threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Submission: On August 13 via api (August 13th 2020, 10:47:23 pm UTC) from US

Summary HTTP 249 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 60 IPs in 11 countries across 47 domains to perform 249 HTTP transactions. The main IP is 35.173.160.135, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is threatpost.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 10th 2020. Valid for: a year.

This is the only time threatpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	35.173.160.135 35.173.160.135	14618 (AMAZON-AES) (AMAZON-AES)
11	13.226.155.59 13.226.155.59	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:e4:... 2606:4700:e4::ac40:a60d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8	2600:9000:218... 2600:9000:2182:b400:2:9275:3d40:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2600:9000:218... 2600:9000:2182:d600:0:5c46:4f40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 13	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
21	194.146.38.23 194.146.38.23	41436 (CLOUDWEBM...) (CLOUDWEBMANAGE-EU)
7	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
5	13.226.146.86 13.226.146.86	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
1 3	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
1	134.209.131.220 134.209.131.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 6	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.210.170.92 18.210.170.92	14618 (AMAZON-AES) (AMAZON-AES)
1 7	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	3.120.51.72 3.120.51.72	16509 (AMAZON-02) (AMAZON-02)
1 3	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
10 15	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
5	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.248.143.123 3.248.143.123	16509 (AMAZON-02) (AMAZON-02)
4	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2600:9000:218... 2600:9000:2182:ce00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
4	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
11	185.127.16.53 185.127.16.53	210329 (CLOUDWEBM...) (CLOUDWEBMANAGE-UK-1)
1 2	3.124.165.65 3.124.165.65	16509 (AMAZON-02) (AMAZON-02)
1 1	195.201.246.119 195.201.246.119	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
4	18.194.97.231 18.194.97.231	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	199.232.53.140 199.232.53.140	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:818::2001	15169 (GOOGLE) (GOOGLE)
3	52.29.141.223 52.29.141.223	16509 (AMAZON-02) (AMAZON-02)
3	185.86.137.114 185.86.137.114	201081 (SMARTADSE...) (SMARTADSERVER)
18	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
2	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 5	18.197.99.6 18.197.99.6	16509 (AMAZON-02) (AMAZON-02)
2 3	54.229.91.186 54.229.91.186	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE)
1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
1 1	134.209.129.254 134.209.129.254	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	13.226.155.64 13.226.155.64	16509 (AMAZON-02) (AMAZON-02)
1	52.58.173.218 52.58.173.218	16509 (AMAZON-02) (AMAZON-02)
4	107.21.45.77 107.21.45.77	14618 (AMAZON-AES) (AMAZON-AES)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-) (VCLK-EU-)
249	60

19 35.173.160.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com

threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kasperskycontenthub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.226.155.59 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-59.dus51.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:e4::ac40:a60d (United States)

ASN13335 (CLOUDFLARENET, US)

qd.admetricspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2182:b400:2:9275:3d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:2182:d600:0:5c46:4f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 194.146.38.23 (None, )

ASN41436 (CLOUDWEBMANAGE-EU, GB)

live.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.226.146.86 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-146-86.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.131.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.87 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.170.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-170-92.compute-1.amazonaws.com

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.244.159.8 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

teachingaids-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.51.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-51-72.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.249.9 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States) 10 redirects

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.143.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-143-123.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:ce00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, NL)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.127.16.53 (London, United Kingdom)

ASN210329 (CLOUDWEBMANAGE-UK-1, GB)

video.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.165.65 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-165-65.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.246.119 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.119.246.201.195.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.194.97.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-97-231.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.53.140 (United States)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1922f1298d30d2bf058b0b9d293772cf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:818::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.141.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-141-223.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.197.99.6 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-99-6.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.229.91.186 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.210.2 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.129.254 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

serverbid-sync.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.64 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-64.dus51.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.173.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-173-218.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.21.45.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

aas.dc-1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Sweden)

ASN41041 (VCLK-EU-, SE)

aol-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	threatpost.com threatpost.com assets.threatpost.com media.threatpost.com	708 KB
32	sekindo.com live.sekindo.com video.sekindo.com	2 MB
27	googlesyndication.com 1922f1298d30d2bf058b0b9d293772cf.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	230 KB
24	advertising.com 11 redirects adserver-us.adtech.advertising.com ads.adaptv.advertising.com pixel.advertising.com	11 KB
18	ampproject.org cdn.ampproject.org	437 KB
13	google.com 3 redirects www.google.com	1 KB
11	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	241 KB
11	adlightning.com tagan.adlightning.com	211 KB
10	pubmatic.com 1 redirects hbopenbid.pubmatic.com ads.pubmatic.com image2.pubmatic.com	956 B
9	rubiconproject.com fastlane.rubiconproject.com prebid-server.rubiconproject.com eus.rubiconproject.com	4 KB
8	adnxs.com 1 redirects ib.adnxs.com acdn.adnxs.com	6 KB
7	openx.net 1 redirects teachingaids-d.openx.net u.openx.net eu-u.openx.net	2 KB
6	admetricspro.com qd.admetricspro.com	218 KB
5	casalemedia.com 1 redirects as-sec.casalemedia.com ssum.casalemedia.com	5 KB
5	amazon-adsystem.com c.amazon-adsystem.com	60 KB
4	dc-1.net aas.dc-1.net	777 B
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	smartadserver.com prg.smartadserver.com	951 B
3	lijit.com 1 redirects ap.lijit.com	1 KB
3	quantserve.com 1 redirects secure.quantserve.com pixel.quantserve.com	9 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	272 KB
2	yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	653 B
2	indexww.com js-sec.indexww.com
2	bidswitch.net 1 redirects x.bidswitch.net	1016 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	servenobid.com ads.servenobid.com public.servenobid.com	462 B
2	3lift.com tlx.3lift.com eb2.3lift.com	475 B
2	serverbid.com 1 redirects e.serverbid.com sync.serverbid.com	267 B
2	google.de adservice.google.de www.google.de	430 B
1	dotomi.com aol-match.dotomi.com	104 B
1	adform.net c1.adform.net	187 B
1	digitaloceanspaces.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	reddit.com www.reddit.com	3 KB
1	linkedin.com www.linkedin.com
1	facebook.com graph.facebook.com	497 B
1	twitter.com analytics.twitter.com	283 B
1	loopme.me 1 redirects csync.loopme.me	226 B
1	t.co t.co	171 B
1	quantcount.com rules.quantcount.com	356 B
1	a-mo.net prebid.a-mo.net	753 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	46 KB
1	kasperskycontenthub.com kasperskycontenthub.com	399 B
1	googletagservices.com www.googletagservices.com	19 KB
249	47

	Domain	Requested by
21	tpc.googlesyndication.com	tagan.adlightning.com threatpost.com cdn.ampproject.org
21	live.sekindo.com	threatpost.com live.sekindo.com
18	cdn.ampproject.org	threatpost.com
18	threatpost.com	threatpost.com live.sekindo.com
15	adserver-us.adtech.advertising.com	10 redirects threatpost.com
13	www.google.com	3 redirects threatpost.com tagan.adlightning.com
11	video.sekindo.com	threatpost.com live.sekindo.com
11	media.threatpost.com	threatpost.com
11	tagan.adlightning.com	threatpost.com tagan.adlightning.com
8	assets.threatpost.com	threatpost.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net threatpost.com
6	ib.adnxs.com	1 redirects qd.admetricspro.com live.sekindo.com
6	qd.admetricspro.com	threatpost.com qd.admetricspro.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
5	pixel.advertising.com	1 redirects threatpost.com
5	hbopenbid.pubmatic.com	qd.admetricspro.com live.sekindo.com
5	c.amazon-adsystem.com	qd.admetricspro.com c.amazon-adsystem.com live.sekindo.com
4	aas.dc-1.net
4	ads.adaptv.advertising.com	live.sekindo.com
4	ads.pubmatic.com	live.sekindo.com qd.admetricspro.com
4	fastlane.rubiconproject.com	qd.admetricspro.com
4	teachingaids-d.openx.net	qd.admetricspro.com live.sekindo.com
4	as-sec.casalemedia.com	qd.admetricspro.com live.sekindo.com
3	match.adsrvr.org	2 redirects
3	prg.smartadserver.com	live.sekindo.com
3	prebid-server.rubiconproject.com	live.sekindo.com
3	ap.lijit.com	1 redirects qd.admetricspro.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com threatpost.com
2	sync-tm.everesttech.net	2 redirects
2	js-sec.indexww.com	live.sekindo.com qd.admetricspro.com
2	eus.rubiconproject.com	live.sekindo.com qd.admetricspro.com
2	acdn.adnxs.com	live.sekindo.com qd.admetricspro.com
2	googleads.g.doubleclick.net	threatpost.com
2	pixel.quantserve.com	1 redirects threatpost.com
2	x.bidswitch.net	1 redirects threatpost.com
2	u.openx.net	1 redirects live.sekindo.com
2	sync.search.spotxchange.com	2 redirects
2	fonts.googleapis.com	live.sekindo.com
2	www.gstatic.com	www.google.com
1	aol-match.dotomi.com
1	ssum.casalemedia.com	1 redirects
1	c1.adform.net
1	image2.pubmatic.com	1 redirects
1	eb2.3lift.com	qd.admetricspro.com
1	public.servenobid.com	qd.admetricspro.com
1	eu-u.openx.net	qd.admetricspro.com
1	serverbid-sync.nyc3.cdn.digitaloceanspaces.com	qd.admetricspro.com
1	sync.serverbid.com	1 redirects
1	ups.analytics.yahoo.com	threatpost.com
1	cm.g.doubleclick.net	1 redirects
1	pr-bh.ybp.yahoo.com	threatpost.com
1	1922f1298d30d2bf058b0b9d293772cf.safeframe.googlesyndication.com	tagan.adlightning.com
1	www.reddit.com	threatpost.com
1	www.linkedin.com	threatpost.com
1	graph.facebook.com	threatpost.com
1	analytics.twitter.com	tagan.adlightning.com
1	fonts.gstatic.com	live.sekindo.com
1	csync.loopme.me	1 redirects
1	t.co	threatpost.com
1	www.google.de	threatpost.com
1	stats.g.doubleclick.net	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	ads.servenobid.com	qd.admetricspro.com
1	tlx.3lift.com	qd.admetricspro.com
1	prebid.a-mo.net	qd.admetricspro.com
1	e.serverbid.com	qd.admetricspro.com
1	static.ads-twitter.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.googletagmanager.com	threatpost.com
1	adservice.google.de	tagan.adlightning.com
1	kasperskycontenthub.com	threatpost.com
1	www.googletagservices.com	threatpost.com
249	72

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
feedly.com
www.instagram.com
cve.mitre.org
attendee.gotowebinar.com
jeffs.sh
community.teamviewer.com
www.cisecurity.org
akismet.com
t.co
indd.adobe.com
spotlight.threatpost.com

Subject Issuer	Validity	Valid
threatpost.com DigiCert SHA2 Secure Server CA	`2020-06-10` - `2021-06-15`	a year	crt.sh
*.adlightning.com Amazon	`2020-07-22` - `2021-08-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-10` - `2021-08-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
assets.threatpost.com Amazon	`2020-03-04` - `2021-04-04`	a year	crt.sh
kasperskycontenthub.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2021-06-09`	a year	crt.sh
media.threatpost.com Amazon	`2020-03-04` - `2021-04-04`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
www.sekindo.com Go Daddy Secure Certificate Authority - G2	`2020-05-27` - `2022-06-18`	2 years	crt.sh
*.google.de GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
e.serverbid.com Let's Encrypt Authority X3	`2020-06-22` - `2020-09-20`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.a-mo.net Amazon	`2019-09-06` - `2020-10-06`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.servenobid.com Amazon	`2020-03-12` - `2021-04-12`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-07-29` - `2021-01-25`	6 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2020-04-10` - `2020-10-10`	6 months	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2020-04-06` - `2020-10-03`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2020-08-08` - `2020-11-03`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-06-02` - `2020-11-29`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-05-27` - `2020-11-23`	6 months	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert SHA2 Secure Server CA	`2020-03-11` - `2021-04-14`	a year	crt.sh
*.betrad.net Amazon	`2019-12-12` - `2021-01-12`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh

This page contains 31 frames:

