn&fsb=1&dtd=114
Domain
hal90006.redintelligence.net
URL
https://hal90006.redintelligence.net/request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=3f93b3dddb&subid=&uid=e3b39de9338b9439&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D42df5c7ed92c61f4b30428536d3dd65745f8b72c_15%26mt_aid%3D1633502583291660250%26mt_id%3D9696044%26mt_adid%3D226589%26mt_sid%3D9968202%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df32061e8-98f2-4a01-bec5-513d467dd22f%26mt_cid%3Df32061e8-98f2-4a01-bec5-513d467dd22f%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F3921dc64-bfe0-4e68-afd1-2530812e3f77%2F%26redirect%3D&documentReferer=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&ancestorOrigins=https%3A%2F%2Fthreatpost.com&random=3232159560236&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Domain
hal900016.redintelligence.net
URL
https://hal900016.redintelligence.net/request.php?zone=qdxf4l9d1c32&nw=20&renderingType=javascript&namespace=996a96078c&subid=&uid=bb6b0a4387c25f39&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4c7191ff46ab720e2850059289fe9fd0f31b724c_10%26mt_aid%3D8551031610932837932%26mt_id%3D9690032%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df32061e8-98f2-4a01-bec5-513d467dd22f%26mt_cid%3Df32061e8-98f2-4a01-bec5-513d467dd22f%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F2d910ada-f883-42de-8731-ebd0e6aa7221%2F%26redirect%3D&documentReferer=https%3A%2F%2Fthreatpost.com%2Fall-in-one-seo-plugin-bug-threatens-3m-wordpress-websites-takeovers%2F177240%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dnewsletter-january-2022%26mkt_tok%3DMDAxLVZKWC0xMDQAAAGCEt0J8JYtynGAUllhvZMVBVkXjJLyjm3jS0-MGkk8dKa3gKF_LPVNksEk4qY2WY-uCsZLkC4N1fBPBvsr_En9zNuIjiCkc4z8YWGVt9mden4&ancestorOrigins=https%3A%2F%2Fthreatpost.com&random=7649857315026&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011002&jk=3410283384016817&bg=!wsGlwYXNAAZ_DxPPfw87ACkAdvg8Wkfiq_LjUGQ4Zmb2OcC5MN5Sbqtnjb8PoEZ8d6LwFKv3DhDNdwIAAABYUgAAAAJoAQeZAqxBJvXRGNlSuTXcLJy1VdzXsVJn-C04-He3ytHZCqTNZ_KgdyGEhPoFexYzrB2maAZobrYG_XWIqwFWCQ9FBKtDtnw0jCPn4cAepfbjp0NpvG33lv4ITLMRkKHfhzaTiY0l4_Iw5lXTKIjqrXelFxdWaCReEBvK2TRUlHLZJgyItAAx1W5zgsxXAjBCMmYd2bOJ-6gtQlWjetdJ1Nt53_ZDx_aqEoeim9DnB6rQHgHZFEi2bZFeWf1Bc6bBsppvck1LvuS69WAzPPphBHCREt4CzLPVyWSXkLOaNEuCZ1Y8HMHl7phCuequlRMeAVG1Lpz992ngYQmt_vKjmCt-W0wcmHgj4GLzCA2qi-EIv6oSB-9zHQUSX34BG5L--rNjnJEq4onFSxPZfDaxHrXOe18I-TevvxH3XvQBqSXgUQd1eUgXXIrCZqdaSJrCO1juMv3CsA5KvBc4uV1rq32A9l3olVD9PsS1kbXrmCEZlCziTnXf1rterUPtV1wxgmN7UjcMR5jiTKcCZU-ybvwWbTNodlG9YN0qSuQ0dkXeYdcFxYrdltLjWSBKwHD36E0ALstPt1SaYkkrlk2POk5tvecrkmWUJinaX8fbjrattXQwSK0kXWkF2MjkJ-GxNbKFfUILc5U-60ay9Fo6x35DsM6I9ZHP_RQ7Cws_HlgzrpKVVwAjuSoGtIa-T0EoGkYUz7FyQd57AK3LxxulOQM6v3Et9KUmMC2qQvpC7bo0WR18lzLusbUjgvzSTpj_0gs7I-5mDoxDKuhFq3FYWYr4FDQ573HFzEVz0BSJJeo5zntLGyCuAqDR3qJD9NbuEYQOxquXh9zx_9N-At_UjOcPK-QAtrGjeaCnNh8E5kJQ1BkD2wZKSKMtd5qm5gw8Oe0F8ESZtgC-PZe2XJCEgHQ

Verdicts & Comments Add Verdict or Comment