Primary Page: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Frame ID: 7CBD1B28FA32587A5C7AF061F23C3470
Requests: 106 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1597358823&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=both&flowCloseButtonPosition=right
Frame ID: 5EF550FD12FEBE0DF25FD6B6AF04C5B6
Requests: 48 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 18977B74B806DD0A5575221BE53CAFE7
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 8D2BD1983B3449204B1C919CAE8CCB20
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 9C45E6D8D083A5971D7ECC6EF4198C3C
Requests: 1 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=94&advUuid=e8794e21-ddb6-11ea-9136-1d03a5b20906
Frame ID: A22BC884EF89D6B2352F48F6AC38415C
Requests: 1 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=98&advUuid=62e28035-678f-4572-b4eb-b9b420559248
Frame ID: 556234E4958818D76B2C2E069D95D86D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&theme=standard&size=normal&cb=wxq0x4tkasip
Frame ID: 608453382A574EB895638BB6B59BBD1D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&theme=light&size=normal&cb=e1brv8gxdcpb
Frame ID: 029C0B3B7EFB3D24C15355DC9D6207FC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=aciovd700frv
Frame ID: 42F1E286B59201FBA83FD833C161D158
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&cb=r49l006gekd4
Frame ID: 1996D9E9EDB60218C2FDD0A3DE16DD6C
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-13281d4-763df7b3.js
Frame ID: 5869DE803D4268ED27936B86A00B0675
Requests: 18 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-13281d4-763df7b3.js
Frame ID: 72BC2D0DF6069007DF5B57FFF9FC7A6D
Requests: 18 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-13281d4-763df7b3.js
Frame ID: AEFDBD5FCC62127C7D77549A2581551E
Requests: 17 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-13281d4-763df7b3.js
Frame ID: BEFC9EBE67AC92F32BEB7667A19D9982
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 122DF69C85C043B081CF19DBC182099D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 8628EE3129A7A25955994E7A0E782408
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: AB451958D5C30E8F4E4B84AA6E9B888C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4952A75A44FD4928FFF8A09C8C76EF44
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AAFE8C14F4928F14DB1131835311978B
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Frame ID: 8E7A71CAF7976D9207621CF73C4F34CD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 65345E485537790E5D56CE419B9F1A9C
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13394437
Frame ID: F03D0820B12283AAE0D24FAD25DC94E4
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Frame ID: D8B4B56AFEB9819638D5A95E704E340E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2AE5C3B27C815603ADD28CF95DF64096
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Frame ID: 3E4A0C198B91851C4C99D72705C098EE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E13CD3E2E768542F20CD194E427BC1E0
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 8B5291E3198C9611671D760CCA74D05C
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 3EDE16BD568986D9EAFAD86C574AE40A
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6ADDB7894D5DE60D0682439E15DBC77A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D02E1C60B7CB67359FC0CA9F841D5328
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

249
Requests

100 %
HTTPS

38 %
IPv6

47
Domains

72
Subdomains

60
IPs

11
Countries

4891 kB
Transfer

9753 kB
Size

19
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/threatpost/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/threatpost

Search URL Search Domain Scan URL

URL: https://feedly.com/threatpost

Search URL Search Domain Scan URL

URL: https://www.instagram.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13699
Title: CVE-2020-13699

Search URL Search Domain Scan URL

URL: https://attendee.gotowebinar.com/register/3844090971254297614?source=art

Search URL Search Domain Scan URL

URL: https://jeffs.sh/CVEs/CVE-2020-13699.txt
Title: to an advisory

Search URL Search Domain Scan URL

URL: https://community.teamviewer.com/t5/Announcements/Statement-on-CVE-2020-13699/td-p/98448
Title: statement sent to Threatpost

Search URL Search Domain Scan URL

URL: https://www.cisecurity.org/advisory/a-vulnerability-in-teamviewer-cloud-allow-for-offline-password-cracking_2020-106/
Title: security advisory regarding the flaw

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

URL: http://twitter.com/search?q=%23Security
Title: #Security

Search URL Search Domain Scan URL

URL: http://twitter.com/search?q=%23Amazon
Title: #Amazon

Search URL Search Domain Scan URL

URL: https://t.co/y0fIuRUEEi
Title: https://t.co/y0fIuRUEEi

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost
Title: Follow @threatpost

Search URL Search Domain Scan URL

URL: https://indd.adobe.com/view/01579c19-a6ca-4cb0-8106-ed4d5d02a292
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://spotlight.threatpost.com/
Title: HackerOne Spotlight

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=586e8c6140fd0fb;misc=1597358823783; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=586e8c6140fd0fb;misc=1597358823783 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;apid=1Ae8513934-ddb6-11ea-8dbd-12f0dd10f918;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=586e8c6140fd0fb;misc=1597358823783

Request Chain 73

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=59b9d7d8c9a1668;misc=1597358823783; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=59b9d7d8c9a1668;misc=1597358823783 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;apid=1Ae87d26e8-ddb6-11ea-a089-121c10c2940c;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=59b9d7d8c9a1668;misc=1597358823783

Request Chain 74

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=6048515f3e151a6;misc=1597358823783; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=6048515f3e151a6;misc=1597358823783 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;apid=1Ae853a5de-ddb6-11ea-9749-121b89dbed5a;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=6048515f3e151a6;misc=1597358823783

Request Chain 75

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=61726c6307d5384;misc=1597358823784; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=61726c6307d5384;misc=1597358823784 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;apid=1Ae84f99d0-ddb6-11ea-a18f-12794b40da64;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=61726c6307d5384;misc=1597358823784

Request Chain 76

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=62643ef2bc07a7;misc=1597358823784; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=62643ef2bc07a7;misc=1597358823784 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;apid=1Ae87c2cf2-ddb6-11ea-94aa-12569b584e72;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=62643ef2bc07a7;misc=1597358823784

Request Chain 85

https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=515358820&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&ul=en-us&de=UTF-8&dt=TeamViewer%20Flaw%20in%20Windows%20App%20Allows%20Password-Cracking%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1368177773&gjid=1313878018&cid=1383536824.1597358824&tid=UA-35676203-21&_gid=2099508087.1597358824&_r=1&gtm=2wg871PM29HLF&z=1123549224 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35676203-21&cid=1383536824.1597358824&jid=1368177773&_gid=2099508087.1597358824&gjid=1313878018&_v=j83&z=1123549224 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1383536824.1597358824&jid=1368177773&_v=j83&z=1123549224 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1383536824.1597358824&jid=1368177773&_v=j83&z=1123549224&slf_rd=1&random=3196801372

Request Chain 92

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=e8794e6a-ddb6-11ea-9136-1d03a5b20906 HTTP 302
https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=94&advUuid=e8794e21-ddb6-11ea-9136-1d03a5b20906

Request Chain 93

https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=98&advUuid=62e28035-678f-4572-b4eb-b9b420559248

Request Chain 98

https://x.bidswitch.net/sync?ssp=sekindo&user_id=5f35c2e77a6ed&custom_data=5f35c2e77a6ed&gdpr=1&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&user_id=5f35c2e77a6ed&custom_data=5f35c2e77a6ed&gdpr=1&gdpr_consent=

Request Chain 99

https://csync.loopme.me/?redirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=93&advUuid=70ba3b44-3e61-4170-8b44-98906d97fe5b

Request Chain 180

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 183

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 190

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_test=XzXC6gAAAJ3Q6QFU HTTP 302
https://pixel.advertising.com/ups/55986/sync?uid=XzXC6gAAAJ3Q6QFU&_origin=0&gdpr=1&gdpr_consent=&_test=XzXC6gAAAJ3Q6QFU

Request Chain 191

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://pixel.advertising.com/ups/55953/sync?uid=7aadb8d1-cd3e-40d1-8496-32be73fe0eee&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=7aadb8d1-cd3e-40d1-8496-32be73fe0eee

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEAQ5hyfcrATVzvi1LFBL-jE&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEAQ5hyfcrATVzvi1LFBL-jE&google_cver=1&apid=1Ae87d26e8-ddb6-11ea-a089-121c10c2940c

Request Chain 211

https://sync.serverbid.com/ss/2000891.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html

Request Chain 219

https://ap.lijit.com/pixel?redir=https%3A%2F%2Faas.dc-1.net%2Fsetuid%3FD%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://aas.dc-1.net/setuid?D=&bidder=sovrn&uid=b7dccbddd9c109a00a254eea

Request Chain 221

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faas.dc-1.net%2Fsetuid%3FD%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
https://aas.dc-1.net/setuid?D=&bidder=pubmatic&uid=9E224751-71E7-4CDA-B14D-0866B0A72813

Request Chain 224

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=w4ZURZXSAkjb1AZIk4ZKQ5fTVUjbg1ZAlYK963zw

Request Chain 225

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Faas.dc-1.net%2Fsetuid%3FD%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
https://aas.dc-1.net/setuid?D=&bidder=index_rtb&uid=XzXC51VbLVcAAE6behQAAABB%261140

Request Chain 226

https://ib.adnxs.com/getuid?https%3A%2F%2Faas.dc-1.net%2Fsetuid%3FD%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://aas.dc-1.net/setuid?D=&bidder=appnexus&uid=5820429402912912611

249 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/ 80 KB
21 KB 737ms
243ms Document
text/html 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

312c53d2ef204d3c99dbb86e9f0da9119f4b7c9eb973483bbc2dcf9a59282ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: threatpost.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Thu, 13 Aug 2020 22:47:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Link: <https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/?p=158204>; rel=shortlink
X-Frame-Options: SAMEORIGIN
X-Debug-Auth: off
X-Request-Host: threatpost.com
x-cache-hit: HIT
Content-Encoding: gzip

GET
H/1.1 200
OK main.css
threatpost.com/wp-content/themes/threatpost-2018/assets/css/ 253 KB
39 KB 495ms
239ms Stylesheet
text/css 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1597309896
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 41f3222c29889fb48f5dca1d481858e5339a759655510c256ef4edf56c80f7f5

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 13 Aug 2020 22:47:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 09:11:36 GMT
Server: nginx
ETag: W/"5f3503c8-3f2b8"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=604800, public
Connection: close
Expires: Thu, 20 Aug 2020 22:47:02 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/math-aids-threatpost/ 33 KB
12 KB 502ms
417ms Script
application/javascript 13.226.155.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 436dfd564e3baffcbeb4069006516328e56a9ed3f8aae07fab853d41afe118a7

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
status: 200
content-length: 12294
x-amz-meta-git_commit: cc9018f
last-modified: Thu, 13 Aug 2020 15:52:31 GMT
server: AmazonS3
etag: "5c8ee9cda697226b04beaa2d564be97d"
x-amz-version-id: bIGOcrSgg2uL.mcx3_5h0092M0iev_Jw
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control: max-age=3600
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: Gd7V8yPgMiMvGuvFODqgJJxNcwViYRt2a_lIC4tMnH74jvYJq9IrGg==

GET
H2 200 ros-layout.js Show response
qd.admetricspro.com/js/threatpost/ 22 KB
3 KB 76ms
28ms Script
application/javascript 2606:4700:e4::ac40:a60d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a60d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2b472509d9e149690aba45c5917ebdd2f52471b98d414c2726301b90e08f21

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:02 GMT
content-encoding: br
cf-cache-status: HIT
age: 307
status: 200
cf-request-id: 048b9a6cf50000c2b36620c200000001
last-modified: Thu, 06 Aug 2020 02:14:13 GMT
server: cloudflare
etag: W/"579e-5ac2c0b6aa2e7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5c25f9c18dc2c2b3-FRA
expires: Thu, 13 Aug 2020 22:44:44 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 55 KB
19 KB 54ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c01164467154e1c091b160900b552bfc13f5f0e46d47ab5eef7beea4492ff104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "601 / 602 of 1000 / last-modified: 1597356690"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18807
x-xss-protection: 0
expires: Thu, 13 Aug 2020 22:47:02 GMT

GET
H2 200 cmp.js Show response
qd.admetricspro.com/js/threatpost/ 314 KB
82 KB 90ms
42ms Script
application/javascript 2606:4700:e4::ac40:a60d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a60d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6eb26b5d11ac938f68345a3217cb8c915ec08dfff508113da5d538c6fb4131

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:02 GMT
content-encoding: br
cf-cache-status: HIT
age: 307
status: 200
cf-request-id: 048b9a6cf50000c2b36620d200000001
last-modified: Sat, 08 Aug 2020 04:03:08 GMT
server: cloudflare
etag: W/"4e93f-5ac55cc9f6f98-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5c25f9c18dc4c2b3-FRA
expires: Thu, 13 Aug 2020 22:44:44 GMT

GET
H2 200 targeting.js Show response
qd.admetricspro.com/js/threatpost/ 275 B
554 B 71ms
23ms Script
application/javascript 2606:4700:e4::ac40:a60d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/targeting.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a60d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cdc57f82f4b0d09e5b4e584ca4736cd3871f20563d4ce25120b057d8ffb4eb2

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:02 GMT
content-encoding: br
cf-cache-status: HIT
age: 307
status: 200
cf-request-id: 048b9a6cf50000c2b36620e200000001
last-modified: Sat, 08 Feb 2020 20:49:18 GMT
server: cloudflare
etag: W/"113-59e16a3cfb471-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5c25f9c18dc5c2b3-FRA
expires: Thu, 13 Aug 2020 22:44:44 GMT