275 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 string| gAMP_urlhost string| gAMP_urlpath string| gAMP_urlquery string| gAMP_contentid string| gAMP_category string| gAMP_contenttags number| kPrebidTimeout number| kRefreshPollTime number| gRefreshCount number| gOXRefreshCount boolean| gRefreshDebug boolean| gPrebidDebug boolean| gTrackVisibility boolean| gLazyLoad boolean| gTrackPageVisibility number| k30SecondRefreshInterval number| k60SecondRefreshInterval number| k90SecondRefreshInterval number| k120SecondRefreshInterval number| k180SecondRefreshInterval number| k999SecondRefreshInterval number| kDoNotRefresh number| kDefaultRefreshInterval object| gSChainNodes undefined| gGDPR_forceLocale boolean| gGDPR_silentNoConsent boolean| gGDPR_forceNoConsent object| gGDPR_NonTCFVendors string| gGDPR_publisherCountryCode string| gGDPR_logoURL string| gGDPR_privacyPolicyURL string| kAmazonPublisherID object| ad728x90ATF object| ad300x250ATF object| ad300x250ATF2 object| ad728x90ATFTAB object| ad728x90STICKY object| ad300x250ATFTAB object| ad300x250ATF2TAB object| ad320x50ATF object| ad300x250ATFM object| ad300x250ATF2M object| ad2x2skin object| adGoogleAdXInterstitial number| gBrowserWidth object| desktopAdUnits object| tabletAdUnits object| mobileAdUnits object| gAllSlotData number| gAllSlotCount function| _0x10e398 object| gRefreshSlots object| gRefreshIDs object| gRefreshTimes object| gRefreshIntervals object| gThisRefreshIDs object| gThisRefreshSlots boolean| gInitialLoad object| gIntersectionObserver object| gPBJSTimeoutTimer object| gAmazonSlots object| gAmazonBids boolean| gAmazonBidsBack boolean| gPrebidBidsBack object| googletag function| _0x306c object| pbjs function| _0x5af4 boolean| gHasGDPRCMP object| gGDPRTCData function| amp_getBidsForAllChannels function| amp_dumpBids function| amp_dumpWins function| amp_dumpTable function| amp_getBestBids function| sendAdserverRequest function| checkIfAllBidsBack function| amazonBidsBack function| pbjsBidsBack function| bidsTimeout function| scheduleConsentUpdates function| sendBidRequests function| doSendBidRequests function| amp_refreshAllSlots function| amp_refreshSlots function| refreshAdSlots function| attachCloseBoxSVG function| configureAdSlot function| getCookie object| apstag function| cnx function| $ function| jQuery object| gdprDynamicStrings object| kss object| gdprStrings object| sNew object| s0 object| dataLayer boolean| jQueryMigrateHelperHasSentDowngrade object| cnx_usr_storage object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| __uspapi function| __uspOpenUI object| FontAwesomeConfig object| ___FONT_AWESOME___ function| __tcfapi object| __cmpAPI object| __GVL object| __cmpTCModel function| __cmpOpenUI function| pbjsChunk object| _pbjsGlobals object| ADAGIO string| nobidVersion object| nobid object| ggeac object| google_js_reporting_queue object| google_tag_manager boolean| apstagLOADED object| b9xD2p2 function| b9xD2p3 object| xop object| google_tag_data string| GoogleAnalyticsObject function| ga object| _qevents function| twq object| recaptcha object| player_instance_22ee2fbe0c9a41a6ac5f1f20a313fb73 object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins boolean| creativeVendorLibraryLoaded object| QEfxUf function| QEfxUD function| xblacklist object| twttr object| MZ1D6o2 function| MZ1D6o3 function| xblocker object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| google_reactive_ads_global_state function| cnxProxyTask function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| gf_global function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile object| _gformPriceFields undefined| _anyProductSelected function| gformIsHidden function| gformCalculateTotalPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRoundPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformToggleShowPassword function| gformToggleCheckboxes function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformToggleIcons function| gformAddRepeaterItem function| gformDeleteRepeaterItem function| gformResetRepeaterAttributes function| gformToggleRepeaterButtons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields function| GFMergeTag function| GFCalc function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format object| gform undefined| __gf_keyup_timeout function| renderRecaptcha function| gformValidateFileSize function| gformInitSpinner function| gformAddSpinner function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex function| rgars function| rgar object| gfMultiFileUploader undefined| __gf_timeout_handle function| gf_apply_rules function| gf_check_field_rule function| gf_get_field_logic function| gf_apply_field_rule function| gf_get_field_action function| gf_is_match function| gf_is_match_checkable function| gf_is_match_default function| gf_format_number function| gf_try_convert_float function| gf_matches_operation function| gf_get_value function| gf_do_field_action function| gf_do_next_button_action function| gf_do_action function| gf_reset_to_default function| gf_is_hidden_pricing_input object| Placeholders object| kasperskyDynamicaReCaptchaData object| ak_js object| commentForm undefined| replyRowContainer undefined| children object| jQuery1124035126234983145777 object| wp object| gf_form_conditional_logic string| gf_number_format function| do_callback object| ID5 object| PublisherCommonId number| google_global_correlator object| closure_lm_209727 object| sas object| apntag object| _ADAGIO object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms function| cnxAddEventListener

22 Cookies

Domain/Path Name / Value
mkto-sj130112.com/ Name: BIGipServersj_mailtracking_http
Value: !noD5/HHAT5nS596PurFYsUVmfdh2KIuSA70WhcMoa3wAO/uxqay3fYb8mDZHejcWNKRc5vnozht1Gzk=
.mkto-sj130112.com/ Name: __cf_bm
Value: dVmxYDGUpFUrRKsXYOKoEl2XRRJ0zQV_yd0gPjcmyaA-1642633453-0-AUn/fL6kScf0s+rmmj2aZQj3ZG21RgxHDqcmJaMCR8dvLEz0RcdxivU9BzR3PC6FY/SsSvVEtQ26NvV9F8O1R94=
.threatpost.com/ Name: _ga
Value: GA1.2.2143096394.1642633457
.threatpost.com/ Name: _gid
Value: GA1.2.1395045091.1642633457
.threatpost.com/ Name: _gat_UA-35676203-21
Value: 1
threatpost.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.t.co/ Name: muc_ads
Value: 22fb8f60-ef25-44c3-a5ec-bb57293aa2c0
.threatpost.com/ Name: _pubcid
Value: 65c80f87-d2f3-44af-831c-c97f560e5f97
.twitter.com/ Name: personalization_id
Value: "v1_VubD0qhNe+nCSyTrnl+KfA=="
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: 7a99b68fc19b56e484c8a661
.quantserve.com/ Name: mc
Value: 61e898f1-3d7c7-20a78-12952
.rubiconproject.com/ Name: rsid
Value: 1|BtChNFAAr+7XdnWQ2t0CNhncoYRhePLF0nQ3IpbyMw0bpo2XNG6PTqqHZbuL5+nLKRys2mn9YQuneRSLAnarFwv0pGxR1x1SrC96OoGPFnIhzD/9S89fU6s=
.rubiconproject.com/ Name: khaos
Value: KYM5JRCE-1C-E3EK
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2VwxjJwGFAEubASkO6QPb7E03ikE5KqM0K2qe6TZpRuxYaGGXHaN0TazGDAnZkjgciW6Q58jarRAvAG15loFpV9ffqWu8FjBY=
.threatpost.com/ Name: __qca
Value: P0-659584342-1642633457218
e.serverbid.com/ Name: azk
Value: ue1-sb1-12f9878c-57c9-440c-a417-ccc57897b6e6