GET
H2 200 prebid.js Show response
qd.admetricspro.com/js/threatpost/ 384 KB
108 KB 102ms
54ms Script
application/javascript 2606:4700:e4::ac40:a60d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a60d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed1bd9b5fc31e624bb0b3ca2c510546c8a1bb6b41923e06768a735c75a9c704c

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:02 GMT
content-encoding: br
cf-cache-status: HIT
age: 307
status: 200
cf-request-id: 048b9a6cf50000c2b36620f200000001
last-modified: Wed, 22 Jul 2020 04:38:40 GMT
server: cloudflare
etag: W/"601dd-5ab005060aaae-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5c25f9c18dc6c2b3-FRA
expires: Thu, 13 Aug 2020 22:44:44 GMT

GET
H2 200 engine.js Show response
qd.admetricspro.com/js/threatpost/ 25 KB
7 KB 75ms
27ms Script
application/javascript 2606:4700:e4::ac40:a60d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/engine.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a60d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdb440eb188c5f3313b45fa1b7dbf65801b68dad0ae40abbae95eab522573dab

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:02 GMT
content-encoding: br
cf-cache-status: HIT
age: 307
status: 200
cf-request-id: 048b9a6cf50000c2b366210200000001
last-modified: Mon, 03 Aug 2020 01:51:50 GMT
server: cloudflare
etag: W/"621b-5abef61d9c941-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5c25f9c18dc8c2b3-FRA
expires: Thu, 13 Aug 2020 22:44:44 GMT

GET
H2 200 /
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 89 KB
18 KB 637ms
482ms Stylesheet
text/css 2600:9000:2182:b400:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1ac6b92e

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:b400:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

15e9840f31982980328598c38e5c60434072901f2c902713ef9c4d4900e05307

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
status: 200
content-length: 18049
x-cache-hit: HIT
last-modified: Thu, 13 Aug 2020 09:11:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: cnYNtbo1Bn79irKDlpHQsHmx3IsNB7lsIZf2yx8N_XD3j64Lecbp2A==
expires: Fri, 14 Aug 2020 13:10:08 GMT

GET
H/1.1 200
OK jquery.js Show response
threatpost.com/wp-includes/js/jquery/ 95 KB
37 KB 502ms
241ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 13 Aug 2020 22:47:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jun 2020 22:05:38 GMT
Server: nginx
ETag: W/"5ee15932-17a69"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Thu, 20 Aug 2020 22:47:02 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 177 KB
55 KB 534ms
379ms Script
application/x-javascript 2600:9000:2182:b400:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=1ac6b92e

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:b400:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b0209d39595432d762f6ba2a81dc0bffa6a6e1ed9021ba24ffa06c3c7e4bcb02

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
status: 200
content-length: 56256
x-cache-hit: HIT
last-modified: Thu, 13 Aug 2020 09:11:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: UsOaBWbbEcPmcjnqOnglBcdBKbLF5YUDBy4Q9hlUqDPWV45eO1X6Hg==
expires: Fri, 14 Aug 2020 13:10:00 GMT

GET
H/1.1 200
OK / Show response
kasperskycontenthub.com/ 0
399 B 600ms
185ms Script
application/javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=2102466709&back=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 22:47:03 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Type: application/javascript
x-cache-hit: MISS
Transfer-Encoding: chunked
X-Debug-Auth: off
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Request-Host: kasperskycontenthub.com
X-XSS-Protection: 1; mode=block

GET
H2 200 0.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2018/08/15115541/ 10 KB
11 KB 177ms
16ms Image
image/jpeg 2600:9000:2182:d600:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/08/15115541/0.jpeg
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:d600:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b1b3e1dbec0a6b898bf6b8f17caa692c112ba2d215a1300b1c014c75f9f5ad8

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 21:57:26 GMT
via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront), 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Mon, 20 Aug 2018 15:57:19 GMT
server: AmazonS3
age: 348578
etag: "756a0525b47f4557fdfec408731afd91"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, DUS51-C1
accept-ranges: bytes
content-length: 10662
x-amz-cf-id: mldwjYKFJ8LoxsPO6kFSIfrn_d0t_irYaltKRIQ8bABmsQ4hFVC8qg==
expires: Tue, 20 Aug 2019 15:57:18 GMT

GET
H2 200 teamviewer8-tablet-laptop-connection2-680x400.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/04/22122751/ 28 KB
29 KB 188ms
27ms Image
image/jpeg 2600:9000:2182:d600:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/04/22122751/teamviewer8-tablet-laptop-connection2-680x400.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:d600:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b222437a7acd5d13d239187596fcd234361e3e19cb93ed289d4be07834eb2ba0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 15:56:43 GMT
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront), 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Mon, 22 Apr 2019 16:27:52 GMT
server: AmazonS3
age: 283821
etag: "cb481ad26219b1678cd41acbc8a5db9e"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, DUS51-C1
accept-ranges: bytes
content-length: 29022
x-amz-cf-id: F0jS7_bI2rEFQBrgF89dgwjejYDNxOCQPhFMEwjOJxPe4AY3b4wu7g==
expires: Tue, 21 Apr 2020 16:27:51 GMT

GET
H2 200 Threatpost_CC_webinar-269x300.png
media.threatpost.com/wp-content/uploads/sites/103/2020/08/06145744/ 75 KB
76 KB 182ms
21ms Image
image/png 2600:9000:2182:d600:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/08/06145744/Threatpost_CC_webinar-269x300.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:d600:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59a95f3c7670090ee4ebd2d8ba3d11ab3c815082a4436afa22cfeecf81f65c12

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 23:38:05 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront), 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Thu, 06 Aug 2020 18:57:46 GMT
server: AmazonS3
age: 342539
etag: "7b02068b3f50a40586fbdee951d1b16c"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, DUS51-C1
accept-ranges: bytes
content-length: 77139
x-amz-cf-id: egWsWBKnHflRvbVX8z-MB-lEUyAOI31g4pC6ksuaP_6VgaL8j6nIqg==
expires: Fri, 06 Aug 2021 18:57:44 GMT

GET
H2 200 XSS-Meetup-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/08/03091825/ 22 KB
23 KB 187ms
27ms Image
image/jpeg 2600:9000:2182:d600:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/08/03091825/XSS-Meetup-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:d600:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1bc2d4892d5d3e050de338654a05e4a7f6f0d55500a772d0d9ebac8047fb7940

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:15:22 GMT
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront), 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Mon, 03 Aug 2020 13:18:29 GMT
server: AmazonS3
age: 891102
etag: "6de13e07f89eaabd0dba00c1c2022085"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, DUS51-C1
accept-ranges: bytes
content-length: 22762
x-amz-cf-id: 15xkJRvbY1SwzT7SnHL18Qd1aXzFh6-3M00_C8mneALDLoEXK59FlA==
expires: Tue, 03 Aug 2021 13:18:28 GMT

GET
H2 200 Alexa_smart_speaker_Amazon-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/08/13075612/ 24 KB
25 KB 184ms
24ms Image
image/jpeg 2600:9000:2182:d600:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/08/13075612/Alexa_smart_speaker_Amazon-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:d600:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a45f4c35a9544ba4b1680fc5aa050bd1b08e3e373754e8313874d34cd302b35

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 12:00:08 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront), 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Thu, 13 Aug 2020 11:56:16 GMT
server: AmazonS3
age: 38816
etag: "c4f668aeddd0b430a819f231f6bf363d"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, DUS51-C1
accept-ranges: bytes
content-length: 24691
x-amz-cf-id: ibjv1fo5gR_lJhtJY6f10hmfWKyeSC1yELHK6cYXSeKEdGTD7S9CNg==
expires: Fri, 13 Aug 2021 11:56:15 GMT

GET
H2 200 Citrix-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/08/12095849/ 20 KB
20 KB 182ms
22ms Image
image/jpeg 2600:9000:2182:d600:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/08/12095849/Citrix-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:d600:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 975b5abb80ee69b00355a78479830000663bae4b62558f8811ff323484f81169

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 15:17:56 GMT
via: 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront), 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Wed, 12 Aug 2020 13:58:53 GMT
server: AmazonS3
age: 113348
etag: "ba86a200484450795b2804908e905ec3"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, DUS51-C1
accept-ranges: bytes
content-length: 20486
x-amz-cf-id: VAwiWjIal5HvsgBqlo7lVmMwBzc2GqTUXX8tFiBDI9SlI5_eOK-I4g==
expires: Thu, 12 Aug 2021 13:58:52 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 674 B
542 B 20ms
19ms Script
text/javascript 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fdc8925648b957baf9f68b4647a851f8ba9f5dc4b1b0b87a9db3c8d29f2de8d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 445
x-xss-protection: 1; mode=block
expires: Thu, 13 Aug 2020 22:47:03 GMT

GET
H2 200 data-leak-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/10/21145020/ 2 KB
2 KB 58ms
13ms Image
image/jpeg 2600:9000:2182:d600:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/10/21145020/data-leak-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:d600:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7517792de8d4a1319afd85d8c3dcffe799ba5545129a650182e6c4b055302852

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 16 Jul 2020 20:27:10 GMT
via: 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront), 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Mon, 21 Oct 2019 18:50:23 GMT
server: AmazonS3
age: 2427594
etag: "12bb1aa91531788d81a1791bcbb631f9"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2, DUS51-C1
accept-ranges: bytes
content-length: 2106
x-amz-cf-id: pdG8MtLdsFu1S7QuLkUa-6WvvlROzuTV-vt1Yq_XtgHbBqtmYLAu-A==
expires: Tue, 20 Oct 2020 18:50:20 GMT

GET
H2 200 work-from-home-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/03/13163335/ 2 KB
2 KB 57ms
11ms Image
image/jpeg 2600:9000:2182:d600:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/03/13163335/work-from-home-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:d600:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3435531b595fb1b2b529346e1df8c979a1fd727f56ea8c0d792316035440cac5

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 04 Aug 2020 01:20:13 GMT
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront), 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Fri, 13 Mar 2020 20:33:52 GMT
server: AmazonS3
age: 854811
etag: "fd4942a0704785b24b44d177f4a57d86"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, DUS51-C1
accept-ranges: bytes
content-length: 2098
x-amz-cf-id: xGz8tNMi2iSdOJvAp9J8bCo5eV2_JgTsGIbHu3hV2l4gim_OU3Y-pw==
expires: Sat, 13 Mar 2021 20:33:49 GMT

GET
H2 200 36c3-fake-emails-featured-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/01/31170549/ 2 KB
2 KB 58ms
13ms Image
image/jpeg 2600:9000:2182:d600:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/01/31170549/36c3-fake-emails-featured-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:d600:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f152c8879492dd153cf7a47ad195151e20491e60985d86f9ef7a7ddc85062f6

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 04 Aug 2020 01:20:13 GMT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront), 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 22:05:52 GMT
server: AmazonS3
age: 854811
etag: "62a0a00cafda215547f47f6b6f52bdce"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, DUS51-C1
accept-ranges: bytes
content-length: 1665
x-amz-cf-id: aKBOCoCZ97bhKvScTot53honK0tofj-UJFFA4C4naeYfcdnS5CEHpA==
expires: Sat, 30 Jan 2021 22:05:49 GMT

GET
H2 200 ai-safety-featured-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/06/08121133/ 2 KB
2 KB 59ms
14ms Image
image/jpeg 2600:9000:2182:d600:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/06/08121133/ai-safety-featured-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:d600:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d363c974cd81869ce3fd8d76a06f12b273be51cb358a9a85c21d157eedde824

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 May 2020 19:01:41 GMT
via: 1.1 e3666efb6956ba7f03c75c3401b8c79e.cloudfront.net (CloudFront), 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jul 2018 02:40:26 GMT
server: AmazonS3
age: 7271124
etag: "29cb0a26bc7f2d80110ca80691f44ecd"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA54, DUS51-C1
accept-ranges: bytes
content-length: 2089
x-amz-cf-id: N6RyepH6_zafJhKJNY9qzFqFlxtpEIrspLmGG7KgNYT4OERUph9U_w==
expires: Wed, 03 Jul 2019 02:40:23 GMT

GET
H2 200 microsoft-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/01/22095352/ 2 KB
3 KB 58ms
12ms Image
image/jpeg 2600:9000:2182:d600:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/01/22095352/microsoft-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:d600:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaa21df70fd10c5a594ac5996411eb517750a210903adaa56dc097d5936dc9e

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 16:39:30 GMT
via: 1.1 79503619d600dbc1c9e04a650d3d7f3f.cloudfront.net (CloudFront), 1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jan 2020 14:53:54 GMT
server: AmazonS3
age: 1058854
etag: "872d8d15e18da7498f683a1a4b3d2477"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA54, DUS51-C1
accept-ranges: bytes
content-length: 2145
x-amz-cf-id: ec7gFIEeG3T1acyD-lbP3NZ6_b43i2pgI1sIi_s4ZdMd4M2viHE0Pg==
expires: Thu, 21 Jan 2021 14:53:52 GMT

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ 29 KB
9 KB 122ms
46ms Script
text/javascript 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: d50decabb6250067e778613b69053fa1159e52657ce7c4909689482dc6040acf

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:02 GMT
content-encoding: gzip
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/javascript; charset=utf-8

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 2 KB
1 KB 260ms
260ms Script
application/x-javascript 2600:9000:2182:b400:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/jquery.json.min.js&ver=1ac6b92e

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:b400:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
status: 200
content-length: 926
x-cache-hit: HIT
last-modified: Thu, 13 Aug 2020 09:11:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: a_lNp0T8MsSLfTDTNNYVx61cL9Gm3mlyIb0PchcQ6eoomCkG8tgnwQ==
expires: Fri, 14 Aug 2020 13:10:08 GMT

GET
H/1.1 200
OK gravityforms.min.js Show response
threatpost.com/wp-content/plugins/gravityforms/js/ 34 KB
12 KB 923ms
136ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.17.15
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 13 Aug 2020 22:47:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 09:11:34 GMT
Server: nginx
ETag: W/"5f3503c6-88c2"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Thu, 20 Aug 2020 22:47:04 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 7 KB
3 KB 263ms
259ms Script
application/x-javascript 2600:9000:2182:b400:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/conditional_logic.min.js&ver=1ac6b92e

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:b400:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
status: 200
content-length: 2685
x-cache-hit: HIT
last-modified: Thu, 13 Aug 2020 09:11:35 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: kFHdvOJyq3TW_I8ROUv9OHVip5C7Nt5zW0TXsN929tRDdbbX18LqFQ==
expires: Fri, 14 Aug 2020 13:10:08 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 5 KB
2 KB 277ms
273ms Script
application/x-javascript 2600:9000:2182:b400:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/placeholders.jquery.min.js&ver=1ac6b92e

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:b400:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
status: 200
content-length: 1747
x-cache-hit: HIT
last-modified: Thu, 13 Aug 2020 09:11:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: yhQ_xoqvvYi48BFh1DcEZMFcAA1rrFu8so6hazagZPG7oA-CyTQTKg==
expires: Fri, 14 Aug 2020 13:10:08 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 676 B
520 B 20ms
16ms Script
text/javascript 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en&render=explicit&ver=5.4.2

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e7785e680569abfe0d6b2000d49f7c3635e3dd0d031b5809fc206df87db11d07

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 446
x-xss-protection: 1; mode=block
expires: Thu, 13 Aug 2020 22:47:03 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 2 KB
1 KB 264ms
261ms Script
application/x-javascript 2600:9000:2182:b400:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/js/wp-embed.min.js,wp-content/plugins/akismet/_inc/form.js&ver=1ac6b92e

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:b400:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

21e46fe44c6929876f5a413c843ae516c0ddfd1aad3e8e33446b7bc0a6781b08

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
status: 200
content-length: 973
x-cache-hit: HIT
last-modified: Wed, 10 Jun 2020 22:05:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: pzfPZ_drYUywF2iqCrxHuFu4j2_cb92KK8CrVeS5rpYitqg5R-fA-g==
expires: Fri, 14 Aug 2020 13:10:09 GMT

GET
H2 200 b-cc9018f-2cba83b0.js Show response
tagan.adlightning.com/math-aids-threatpost/ 58 KB
20 KB 50ms
47ms Script
application/javascript 13.226.155.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-cc9018f-2cba83b0.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92814e48e334fb45bb8d9d0d2a6e68a1e601fd7ce63d25c10969cfd57bf4b1e8

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 14:10:44 GMT
content-encoding: gzip
age: 376580
x-cache: Hit from cloudfront
status: 200
content-length: 19746
x-amz-meta-git_commit: cc9018f
last-modified: Tue, 07 Jul 2020 17:59:39 GMT
server: AmazonS3
etag: "21fe90f3aceeb46480a69949d763c756"
x-amz-version-id: KDx1ypMRqiob.YrLSDtIdsXad7Sl2JS5
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: ISt1xljJdFzQHJkql_Xp7GuFLK8QsMPxKiImdokFktEF2eYNZO8GLA==

GET
H2 200 bl-13281d4-763df7b3.js Show response
tagan.adlightning.com/math-aids-threatpost/ 69 KB
20 KB 66ms
64ms Script
application/javascript 13.226.155.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-13281d4-763df7b3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a6a43b510a2faf7043f3494d1e7368134f853414fa069f88fda04ffe2fa5105

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:32:01 GMT
content-encoding: gzip
age: 22503
x-cache: Hit from cloudfront
status: 200
content-length: 19938
x-amz-meta-git_commit: 13281d4
last-modified: Thu, 13 Aug 2020 15:52:12 GMT
server: AmazonS3
etag: "9830178e93f80799edab5b2485c00517"
x-amz-version-id: Xf.VRQH2uEdqhKZ.DRFz9jw3Rkv0Xl6t
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: WU_rzNUK0iQ_ryxh9NMbGxHCnLEMd4uRbc5ExJSJqRzzFVMKs81UGw==

GET
H2 200 pubads_impl_2020080501.js Show response
securepubads.g.doubleclick.net/gpt/ 262 KB
92 KB 138ms
66ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

sffe /

Resource Hash

2a7a5100d1b04b40f49ec3661a2ce57d3af5acbd35497cd946e87912a6c9e021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 05 Aug 2020 08:42:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94052
x-xss-protection: 0
expires: Thu, 13 Aug 2020 22:47:03 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ 113 B
324 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=threatpost.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 108
x-xss-protection: 0

GET
H2 200 vendor-list.json Show response
qd.admetricspro.com/js/cmp2/ 114 KB
19 KB 157ms
142ms XHR
application/json 2606:4700:e4::ac40:a60d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/cmp2/vendor-list.json
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a60d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54049bb1b8bcf97ba04b9fdaffa61060041569b274e5581964c9f1251274aac5

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 26 Jun 2020 12:45:52 GMT
server: cloudflare
etag: W/"1c73a-5a8fc16dcbdce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 5c25f9c62b620601-FRA
cf-request-id: 048b9a6fd500000601a12c5200000001
expires: Thu, 13 Aug 2020 22:57:03 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 104 KB
27 KB 144ms
59ms Script
application/javascript 13.226.146.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/engine.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-86.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 66cfd93f20fe1bb1545202b2138ec00c34d51f2cf915409404f4615560dcf7cb

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:37:06 GMT
content-encoding: gzip
server: Server
age: 597
etag: 455f576a29240d2cfe83996aefcdb576
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: PX4PFTPHzRNLHyqf72QEY5cVf1cA5nWJITQtDPqBqkGOv0uH-yr1aw==
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
46 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c797b8e76efd67b8a2a71b7443e67081bd8192f6c756980342b132f459543d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47017
x-xss-protection: 0
expires: Thu, 13 Aug 2020 22:47:03 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/ 13 KB
5 KB 897ms
131ms Other
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 13 Aug 2020 22:47:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 09:11:37 GMT
Server: nginx
ETag: W/"5f3503c9-3496"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Thu, 20 Aug 2020 22:47:04 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 13 KB
5 KB 897ms
134ms Other
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 13 Aug 2020 22:47:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 09:11:37 GMT
Server: nginx
ETag: W/"5f3503c9-3496"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Thu, 20 Aug 2020 22:47:04 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/ 331 KB
131 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e42f7806fd699d172d728f73f966a5d173cad2f4091aeed75cdb6ef611b4396e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 03:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Aug 2020 04:05:32 GMT
server: sffe
age: 157022
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133738
x-xss-protection: 0
expires: Thu, 12 Aug 2021 03:10:01 GMT

GET
H/1.1 200
OK logo.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 19 KB
19 KB 904ms
235ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo.png
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1597309896
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 13 Aug 2020 22:47:04 GMT
Last-Modified: Thu, 13 Aug 2020 09:11:37 GMT
Server: nginx
ETag: "5f3503c9-4a32"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 18994
Expires: Thu, 20 Aug 2020 22:47:04 GMT

GET
H/1.1 200
OK museosans-300-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 464ms
237ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1597309896
Origin: https://threatpost.com

Response headers

Pragma: public
Date: Thu, 13 Aug 2020 22:47:03 GMT
Last-Modified: Thu, 13 Aug 2020 09:11:37 GMT
Server: nginx
ETag: "5f3503c9-51b8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20920
Expires: Fri, 13 Aug 2021 22:47:03 GMT

GET
H/1.1 200
OK mail-plane-light.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 828 B
722 B 796ms
127ms Image
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-light.svg
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1597309896
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 13 Aug 2020 22:47:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 09:11:37 GMT
Server: nginx
ETag: W/"5f3503c9-33c"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Thu, 20 Aug 2020 22:47:04 GMT

GET
H/1.1 200
OK twitter-blue.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 868 B
847 B 761ms
127ms Image
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/twitter-blue.svg
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1597309896
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 13 Aug 2020 22:47:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 09:11:37 GMT
Server: nginx
ETag: W/"5f3503c9-364"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Thu, 20 Aug 2020 22:47:04 GMT

GET
H/1.1 200
OK museosans-700-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 486ms
240ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1597309896
Origin: https://threatpost.com

Response headers

Pragma: public
Date: Thu, 13 Aug 2020 22:47:03 GMT
Last-Modified: Thu, 13 Aug 2020 09:11:37 GMT
Server: nginx
ETag: "5f3503c9-51a4"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20900
Expires: Fri, 13 Aug 2021 22:47:03 GMT

GET
H/1.1 200
OK museosans-100-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 491ms
239ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1597309896
Origin: https://threatpost.com

Response headers

Pragma: public
Date: Thu, 13 Aug 2020 22:47:03 GMT
Last-Modified: Thu, 13 Aug 2020 09:11:37 GMT
Server: nginx
ETag: "5f3503c9-50c8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20680
Expires: Fri, 13 Aug 2021 22:47:03 GMT

GET
H/1.1 200
OK museosans-500-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 383ms
131ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1597309896
Origin: https://threatpost.com

Response headers

Pragma: public
Date: Thu, 13 Aug 2020 22:47:03 GMT
Last-Modified: Thu, 13 Aug 2020 09:11:37 GMT
Server: nginx
ETag: "5f3503c9-5194"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20884
Expires: Fri, 13 Aug 2021 22:47:03 GMT

GET
H/1.1 200
OK museosans-700italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 15 KB
16 KB 489ms
235ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1597309896
Origin: https://threatpost.com

Response headers

Pragma: public
Date: Thu, 13 Aug 2020 22:47:03 GMT
Last-Modified: Thu, 13 Aug 2020 09:11:37 GMT
Server: nginx
ETag: "5f3503c9-3dcc"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 15820
Expires: Fri, 13 Aug 2021 22:47:03 GMT

GET
H/1.1 200
OK museosans-300italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 23 KB
23 KB 383ms
128ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1597309896
Origin: https://threatpost.com

Response headers

Pragma: public
Date: Thu, 13 Aug 2020 22:47:03 GMT
Last-Modified: Thu, 13 Aug 2020 09:11:36 GMT
Server: nginx
ETag: "5f3503c8-5bac"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 23468
Expires: Fri, 13 Aug 2021 22:47:03 GMT

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame 5EF5 2 KB
1 KB 44ms
44ms Script
text/javascript 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1597358823&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=both&flowCloseButtonPosition=right
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 3380f4a77c068e267ee52ba22e2e075293437d717a30e1d9a8e19939fcff0659

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK mail-plane-large-dark.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 812 B
722 B 390ms
130ms Image
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-large-dark.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1597309896
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 13 Aug 2020 22:47:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 09:11:37 GMT
Server: nginx
ETag: W/"5f3503c9-32c"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Thu, 20 Aug 2020 22:47:04 GMT

GET
H/1.1 200
OK logo-white.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 10 KB
10 KB 456ms
128ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo-white.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1597309896
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 13 Aug 2020 22:47:04 GMT
Last-Modified: Thu, 13 Aug 2020 09:11:37 GMT
Server: nginx
ETag: "5f3503c9-260a"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 9738
Expires: Thu, 20 Aug 2020 22:47:04 GMT