.openx.net/ Name: i
Value: a1936409-ad6f-4641-a220-cf35c86c99f8|1642633457
threatpost.com/ Name: usprivacy
Value: 1---
threatpost.com/ Name: cto_bidid
Value: l55bNl9GcVN2UzBrY3pPbiUyRnRtTVdobFBhUDRrVWVIVk5idW1XMCUyRlNBRXdLMmpDUTN2aDNjR1djTlRRQnAlMkZSWGJOOEpaT3BtbnlMU0dKQnlnNUxyRFF0b1hZQSUzRCUzRA
threatpost.com/ Name: cto_bundle
Value: Ul-vJl9CTDhOaWFJamQ5NnlmRmVsSkhFWVdZbWlMUTV6NUFXMnFOUURqeGg2SVVDNmpBcEJTVWg1Vjd6TGtMNmRLZU5uS0RlT3NHJTJCNlVmUGh2czRMcnlwcDNUWTFWSUU4Y2FSaW8xUSUyRjEwMnNneTJZZ2xDWENycU1hN3FYQkh2ZE5YalQ
prebid.a-mo.net/ Name: __amc
Value: 1_1642633457_1642633457

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adaptv.advertising.com
ads.servenobid.com
adservice.google.com
adservice.google.de
adservice.google.se
analytics.twitter.com
ap.lijit.com
assets.threatpost.com
bdfdb78263003bdb71a7b35e2f77bf9d.safeframe.googlesyndication.com
beacon-fra2.rubiconproject.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
capi.connatix.com
cd.connatix.com
cdn.id5-sync.com
cds.connatix.com
e.serverbid.com
fastlane.rubiconproject.com
geo.ipify.org
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900016.redintelligence.net
hal90006.redintelligence.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
img.connatix.com
kasperskycontenthub.com
media.threatpost.com
mkto-sj130112.com
mp.4dex.io
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
pixel.quantserve.com
prebid.a-mo.net
qd.admetricspro.com
rules.quantcount.com
s0.2mdn.net
script.4dex.io
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
static.ads-twitter.com
stats.g.doubleclick.net
sync.mathtag.com
t.co
tag.1rx.io
tagan.adlightning.com
tags.mathtag.com
teachingaids-d.openx.net
threatpost.com
tlx.3lift.com
tpc.googlesyndication.com
vid.connatix.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googleads.g.doubleclick.net
hal900016.redintelligence.net
hal90006.redintelligence.net
pagead2.googlesyndication.com
104.17.70.206
104.244.42.195
104.244.42.5
104.89.31.187
134.209.129.254
142.250.186.130
142.250.186.34
147.75.61.140
151.101.12.157
151.101.130.137
178.250.2.146
18.184.27.79
18.195.249.59
18.64.119.176
18.64.79.46
185.29.132.241
185.29.134.249
185.33.220.244
185.64.189.112
2.18.233.201
2.21.111.28
213.19.147.42
2600:9000:2057:0:2:9275:3d40:93a1
2600:9000:214f:2400:0:5c46:4f40:93a1
2600:9000:2315:7400:6:44e3:f8c0:93a1
2602:803:c004:200::141
2602:803:c004:200::154
2606:4700:20::ac43:4bf1
2606:4700:7::a29f:8a55
2606:4700::6812:272
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:802::2001
2a00:1450:4001:803::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2006
2a00:1450:4001:827::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c07::9c
2a02:2638:1::13
34.98.64.218
35.156.28.35
35.173.160.135
46.105.202.126
46.4.10.49
51.89.21.30
52.28.203.152
54.194.35.12
64.140.160.2
72.251.249.9
038fc4d49a9191d416d49841f371b6e0b06bb40f719124099d40fe8f393b9e2c
03cc687f0c8a2d1694e509b91fcd6c62c0fbdbdbdb850b8007b8052f649c7f77
0473c2ed9c7281af9444663ce2c7294380249aabd512f5457f3acd26d181ab11
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7
07548e026bf3fba76bebc09a94e259e1773373ffb367626880ac8df62484aa17
07d5be9aa710358a2a335a319776d03682af8f0c95512254935161939cefdc39
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
10ac6502b2c5a4627156951838e56e9cd0a1b0b797d4a36249a878959ee4d281