GET
H/1.1 200
OK iab_consent_sdk.v1.0.js Show response
live.sekindo.com/content/ClientDetections/ Frame 5EF5 19 KB
6 KB 43ms
39ms Script
application/javascript 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1597358823&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=both&flowCloseButtonPosition=right
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 15:01:36 GMT
server: nginx
etag: W/"5e441350-4be0"
transfer-encoding: chunked
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 13 Aug 2021 22:47:03 GMT

GET
H/1.1 200
OK DetectGDPR2.v1.1.js Show response
live.sekindo.com/content/ClientDetections/ Frame 5EF5 9 KB
3 KB 81ms
38ms Script
application/javascript 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1597358823&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=both&flowCloseButtonPosition=right
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 0cf25abe73b03e246c0a820c825a1f433e36949c2cf456ce889d86e8dd9ec427

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:02 GMT
content-encoding: gzip
last-modified: Wed, 08 Jul 2020 16:36:52 GMT
server: nginx
etag: W/"5f05f624-225b"
transfer-encoding: chunked
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 13 Aug 2021 22:47:02 GMT

GET
H/1.1 200
OK DetectGDPR.v1.1.js Show response
live.sekindo.com/content/ClientDetections/ Frame 5EF5 8 KB
3 KB 117ms
39ms Script
application/javascript 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/ClientDetections/DetectGDPR.v1.1.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1597358823&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=both&flowCloseButtonPosition=right
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: f40e3d5b91387e92272b6d46fc83ce21041f130a29316d7216d3a1793d46c4f3

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
last-modified: Wed, 08 Jul 2020 16:36:53 GMT
server: nginx
etag: W/"5f05f625-1ec4"
transfer-encoding: chunked
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 13 Aug 2021 22:47:03 GMT

GET
H/1.1 200
OK hls.0.12.4_1.min.js Show response
live.sekindo.com/content/video/hls/ Frame 5EF5 247 KB
85 KB 134ms
56ms Script
application/javascript 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1597358823&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=both&flowCloseButtonPosition=right
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7d0492c66125b1c2bdc419641e41542857e7d90e323d355ee0b8bb268da121fb

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 15:31:55 GMT
server: nginx
etag: W/"5e1352eb-3dcb9"
transfer-encoding: chunked
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 13 Aug 2021 22:47:03 GMT

GET
H/1.1 200
OK prebidVid.3.19.0_9.min.js Show response
live.sekindo.com/content/prebid/ Frame 5EF5 296 KB
109 KB 135ms
56ms Script
application/javascript 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1597358823&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=both&flowCloseButtonPosition=right
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7860ef37e85676dcb81a99d7e5d6453bdacdf9d35aa45517a9ba9ea25bbd4c85

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 14:28:49 GMT
server: nginx
etag: W/"5f106421-4a003"
transfer-encoding: chunked
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 13 Aug 2021 22:47:03 GMT

GET
H/1.1 200
OK liveVideo.php Show response
live.sekindo.com/live/ Frame 5EF5 438 KB
123 KB 147ms
65ms Script
text/html 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30382D31345F30317D7B7331323334383830387D7B433131397D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=89.238.186.243&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&csuuid=5f35c2e77a6ed&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0766&geoLong=14.5148&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1597358823&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=both&flowCloseButtonPosition=right
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 0615aca9a317804aa42bf1c134629feafd836491badd06675a7b21f816dff4e9

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:02 GMT
content-encoding: gzip
server: nginx
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 802
date: Thu, 13 Aug 2020 22:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Fri, 14 Aug 2020 00:33:41 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
8 KB 24ms
8ms Script
application/x-javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
last-modified: Thu, 13-Aug-2020 22:47:03 GMT
etag: M0-2a172724
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: private, no-transform, max-age=604800
strict-transport-security: max-age=86400
content-length: 8060
expires: Thu, 20 Aug 2020 22:47:03 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 33ms
33ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
age: 4498
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1958
x-served-by: cache-hhn4050-HHN
last-modified: Mon, 10 Aug 2020 18:10:59 GMT
x-timer: S1597358824.735098,VS0,VE0
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 138ms
46ms XHR
application/javascript 13.226.146.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-86.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 15:02:27 GMT
content-encoding: gzip
vary: Origin
age: 27877
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Tue, 23 Jun 2020 10:10:39 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: x69Z6ptcAlcaWD53dZWWTnATF0p27ehM5ZaqLQJDCK06wpw7Ihl-7w==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
371 B 84ms
83ms XHR
text/javascript 13.226.146.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&pid=xFerCu6Rh3PAX&cb=0&ws=1600x1200&v=7.53.00&t=1200&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21707124336%2FThreatPost-970x250-ATF%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F21707124336%2FThreatPost-300x250-ATF%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F21707124336%2FThreatPost-300x600-ATF%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%222x2%22%5D%2C%22sn%22%3A%22%2F21707124336%2FThreatPost-2x2-Skin%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22rtimes%22%3A%5B13%5D%2C%22cc%22%3A%222%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-86.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 3M2KV6i2HrfHYMxOt_rZkq8G8FPmuJ86TW6P3oTzNGVRtF3TazyLKg==

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
168 B 400ms
133ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Thu, 13 Aug 2020 22:47:04 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://threatpost.com
content-length: 16
vary: Origin
content-type: application/json

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 24 B
987 B 245ms
149ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=438654&v=7.2&r=%7B%22id%22%3A%2258bb81a6872d9e%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22677335eb788901%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227f5d3b116d536d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228d8f7b0b42e3cb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22677335eb788901%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22677335eb788901%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227f5d3b116d536d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228d8f7b0b42e3cb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22sid%22%3A%221005%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: da3a64d7c90b3f78c4a5550868c5ea865f1306cc6524f4205a2298b8346fb4d1

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 Aug 2020 22:47:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Thu, 13 Aug 2020 22:47:03 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 379 B
1 KB 146ms
57ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

702cebd3ec221caf7a6a9c1087f3caf695c64e4031356024c8a380be0315f9c4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 Aug 2020 22:47:03 GMT
X-Proxy-Origin: 89.238.186.243; 89.238.186.243; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.41:80
AN-X-Request-Uuid: 21860cee-4398-4645-ba3c-2a4abb4d56b9
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 379
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 c Show response
prebid.a-mo.net/a/ 551 B
753 B 506ms
243ms XHR
application/json 18.210.170.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.170.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-170-92.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: b87f7e8a0a35e47f08f9b3f55f335b4c08aac813635aeedaf93b2d4805d63588

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 13 Aug 2020 22:47:04 GMT
content-encoding: gzip
server: Cowboy
status: 200
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://threatpost.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 298

GET
H2 200 arj Show response
teachingaids-d.openx.net/w/1.0/ 174 B
561 B 273ms
167ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=8de04d95-ae13-40ef-82a3-b8d9a82b1932%2C8de04d95-ae13-40ef-82a3-b8d9a82b1932%2Cfe53c5cb-d374-4a79-a462-c974cafa20ff%2C5c9fb11d-7ca2-4705-baa5-45b4362ca089%2C5c9fb11d-7ca2-4705-baa5-45b4362ca089&nocache=1597358823779&gdpr=0&x_gdpr_f=1&pubcid=46eb59dc-824e-4276-aa58-e77fa83ae2a0&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&aus=728x90%2C970x250%2C970x90%7C728x90%2C970x250%2C970x90%7C300x250%2C336x280%7C300x250%2C300x600%7C300x250%2C300x600&divIds=div-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-3%2Cdiv-gpt-ad-6794670-5%2Cdiv-gpt-ad-6794670-5&auid=540932704%2C540932709%2C540932713%2C540932715%2C540932720
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.192.0 /
Resource Hash: 7baf1574c7b4916cd5415e6c7b16471aaed1f197e1b4a1b666f82d1b40c342df

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:04 GMT
content-encoding: gzip
server: OXGW/16.192.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 166
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
475 B 207ms
83ms XHR
application/json 3.120.51.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.26.0&referrer=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&tmax=1200&gdpr=false

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.120.51.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-51-72.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:03 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 47 B
723 B 189ms
93ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.26.0
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 7415e4a3750c12578d0b5cf920c001beb198ae27dea873d5354ef58c2f8b1c51

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 13 Aug 2020 22:47:03 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 65

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 375 B
1 KB 170ms
69ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

1a8d6b535db2a2198bbcf4df783079928a9c863283e12463b128281c98306426

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 Aug 2020 22:47:03 GMT
X-Proxy-Origin: 89.238.186.243; 89.238.186.243; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.230:80
AN-X-Request-Uuid: 508411f5-1ffa-4cfc-b8e7-d659b0553ca5
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 375
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ADTECH;apid=1Ae8513934-ddb6-11ea-8dbd-12f0dd10f918;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=586e8c6140fd0fb;misc=1597358823783 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=586e8c6140fd0fb;misc=1597358823783;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=586e8c6140fd0fb;misc=1597358823783
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;apid=1Ae8513934-ddb6-11ea-8dbd-12f0dd10f918;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=586e8c6140fd0fb;misc=15...

1 KB
1 KB

158ms
156ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;apid=1Ae8513934-ddb6-11ea-8dbd-12f0dd10f918;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=586e8c6140fd0fb;misc=1597358823783
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 9c5228b973ae8b0b891552910f971a913aa45f05622945fba9c951772cb2ee22

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:04 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 1224
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:03 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;apid=1Ae8513934-ddb6-11ea-8dbd-12f0dd10f918;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=586e8c6140fd0fb;misc=1597358823783
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1Ae87d26e8-ddb6-11ea-a089-121c10c2940c;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=59b9d7d8c9a1668;misc=1597358823783 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=59b9d7d8c9a1668;misc=1597358823783;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=59b9d7d8c9a1668;misc=1597358823783
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;apid=1Ae87d26e8-ddb6-11ea-a089-121c10c2940c;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=59b9d7d8c9a1668;misc=15...

1 KB
1 KB

180ms
179ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;apid=1Ae87d26e8-ddb6-11ea-a089-121c10c2940c;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=59b9d7d8c9a1668;misc=1597358823783
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: cff176af94fb2ba3d7947937af82d39b63b010dde7a1f51e0c3d3caabf811390

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:04 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 1224
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:04 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;apid=1Ae87d26e8-ddb6-11ea-a089-121c10c2940c;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=59b9d7d8c9a1668;misc=1597358823783
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1Ae853a5de-ddb6-11ea-9749-121b89dbed5a;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=6048515f3e151a6;misc=1597358823783 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=6048515f3e151a6;misc=1597358823783;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=6048515f3e151a6;misc=1597358823783
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;apid=1Ae853a5de-ddb6-11ea-9749-121b89dbed5a;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=6048515f3e151a6;misc=15...

1 KB
1 KB

166ms
166ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;apid=1Ae853a5de-ddb6-11ea-9749-121b89dbed5a;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=6048515f3e151a6;misc=1597358823783
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: e6135de980f52934f552690002886b31516660c9fba603904ed2f956d9ff3bc1

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:04 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 1225
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:03 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;apid=1Ae853a5de-ddb6-11ea-9749-121b89dbed5a;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=6048515f3e151a6;misc=1597358823783
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1Ae84f99d0-ddb6-11ea-a18f-12794b40da64;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=61726c6307d5384;misc=1597358823784 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=61726c6307d5384;misc=1597358823784;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=61726c6307d5384;misc=1597358823784
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;apid=1Ae84f99d0-ddb6-11ea-a18f-12794b40da64;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=61726c6307d5384;misc=15...

1 KB
1 KB

182ms
180ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;apid=1Ae84f99d0-ddb6-11ea-a18f-12794b40da64;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=61726c6307d5384;misc=1597358823784
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 1d31e336c064a986da29ce2df5077d3cdcbb9ebcbe510e79d8d50780b5d34b05

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:04 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 1225
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:03 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;apid=1Ae84f99d0-ddb6-11ea-a18f-12794b40da64;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=61726c6307d5384;misc=1597358823784
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1Ae87c2cf2-ddb6-11ea-94aa-12569b584e72;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=62643ef2bc07a7;misc=1597358823784 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=62643ef2bc07a7;misc=1597358823784;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=62643ef2bc07a7;misc=1597358823784
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;apid=1Ae87c2cf2-ddb6-11ea-94aa-12569b584e72;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=62643ef2bc07a7;misc=159...

1 KB
1 KB

219ms
219ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;apid=1Ae87c2cf2-ddb6-11ea-94aa-12569b584e72;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=62643ef2bc07a7;misc=1597358823784
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 2a68210e87bc56a699e7ee5f9a409f0019406ef73a1f695cc57059b6a5bffa80

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:04 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 1225
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:04 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;apid=1Ae87c2cf2-ddb6-11ea-94aa-12569b584e72;cfp=1;rndc=1597358823;v=2;cmd=bid;cors=yes;alias=62643ef2bc07a7;misc=1597358823784
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 201ms
105ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 13 Aug 2020 22:47:04 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://threatpost.com

POST
H2 200 adreq Show response
ads.servenobid.com/ 221 B
462 B 180ms
60ms XHR
application/json 3.248.143.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=9333
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.143.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-143-123.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 81faef927df2f003e391441240c925a2bea36fafcaab9090d9d1ff4572617044

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
status: 200
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://threatpost.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 306 B
784 B 143ms
37ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&tk_flint=pbjs_lite_v3.26.0&x_source.tid=8de04d95-ae13-40ef-82a3-b8d9a82b1932&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5386874922199494
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a8afe8d2016e9ed60c3bb86078bc70cb98d7b37c603d0f60aaef2d2f34676851

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 Aug 2020 22:47:03 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 306
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
762 B 163ms
42ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=16&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&tk_flint=pbjs_lite_v3.26.0&x_source.tid=fe53c5cb-d374-4a79-a462-c974cafa20ff&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6941827393163214
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a8cf444d8798d8bdc2e9fe8dca30d22aff85268bdfd687a20209b8ed11719d38

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 Aug 2020 22:47:03 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 304 B
782 B 178ms
57ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509506&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&tk_flint=pbjs_lite_v3.26.0&x_source.tid=5c9fb11d-7ca2-4705-baa5-45b4362ca089&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.716058797721677
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a981c6547c539efb95258bec25c7625cb4426928e323c07934f867401acf88c7

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 Aug 2020 22:47:03 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 304
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 304 B
782 B 180ms
55ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&tk_flint=pbjs_lite_v3.26.0&x_source.tid=5c9fb11d-7ca2-4705-baa5-45b4362ca089&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.21874215501369965
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b2f2120413c3f779a2cd805d5919902537bebbfa00fa2393d8decc17c89f0608

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 Aug 2020 22:47:03 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 304
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 5EF5 104 KB
27 KB 44ms
44ms Script
application/javascript 13.226.146.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30382D31345F30317D7B7331323334383830387D7B433131397D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=89.238.186.243&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&csuuid=5f35c2e77a6ed&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0766&geoLong=14.5148&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-86.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 66cfd93f20fe1bb1545202b2138ec00c34d51f2cf915409404f4615560dcf7cb

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:37:06 GMT
content-encoding: gzip
server: Server
age: 597
etag: 455f576a29240d2cfe83996aefcdb576
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ZoPE8QisXkz-qHnfZfMQVofLwnXU3bdiXCexGmZscy_f_lvug0GcKQ==
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)

GET
H2 200 rules-p-_7kVx0t9Jqj90.js Show response
rules.quantcount.com/ 3 B
356 B 392ms
369ms Script
application/x-javascript 2600:9000:2182:ce00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-_7kVx0t9Jqj90.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:ce00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:45:19 GMT
via: 1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 112
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: YuXG6bH04xJwx4db3kZTc02HXq_nUX-78y6YUfdLa516UpBp4WiIHA==

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=515358820&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&ul=en-us&de=UTF-8&dt...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35676203-21&cid=1383536824.1597358824&jid=1368177773&_gid=2099508087.1597358824&gjid=1313878018&_v=j83&z=1123549224
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1383536824.1597358824&jid=1368177773&_v=j83&z=1123549224
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1383536824.1597358824&jid=1368177773&_v=j83&z=1123549224&slf_rd=1&random=3196801372

42 B
106 B

44ms
44ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1383536824.1597358824&jid=1368177773&_v=j83&z=1123549224&slf_rd=1&random=3196801372

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:04 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1383536824.1597358824&jid=1368177773&_v=j83&z=1123549224&slf_rd=1&random=3196801372
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
97 B 6ms
6ms Image
image/gif 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&aip=1&a=515358820&t=event&ni=0&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&ul=en-us&de=UTF-8&dt=TeamViewer%20Flaw%20in%20Windows%20App%20Allows%20Password-Cracking%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VISIBILITY&ea=elementVisibility%20%2F%20%5BHeader%5D%20%2F%20Social%20Networks%20View&_u=YEDAAEAB~&jid=&gjid=&cid=1383536824.1597358824&tid=UA-35676203-21&_gid=2099508087.1597358824&gtm=2wg871PM29HLF&z=1776923473

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 05:10:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63364
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
171 B 157ms
156ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 111
pragma: no-cache
last-modified: Thu, 13 Aug 2020 22:47:04 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 8737bcfccc63216ce484f2e8f91c5bac
x-transaction: 009eb68f00559ea3
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5EF5 6 KB
3 KB 49ms
49ms XHR
application/javascript 13.226.146.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-86.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 15:02:27 GMT
content-encoding: gzip
vary: Origin
age: 27877
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Tue, 23 Jun 2020 10:10:39 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: V0NJ1a7bOgFSeN4UdoOLrbpASLAC04aarcwNLzC4gAQVsjQs-XYD7g==

GET
H2 200 css
fonts.googleapis.com/ Frame 1897 2 KB
669 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30382D31345F30317D7B7331323334383830387D7B433131397D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=89.238.186.243&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&csuuid=5f35c2e77a6ed&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0766&geoLong=14.5148&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00d4fbacbadc6ecbd73be323ec77febf3d856ce00dc5334d06462a315c7da8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 Aug 2020 21:01:56 GMT
server: ESF
date: Thu, 13 Aug 2020 22:47:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Aug 2020 22:47:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8D2B 2 KB
646 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00d4fbacbadc6ecbd73be323ec77febf3d856ce00dc5334d06462a315c7da8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 Aug 2020 21:13:17 GMT
server: ESF
date: Thu, 13 Aug 2020 22:47:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Aug 2020 22:47:04 GMT

GET
H/1.1 200
OK user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9C45 0
0 163ms
57ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30382D31345F30317D7B7331323334383830387D7B433131397D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=89.238.186.243&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&csuuid=5f35c2e77a6ed&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0766&geoLong=14.5148&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:40 GMT
ETag: "1300708-1f7d-5abd2241d66f9"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2655
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=21500
Expires: Fri, 14 Aug 2020 04:45:24 GMT
Date: Thu, 13 Aug 2020 22:47:04 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

liveCS.php
live.sekindo.com/live/ Frame A22B
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_chec...
https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=94&advUuid=e8794e21-ddb6-11ea-9136-1d03a5b20906

0
0

40ms
40ms

Document
text/html

194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=94&advUuid=e8794e21-ddb6-11ea-9136-1d03a5b20906
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30382D31345F30317D7B7331323334383830387D7B433131397D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=89.238.186.243&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&csuuid=5f35c2e77a6ed&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0766&geoLong=14.5148&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: live.sekindo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

server: nginx
date: Thu, 13 Aug 2020 22:47:03 GMT
content-type: text/html; charset=utf-8
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
pragma: no-cache
age: 0
content-encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 13 Aug 2020 22:47:04 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=e8794e21-ddb6-11ea-9136-1d03a5b20906; expires=Fri, 13-Aug-2021 23:53:44 GMT; path=/; domain=.spotxchange.com; SameSite=none; Secure
Location: https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=94&advUuid=e8794e21-ddb6-11ea-9136-1d03a5b20906
X-fe: 39
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

GET
H/1.1

200
OK

liveCS.php
live.sekindo.com/live/ Frame 5562
Redirect Chain

https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D98%26advUuid%3D
https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=98&advUuid=62e28035-678f-4572-b4eb-b9b420559248

0
0

41ms
40ms

Document
text/html

194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=98&advUuid=62e28035-678f-4572-b4eb-b9b420559248
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30382D31345F30317D7B7331323334383830387D7B433131397D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=89.238.186.243&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&csuuid=5f35c2e77a6ed&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0766&geoLong=14.5148&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: live.sekindo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

server: nginx
date: Thu, 13 Aug 2020 22:47:03 GMT
content-type: text/html; charset=utf-8
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
pragma: no-cache
age: 0
content-encoding: gzip

Redirect headers

status: 302
vary: Accept, Accept-Encoding
set-cookie: i=46eb59dc-824e-4276-aa58-e77fa83ae2a0|1597358823; Version=1; Expires=Fri, 13-Aug-2021 22:47:04 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.192.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=98&advUuid=62e28035-678f-4572-b4eb-b9b420559248
date: Thu, 13 Aug 2020 22:47:04 GMT
content-type: text/html
content-length: 0
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK placeHolder.png
live.sekindo.com/content/video/splayer/assets/ 23 KB
24 KB 41ms
39ms Image
image/png 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/content/video/splayer/assets/placeHolder.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 76102878c1198de858725194952ba1c6b35bdee0f870cc6a124e93d17385e64e

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:03 GMT
last-modified: Sun, 11 Jun 2017 08:04:05 GMT
server: nginx
etag: "593cf975-5dbf"
content-type: image/png
cache-control: no-cache, private
accept-ranges: bytes
content-length: 23999
expires: Thu, 13 Aug 2020 22:47:02 GMT

GET
H/1.1 200
OK vid5f2e270785d60094644426.jpg
video.sekindo.com/uploads/cn5/video/users/converted/24485/video1523972806/ Frame 8D2B 15 KB
16 KB 254ms
87ms Image
image/jpeg 185.127.16.53
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn5/video/users/converted/24485/video1523972806/vid5f2e270785d60094644426.jpg?cbuster=1596860169

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.16.53 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

94bbe88597e0219d302f9831df93d35a4b6ac350466dab312b4df25485812998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 22:46:44 GMT
Last-Modified: Sun, 09 Aug 2020 03:55:17 GMT
Server: Tengine
ETag: "5f2f73a5-3d78"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 15736
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5f2dce574a1b6773166405.jpg
video.sekindo.com/uploads/cn12/video/users/converted/24485/video_5c74e337b0b1c456249184/ Frame 8D2B 15 KB
16 KB 255ms
87ms Image
image/jpeg 185.127.16.53
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn12/video/users/converted/24485/video_5c74e337b0b1c456249184/vid5f2dce574a1b6773166405.jpg?cbuster=1596837465

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.16.53 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

99adcdbae7594190017340a8081f8ae8b8945a333cc22bf8017e7a9b72165646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 22:46:44 GMT
Last-Modified: Sun, 09 Aug 2020 02:05:56 GMT
Server: Tengine
ETag: "5f2f5a04-3cdc"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 15580
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5f30d1d3604e0781206618.jpg
video.sekindo.com/uploads/cn4/video/users/converted/24485/video1523972806/ Frame 8D2B 21 KB
21 KB 256ms
88ms Image
image/jpeg 185.127.16.53
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn4/video/users/converted/24485/video1523972806/vid5f30d1d3604e0781206618.jpg?cbuster=1597034964

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.16.53 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

61a4bc886b01b16910328fd679fb6c6aa5b1f4212e1220be6e2f2b722762ea23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 22:46:44 GMT
Last-Modified: Mon, 10 Aug 2020 04:55:53 GMT
Server: Tengine
ETag: "5f30d359-52f7"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 21239
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 5EF5
Redirect Chain

https://x.bidswitch.net/sync?ssp=sekindo&user_id=5f35c2e77a6ed&custom_data=5f35c2e77a6ed&gdpr=1&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&user_id=5f35c2e77a6ed&custom_data=5f35c2e77a6ed&gdpr=1&gdpr_consent=

43 B
412 B

35ms
35ms

Image
image/gif

3.124.165.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&user_id=5f35c2e77a6ed&custom_data=5f35c2e77a6ed&gdpr=1&gdpr_consent=
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.165.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-165-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 13 Aug 2020 22:47:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Thu, 13 Aug 2020 22:47:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&user_id=5f35c2e77a6ed&custom_data=5f35c2e77a6ed&gdpr=1&gdpr_consent=
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

liveCS.php
live.sekindo.com/live/ Frame 5EF5
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=93&advUuid=70ba3b44-3e61-4170-8b44-98906d97fe5b

0
321 B

41ms
40ms

Image
text/html

194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=93&advUuid=70ba3b44-3e61-4170-8b44-98906d97fe5b
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
content-type: text/html; charset=utf-8

Redirect headers

status: 307
date: Thu, 13 Aug 2020 22:47:04 GMT
content-length: 0
location: https://live.sekindo.com/live/liveCS.php?source=external&pixel=&advId=93&advUuid=70ba3b44-3e61-4170-8b44-98906d97fe5b

GET
H/1.1 200
OK vid5f2e270785d60094644426.jpg
video.sekindo.com/uploads/cn5/video/users/converted/24485/video1523972806/ Frame 1897 15 KB
16 KB 308ms
60ms Image
image/jpeg 185.127.16.53
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn5/video/users/converted/24485/video1523972806/vid5f2e270785d60094644426.jpg?cbuster=1596860169

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.16.53 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