1370b13da66219a85a8027811e4524625cf9725d386044d73fb11c8f24611e5d
16bb8f1eee3375926ff0a2fecbbe26359dd176a033c5240a3ab9d5f534783ba3
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
17aee1fe3d7d16e647b97f568230c2ff36c1855ce35ce930c26aec5d2c58eaf4
19a7659a2a48aa5c299dee1ac14bc4d9a47f3be58010ae2ad753509a797d6b76
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f
1aeb3ee07f4b462935c5d8047ff038c8e279d75f9be1dcd0b848ba68223a3ee2
1cc9f616bd372ae964eec0a11061ac73c070372be1f6442dda535b69b12cb28d
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
22af7db2f75c9eda77731a6a748f46f0e4e1df7d3ce046be355d8e1feda95335
2601819d7387eaa39cdce9df2aac15559572e9974bfe2d83bfb89b5873cf638a
28769dabb484cce68b2e59e9a870b1415e19e023d3cd27f248d1fe7a85a52b47
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d
2e90b27e02413c29e70760462cfefa4c1fa5877b0ef9329f22b3cd8ce0e047b1
3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838
31057482493b6e0921be97c52e0423a2fb25d355c52cf27c0757d5c2e2ece2f8
349800380315640a14d780af22ca75763983aea66d0133c19b53d55b25a86df4
36e27d1f821eb620ccfd5d9ec66cb024e06bea90ae236d8feed6d69dc80281f1
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a
3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26
3f7e95f93f037227d68960d6c34f74c408d8beab0237fe2eab3d91239f70f134
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
42d1a1fbcb2775fe46ece55745acac2c09a2f831c786d095aff3bf75f5a85051
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd
4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398
48690aaa6fff4d84b3d1de64a8ec77ed01ca244492e10fb776c794ba6c171639
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
4c04a0f751336b1199d443f9e691679c84ffd4133978e8d9d178118cf609c16b
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4fddec1cb13ee6848cce386a733d405fff2be9ab4d904f55a1d15c7cc84f410d
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70
512e5c052cd0cd1ee7f0f94787112b73900f5e2ff3bafabf0e564853d81b3689
5132d372cb173a8a03581054f07b694cf11fbdce25ca75e0b9676abeecd101f0
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
550e9608428530e8ef34eb025410412396246d6f22feabc5a3afeda22fa01d79
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59675799bcc8ff04c6a9b54da3df7f7fa588b910cf29d69585e98052cc405e8e
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf
5aa165ca85f853a082859e232c25d3ea93b3b3e687482ab2966b99be38ba6949
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cbf085d014439b719c84c3d2f3222fde66e299c2da1b41dfc4dbb315db0456
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea
6ad5f6df798cb19bb0df218efa3e40c11afb9c2d6874dee5747765862ccc5527
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4
7575b234b15077a7c6980876f5f2f64ae88b57cf80ea912432d588c06b0b2fa2
7b122226a3373d0030fd6b398c7707fd55441b91cf8bcda6e61e76d0fcf998a9
7f7e33176ed23a9a8f7e9e630ae96de68440617afcbb44a7968fc66b126087d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
8474e50bcf2c46562bb76826e78d6c2056fab0a08257fc7abef3d007efffaf74
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85223b7d2dfd7fa6cd73957d17ee3fafdbc42a190f6d640867c15f03c5d074c2
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb
875be74e11cce369f11d3a223b461315e6bac8284e16d337eab1840d663fc233
89ce08431545cd3c6d42419d99ee0152027a68c1d0c7c82838cc9a51d9d52451
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8edaef698e025c37ba9e8d632a895d7252c62251df3f095d5cff17b6f3304854