94bbe88597e0219d302f9831df93d35a4b6ac350466dab312b4df25485812998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://amli.sekindo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 22:46:44 GMT
Last-Modified: Sun, 09 Aug 2020 03:55:17 GMT
Server: Tengine
ETag: "5f2f73a5-3d78"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 15736
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 1897 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1897 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame 5EF5 68 KB
3 KB 67ms
66ms XHR
application/json 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.0.0&vid_viewabilityState=1&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn5%2Fvideo%2Fusers%2Fconverted%2F24485%2Fvideo1523972806%2Fvid5f2e270785d60094644426.mp4&vid_content_id=946757&vid_content_desc=Banning+TikTok+and+WeChat+Is+a+Slippery+Slope%2C+Says+Analyst+Ives&vid_content_title=Banning+TikTok+and+WeChat+Is+a+Slippery+Slope%2C+Says+Analyst+Ives&vid_content_duration=330&debugInformation=&x=320&y=180&fpl=1&pubUrl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&ri=6C69766553746174737C736B317B54307D7B64323032302D30382D31345F30317D7B7331323334383830387D7B433131397D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&isApp=0&geoLati=50.0766&geoLong=14.5148&userIpAddr=89.238.186.243&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5f35c2e77a6ed&cbuster=1597358824097&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30382D31345F30317D7B7331323334383830387D7B433131397D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=89.238.186.243&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&csuuid=5f35c2e77a6ed&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0766&geoLong=14.5148&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 003c9273dfb8b75c0053dac9160e1015aced422aa4316e03a82b8b62f550a606

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 2970

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame 5EF5 22 KB
2 KB 67ms
66ms XHR
application/json 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.0.0&vid_viewabilityState=0&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn5%2Fvideo%2Fusers%2Fconverted%2F24485%2Fvideo1523972806%2Fvid5f2e270785d60094644426.mp4&vid_content_id=946757&vid_content_desc=Banning+TikTok+and+WeChat+Is+a+Slippery+Slope%2C+Says+Analyst+Ives&vid_content_title=Banning+TikTok+and+WeChat+Is+a+Slippery+Slope%2C+Says+Analyst+Ives&vid_content_duration=330&debugInformation=&x=320&y=180&fpl=1&pubUrl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&ri=6C69766553746174737C736B317B54307D7B64323032302D30382D31345F30317D7B7331323334383830387D7B433131397D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&isApp=0&geoLati=50.0766&geoLong=14.5148&userIpAddr=89.238.186.243&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5f35c2e77a6ed&cbuster=1597358824098&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30382D31345F30317D7B7331323334383830387D7B433131397D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=89.238.186.243&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&csuuid=5f35c2e77a6ed&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0766&geoLong=14.5148&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7aeb0fc951d809e10eaa86e3ccb3e305cf878dc1333abed95d2e13a2fc08b058

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:03 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 1720

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 1897 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto&display=swap
Origin: https://threatpost.com

Response headers

date: Tue, 11 Aug 2020 09:53:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 219242
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 11 Aug 2021 09:53:02 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 5EF5 0
59 B 50ms
50ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 13 Aug 2020 22:47:04 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://threatpost.com

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 5EF5 0
215 B 510ms
247ms XHR
application/json 18.194.97.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.97.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-97-231.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 pixel;r=1017432902;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F;fpan=1;fpa=P0-1534563410-1597358824298;ns=0;ce=1;qjs=1...
pixel.quantserve.com/ 35 B
371 B 9ms
7ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1017432902;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F;fpan=1;fpa=P0-1534563410-1597358824298;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=threatpost.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1597358824298;tzo=-120;ogl=image.https%3A%2F%2Fmedia%252Ethreatpost%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F103%2F2019%2F04%2F22122751%2Fteamv%2Ctype.article%2Ctitle.TeamViewer%20Flaw%20in%20Windows%20App%20Allows%20Password-Cracking%2Cdescription.Remote%252C%20unauthenticated%20attackers%20could%20exploit%20the%20TeamViewer%20flaw%20to%20execute%20c%2Curl.https%3A%2F%2Fthreatpost%252Ecom%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/ 331 KB
131 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=explicit&ver=5.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e42f7806fd699d172d728f73f966a5d173cad2f4091aeed75cdb6ef611b4396e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 03:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Aug 2020 04:05:32 GMT
server: sffe
age: 157023
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133738
x-xss-protection: 0
expires: Thu, 12 Aug 2021 03:10:01 GMT

GET
H2 200 flipboard.svg
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/ 236 B
567 B 271ms
271ms Image
image/svg+xml 2600:9000:2182:b400:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/flipboard.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:b400:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1ac6b92e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Thu, 13 Aug 2020 22:47:04 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 09:11:36 GMT
server: nginx
x-amz-cf-pop: DUS51-C1
etag: W/"5f3503c8-ec"
x-cache: Miss from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=604800, public
x-amz-cf-id: U697hT8DRMMbmBlaGS-wfnrjt2MFDT38vRW2HBPaHBTIVJdx0L8OGg==
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
expires: Thu, 20 Aug 2020 22:47:04 GMT

GET
H2 200 fontawesome-webfont.woff2
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/ 75 KB
76 KB 339ms
315ms Font
font/woff2 2600:9000:2182:b400:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:b400:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1ac6b92e
Origin: https://threatpost.com

Response headers

date: Thu, 13 Aug 2020 22:47:04 GMT
via: 1.1 dfeaf865724e57eaac72220929416926.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
status: 200
content-length: 77160
pragma: public
last-modified: Thu, 13 Aug 2020 09:11:36 GMT
server: nginx
etag: "5f3503c8-12d68"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: -3rMOVuS1Hhfi9LTvclP8IjMSooOZ8ONobdGbR1R3wKwHe7kn5ZaHA==
expires: Fri, 13 Aug 2021 22:47:04 GMT

GET
H/1.1 200
OK photo-newsletter.jpg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 83 KB
83 KB 1321ms
129ms Image
image/jpeg 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/photo-newsletter.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 940e0c3385928422aae38e1a74f1d84b462d8ce1a056c686fde505a0bf3162bb

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 13 Aug 2020 22:47:05 GMT
Last-Modified: Thu, 13 Aug 2020 09:11:36 GMT
Server: nginx
ETag: "5f3503c8-14c88"
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 85128
Expires: Thu, 20 Aug 2020 22:47:05 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
283 B 162ms
161ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 115
pragma: no-cache
last-modified: Thu, 13 Aug 2020 22:47:04 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d77d9bccd4fede75ea1f77a4e0ba11c6
x-transaction: 007df68d0093849d
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 6084 0
0 38ms
37ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&theme=standard&size=normal&cb=wxq0x4tkasip

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6efvkqwSec/mXlI0d35Rxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&theme=standard&size=normal&cb=wxq0x4tkasip
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 13 Aug 2020 22:47:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-6efvkqwSec/mXlI0d35Rxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10410
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
graph.facebook.com/ 88 B
497 B 65ms
51ms XHR
application/json 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b0e9c036b95059c5248d9843288d2ad9ccefcfc79041ce61cb66c79e10eccbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "fb168988afa7ef216b9a2ec515e83d28523e7700"
status: 200
x-fb-rev: 1002511449
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 88
pragma: no-cache
x-fb-debug: CDoX9R8eNmFpcT/Cp7tIwOxNpgR1ivEo9Kk8EXktve1+IKzWqTujycbH4A1YAGwwKLfziCWrjTts5i7psC6FkQ==
x-fb-trace-id: AeWnnVwzWAo
date: Thu, 13 Aug 2020 22:47:04 GMT
content-type: application/json
access-control-allow-origin: *
x-fb-request-id: AdAdS5VIJAYr5n5dBgszQd8
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 404 share
www.linkedin.com/countserv/count/ 0
0 106ms
104ms Script
text/html 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linkedin.com/countserv/count/share?url=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&format=jsonp&callback=jQuery1124003312558599098159_1597358823411&_=1597358823412
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 info.json Show response
www.reddit.com/api/ 13 KB
3 KB 350ms
228ms XHR
application/json 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

b2becc3ee4c223f5379897841889a9f8cb556bd61fe71e39a04241eddd147292

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
status: 200
vary: accept-encoding
content-length: 2440
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
server: snooserv
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: -1

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 029C 0
0 32ms
32ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&theme=light&size=normal&cb=e1brv8gxdcpb

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rBQ8pRjr1N8/2JgfyKzbrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&theme=light&size=normal&cb=e1brv8gxdcpb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 13 Aug 2020 22:47:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-rBQ8pRjr1N8/2JgfyKzbrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10502
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 377 KB
148 KB 434ms
434ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3707331531159848&correlator=3435359877690467&output=ldjh&impl=fifs&adsid=NT&eid=21065517%2C21065976&vrg=2020080501&gdpr=0&tfua=0&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200813&iu_parts=21707124336%2CThreatPost-970x250-ATF%2CThreatPost-300x250-ATF%2CThreatPost-300x600-ATF%2CThreatPost-2x2-Skin&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C336x280%2C300x250%7C300x600%2C2x2&csp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=urlhost%3Dhttps%253A%252F%252Fthreatpost.com%252F%26urlpath%3D%252Fteamviewer-fhigh-severity-flaw-windows-app%252F158204%252F%26urlquery%3Dgoogfc%26contentid%3D158204%26category%3Dvulnerabilities%26contenttags%3Dcrack-passwords%252Ccve-2020-13699%252Cdesktop-app%252Cflaw%252Chigh-severity-flaw%252Cpatch%252Cremote-code-execution%252Cteamviewer%252Cteamviewer-for-windows%252Cwindows&cookie_enabled=1&bc=31&abxe=1&lmt=1597358824&dt=1597358824538&dlt=1597358822591&idt=738&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1082%2C1082%2C0&adys=10%2C257%2C1570%2C0&adks=1015519800%2C654286612%2C375389812%2C3385906655&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&dssz=50&icsg=180401212416&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90%7C300x250%7C300x250%7C1600x2&msz=728x90%7C300x250%7C300x250%7C1600x2&ga_vid=1383536824.1597358824&ga_sid=1597358825&ga_hid=515358820&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d744b6662b204961c1ef434523154a39a83ccc2c0d43b7ddf86e9c938db5bd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150949
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,5283645110
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,138301519116
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://threatpost.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1922f1298d30d2bf058b0b9d293772cf.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 57ms
38ms Other
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1922f1298d30d2bf058b0b9d293772cf.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 20ms
5ms Other
text/html 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5EF5 143 B
836 B 56ms
56ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4c9f27e004aed53ebd5ac2e98631c7dd8bff747e2ca43bedd73d687ad3026d2e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 Aug 2020 22:47:04 GMT
X-Proxy-Origin: 89.238.186.243; 89.238.186.243; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.58:80
AN-X-Request-Uuid: 33c86c66-2bb6-474e-a38d-085b99dab8bd
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 5EF5 0
59 B 52ms
51ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 13 Aug 2020 22:47:04 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://threatpost.com

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 5EF5 0
215 B 246ms
246ms XHR
application/json 18.194.97.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.97.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-97-231.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 5EF5 25 B
1 KB 242ms
242ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=435871&v=8.1&r={%22id%22:%2211eb59cff5dd799%22,%22imp%22:[{%22id%22:%2212a10d87ac13b14%22,%22ext%22:{%22siteID%22:%22435871%22,%22sid%22:%22320x180%22},%22bidfloor%22:1.8,%22bidfloorcur%22:%22USD%22,%22video%22:{%22mimes%22:[%22video/mp4%22,%22application/javascript%22],%22minduration%22:1,%22maxduration%22:200,%22api%22:[1,2],%22protocols%22:[1,2,3,4,5,6],%22linearity%22:1,%22startdelay%22:0,%22skip%22:1,%22w%22:320,%22h%22:180,%22placement%22:1}},{%22id%22:%2213ddad2f2ff284e%22,%22ext%22:{%22siteID%22:%22435870%22,%22sid%22:%22320x180%22},%22bidfloor%22:1.8,%22bidfloorcur%22:%22USD%22,%22video%22:{%22mimes%22:[%22video/mp4%22,%22application/javascript%22],%22minduration%22:1,%22maxduration%22:200,%22api%22:[1,2],%22protocols%22:[1,2,3,4,5,6],%22linearity%22:1,%22startdelay%22:0,%22skip%22:1,%22w%22:320,%22h%22:180,%22placement%22:1}}],%22site%22:{%22page%22:%22https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F%22},%22ext%22:{%22source%22:%22prebid%22},%22source%22:{%22ext%22:{%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22admetricspro.com%22,%22sid%22:%221005%22,%22hp%22:1}]}}},%22regs%22:{%22ext%22:{%22gdpr%22:1}},%22user%22:{%22ext%22:{%22consent%22:%22%22}}}&ac=j&sd=1&nf=1
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 52ed237161ec86c2e05c00a7df4b6d9ac50e7ae6decf02d372b8614c0f32e805