94dd5d2c4e96c302f4da738e884f4d1d9d8265eeb106342bd6528824cb568045
97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74
98d5f6e285ab8f7106a975b2a9cd09623e47618a24f0cdb9f7f6b1aeb4cb28f7
99155ab8da91aa92828722d0c547012321a2e9801e68132f172e5c315a12ffb1
9b20a31b2e9397cda14bd570eab10a92d7757f1f93a387545183194f7feb6992
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a355508d811ac666d1b61e566f7f1daf5d39b8915c036b271f14a4cfb9247ac3
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a541215d29494d4a864f8d4ce705e1064cd360243e0e72a9da815faabe15f697
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22
aa173955c0904e56b7dadc2ac330faa0d12746bd2d39deaaca6cc6692238eabc
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd80d5c7d4b4a3a0499c709b4b6ab33775dcc12609a3fcd01d2f147cc52cabe
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be
aed74ca5263f835a96dd0e79a8cb9ab61f5b52bbf136dfc51498771a8b6baef7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55
b63b05df40ae23c2665ab6476ebd97294cc65c20fdd10f244a0058efd6c7f96e
b76a960cf035ffc837e4917f25665bd5736c1e838729a3f47cd3432d7029cd32
b813e47b551a74f55e504ad2e4a7fdb97ee55a9497486ffa61f4dfc34e6fd338
ba872cb8a805aa859fc6258f14e14c57ecd008a630b4154240b004ed9b6a677a
bac1a542ae1dec22fe126d856b0516197e46cc8b8282832b83feb39ef1e6f235
bb66dbe2867f4bd08186615c104fefef105858870dd23550d3fd33100115f4e9
bbe4e4e4e847a32bd717d963f0ac04b619a7a9cdd631a7454d9dfec16fbae73f
bc09f410bee268466a27e0c698d45192d5f24b6f099fe434ca49d045690857e4
bd6ad264bc914f8fcea212e33572550a92849e68189dc1706e7ccd600a0c3407
bdb19f9b971a1026f59a86b5a185008b1b735ac4e1d81aaac3acdc0a15886c62
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c6c483679c45eb8eb879b3d17690dd23b9cf18de296dff1eab5af96c912f49c9
c8719b240cc0d18a2ed0d39c4bd27c24a6ae27dd871bfaedb9322093464f170c
c8c03fd4dea0f2c83fa05b10dfd913bfcff51d05e0c6e84b7f340b857fdda517
cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275
cd3767c9daaaaf6b31ba6dd8821d1cf09594ffdddb05a60b81d960aa4e2f44e9
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d52f6fb22672fd1c607cf802a4824e280c302565d196aa9b24d5b3196600aacf
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d689b030bcc440cfbfb9db4c9b0d585f0427a4f8021950db23cb9ca1ce44ead3
d75c8d8ba0a0e05e6512c2c99e06c8a6e955dff71ca14346f14a5879f94c895b
d80a3a4ebfc53949f804e490de2977cd981fdba8c796d938742f9098e4ef88eb
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1d1b72ffd60bc5b1170724c2d792e8f22cff0a802a5a88a3a801ad2259ef41a
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0
e58bc10b3948106bc0f0d27a5d4951bc2c96aeab02674bbdb7a1c7a8637842d1
e6106a7c3a48e94b31987e801216b829e60e67334932e2389cbc94182f1e30c2
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913
ebd54000f9d220138387bae5b4a04b6149b6cae44cc6faf77dec192947fed790
ee378f088c9c89c907f7f7e99a275403ded218c6b0893a2344ae9693956b7318
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f48d1a48e8746f99640d95ca2fcae30fcc524c4683ccbd9aa25cdfd020ccb5bb
f4b064d961dd5c30917481f9cf22f400d352737e7dac10d70e574877eef1e8ea
f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189
f8bf0b735b32ad006ebb24281f26003602080d6da979243af106c1962777cac6
fad9945962349c74c3f7af47f6d3b52e1852d9b9f37278cedbf7150ecd5c606a
ffa9323382775d03e73c72e5f407de16c340b5715bd45d7307c02d724d17081e