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 Aug 2020 22:47:05 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Thu, 13 Aug 2020 22:47:05 GMT

GET
H2 200 avjp Show response
teachingaids-d.openx.net/v/1.0/ Frame 5EF5 92 B
285 B 62ms
62ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=51e8933b-66a7-48ee-ad18-21a69c6125bf&nocache=1597358824873&gdpr_consent=&gdpr=1&schain=1.0,1!admetricspro.com,1005,1,,,&skip=1&auid=540882778&vwd=320&vht=180
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.192.0 /
Resource Hash: 004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:04 GMT
via: 1.1 google
server: OXGW/16.192.0
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 92
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 42F1 0
0 18ms
18ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=aciovd700frv

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LSH04vHzv3AJNHWd+BQGTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=aciovd700frv
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 13 Aug 2020 22:47:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-LSH04vHzv3AJNHWd+BQGTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1178
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 1996 0
0 19ms
19ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&cb=r49l006gekd4

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yG9yvYpMSkudSa9eR9nczg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&cb=r49l006gekd4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 13 Aug 2020 22:47:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-yG9yvYpMSkudSa9eR9nczg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1174
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bl-13281d4-763df7b3.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 5869 69 KB
20 KB 46ms
45ms Script
application/javascript 13.226.155.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-13281d4-763df7b3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a6a43b510a2faf7043f3494d1e7368134f853414fa069f88fda04ffe2fa5105

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:32:01 GMT
content-encoding: gzip
age: 22505
x-cache: Hit from cloudfront
status: 200
content-length: 19938
x-amz-meta-git_commit: 13281d4
last-modified: Thu, 13 Aug 2020 15:52:12 GMT
server: AmazonS3
etag: "9830178e93f80799edab5b2485c00517"
x-amz-version-id: Xf.VRQH2uEdqhKZ.DRFz9jw3Rkv0Xl6t
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 0OIRhDDABMFB0mCnO56eZVxq1i6lO5qA2Ji-XuyYvbeGsMsSuIeJzw==

GET
H2 200 b-cc9018f-2cba83b0.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 5869 58 KB
20 KB 46ms
45ms Script
application/javascript 13.226.155.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-cc9018f-2cba83b0.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92814e48e334fb45bb8d9d0d2a6e68a1e601fd7ce63d25c10969cfd57bf4b1e8

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 14:10:44 GMT
content-encoding: gzip
age: 376582
x-cache: Hit from cloudfront
status: 200
content-length: 19746
x-amz-meta-git_commit: cc9018f
last-modified: Tue, 07 Jul 2020 17:59:39 GMT
server: AmazonS3
etag: "21fe90f3aceeb46480a69949d763c756"
x-amz-version-id: KDx1ypMRqiob.YrLSDtIdsXad7Sl2JS5
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: rGtG8ULg5yRQxmrg7oTOpKWdsyV5vCSSHTXqepYYC1l_YPzF-PCLqA==

GET
H2 200 bl-13281d4-763df7b3.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 72BC 69 KB
20 KB 44ms
43ms Script
application/javascript 13.226.155.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-13281d4-763df7b3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a6a43b510a2faf7043f3494d1e7368134f853414fa069f88fda04ffe2fa5105

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:32:01 GMT
content-encoding: gzip
age: 22505
x-cache: Hit from cloudfront
status: 200
content-length: 19938
x-amz-meta-git_commit: 13281d4
last-modified: Thu, 13 Aug 2020 15:52:12 GMT
server: AmazonS3
etag: "9830178e93f80799edab5b2485c00517"
x-amz-version-id: Xf.VRQH2uEdqhKZ.DRFz9jw3Rkv0Xl6t
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: K0p9Rqw998XW-JJUY7EuJrSPaVdFxJt52WlUlKhedpwl0-a3jMn2Qg==

GET
H2 200 b-cc9018f-2cba83b0.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 72BC 58 KB
20 KB 44ms
43ms Script
application/javascript 13.226.155.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-cc9018f-2cba83b0.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92814e48e334fb45bb8d9d0d2a6e68a1e601fd7ce63d25c10969cfd57bf4b1e8

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 14:10:44 GMT
content-encoding: gzip
age: 376582
x-cache: Hit from cloudfront
status: 200
content-length: 19746
x-amz-meta-git_commit: cc9018f
last-modified: Tue, 07 Jul 2020 17:59:39 GMT
server: AmazonS3
etag: "21fe90f3aceeb46480a69949d763c756"
x-amz-version-id: KDx1ypMRqiob.YrLSDtIdsXad7Sl2JS5
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: QOV2uqr2jxUunD2WAQyLfdwrPyJ9NYJ9_a3HkZn9Oh6QeXFhyiIu-w==

GET
H2 200 bl-13281d4-763df7b3.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame AEFD 69 KB
20 KB 43ms
42ms Script
application/javascript 13.226.155.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-13281d4-763df7b3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a6a43b510a2faf7043f3494d1e7368134f853414fa069f88fda04ffe2fa5105

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:32:01 GMT
content-encoding: gzip
age: 22505
x-cache: Hit from cloudfront
status: 200
content-length: 19938
x-amz-meta-git_commit: 13281d4
last-modified: Thu, 13 Aug 2020 15:52:12 GMT
server: AmazonS3
etag: "9830178e93f80799edab5b2485c00517"
x-amz-version-id: Xf.VRQH2uEdqhKZ.DRFz9jw3Rkv0Xl6t
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 6BIxAZg3ICxs5m6exxt_RqpOfSyu94PQDVnn0Q_SFpAmbz1lMzV8_g==

GET
H2 200 b-cc9018f-2cba83b0.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame AEFD 58 KB
20 KB 43ms
43ms Script
application/javascript 13.226.155.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-cc9018f-2cba83b0.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92814e48e334fb45bb8d9d0d2a6e68a1e601fd7ce63d25c10969cfd57bf4b1e8

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 14:10:44 GMT
content-encoding: gzip
age: 376582
x-cache: Hit from cloudfront
status: 200
content-length: 19746
x-amz-meta-git_commit: cc9018f
last-modified: Tue, 07 Jul 2020 17:59:39 GMT
server: AmazonS3
etag: "21fe90f3aceeb46480a69949d763c756"
x-amz-version-id: KDx1ypMRqiob.YrLSDtIdsXad7Sl2JS5
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: wfCdFl_cfsl7AeIBkrb7o9MPNfOkPQOWbeVomw66klEO3qUZXghgIA==

GET
H2 200 bl-13281d4-763df7b3.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame BEFC 69 KB
20 KB 53ms
53ms Script
application/javascript 13.226.155.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-13281d4-763df7b3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a6a43b510a2faf7043f3494d1e7368134f853414fa069f88fda04ffe2fa5105

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:32:01 GMT
content-encoding: gzip
age: 22505
x-cache: Hit from cloudfront
status: 200
content-length: 19938
x-amz-meta-git_commit: 13281d4
last-modified: Thu, 13 Aug 2020 15:52:12 GMT
server: AmazonS3
etag: "9830178e93f80799edab5b2485c00517"
x-amz-version-id: Xf.VRQH2uEdqhKZ.DRFz9jw3Rkv0Xl6t
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: gPjioq5wTPngjLbhxVYn5nItmY37LwAV_cIhkQLokt6f8TYk3JgWBw==

GET
H2 200 b-cc9018f-2cba83b0.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame BEFC 58 KB
20 KB 53ms
53ms Script
application/javascript 13.226.155.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-cc9018f-2cba83b0.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92814e48e334fb45bb8d9d0d2a6e68a1e601fd7ce63d25c10969cfd57bf4b1e8

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 14:10:44 GMT
content-encoding: gzip
age: 376582
x-cache: Hit from cloudfront
status: 200
content-length: 19746
x-amz-meta-git_commit: cc9018f
last-modified: Tue, 07 Jul 2020 17:59:39 GMT
server: AmazonS3
etag: "21fe90f3aceeb46480a69949d763c756"
x-amz-version-id: KDx1ypMRqiob.YrLSDtIdsXad7Sl2JS5
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: P3eN0Qq_yiC2LOzfNwoopAZkPtAmA4yVOpqC3gWz38C59YeMek7UGA==

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 5EF5 173 B
381 B 105ms
32ms XHR
application/json 52.29.141.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.141.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-141-223.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: cb25ad537f4ede3689bafe083e196a093d59902e596af34e0bfe30d139294762

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:05 GMT
content-encoding: gzip
status: 200
content-type: application/json
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 5EF5 0
322 B 152ms
51ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:04 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://threatpost.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/032008102328000/ Frame 5869 206 KB
56 KB 69ms
37ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008102328000/amp4ads-v0.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

138d0f3d45a018aeb677b12a56a051e88cf664f2322ceb68215fa603ad5d8ee5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 178741
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57439
x-xss-protection: 0
server: sffe
date: Tue, 11 Aug 2020 21:08:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9c7df6ebe91b3a04"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Aug 2021 21:08:04 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/032008102328000/v0/ Frame 5869 16 KB
6 KB 68ms
36ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008102328000/v0/amp-ad-exit-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64f791cf5b11444b177786340186cb3ef3ed1c39938f49bc9d4a69bd21ba076d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 178741
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5905
x-xss-protection: 0
server: sffe
date: Tue, 11 Aug 2020 21:08:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3ad1eb5461ef0024"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Aug 2021 21:08:04 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/032008102328000/v0/ Frame 5869 94 KB
28 KB 64ms
32ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008102328000/v0/amp-analytics-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f125fd246e10689d46bc3c7c529be4f784c9adf3f80f0790a3532f7efd01b012

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 84639
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28844
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 23:16:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7dfeab575efd177f"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 23:16:26 GMT

GET
H2 200 amp-animation-0.1.js Show response
cdn.ampproject.org/rtv/032008102328000/v0/ Frame 5869 121 KB
31 KB 62ms
30ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008102328000/v0/amp-animation-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9133948060eb1ff2d37b7621a91e0398b002b3389cc3803198878b0e2b82a5a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 178707
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31304
x-xss-protection: 0
server: sffe
date: Tue, 11 Aug 2020 21:08:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7d7b4ba362c0333d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Aug 2021 21:08:38 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/032008102328000/v0/ Frame 5869 4 KB
2 KB 41ms
9ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008102328000/v0/amp-fit-text-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

744f285380d50300c5f78b4a0e9b08f9cd096894251f5965264df5c21c287479

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 178741
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1786
x-xss-protection: 0
server: sffe
date: Tue, 11 Aug 2020 21:08:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7fce00afb81e6c42"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Aug 2021 21:08:04 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/032008102328000/v0/ Frame 5869 48 KB
16 KB 39ms
7ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008102328000/v0/amp-form-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a1218e57e160a9bd9533ed8ac9d755feeb6249f8e0ba7ddb85a3ace770f45

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 83742
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14952
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 23:31:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aacd301e108e3900"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 23:31:23 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5869 2 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 41887
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 14 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5869 295 B
397 B 6ms
6ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 4807
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 14 Aug 2020 21:26:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5869 0
0 14ms
14ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCkNZorYtOG67cTjdUDr5NKZuxPmshwtAfFSTZvs2u0RqyRrRMmzUqSS0HNU2uVzo75jH2
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5869 0
0 67ms
67ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ch3Qe6MI1X72uJdmR3gP1lpm4B-P_sbVevNKy2LwL-p3coNQBEAEg0YfSIGDM4e2B_C6gAaz_8-ECyAEJqQIME0S95NOzPuACAKgDAcgDCKoEigJP0OKMldvZiest4xPCX25HITd6yZ7wI7iymYmOZA16yenusVKTxsZkhCxVKg6uX69Q0JF56JiGDvyZDessPMyGAhjfJ9UUqy7Ok3XyQKlpBkc0BRUkKadH7kO2xZ90PUSXCp8CLll3Ck1TB69b4LAa1EAe_-bR55yhrvLiZADMbSSkr8e2Cv11KPVRlRra_llw1wN8wmxnuAhknrWFaoHRkGKBQTrFRwGK_JtVbtQK74svfb5_WQYxfKkljdx0_UtZwIH6i0nL1mPkB1w5Czi5077MDxw-HyWoNzqUtPcVokvHTEjEQ0TJCnEpry5vDnIzZIBNknxNAl2Dh1OI7ZicOlpAPHhf6oz4wMAEhJfAi5cD4AQBkgUECAQYAZIFBAgFGASgBi6AB7yAjJ4BqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcA8gcEEKikFNIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tNzI2MzU3MzQ0NjgwNDA3OIAKA8gLAdgTDQ&sigh=29PAdJYIlzY&template_id=419&tpd=AGWhJmtmz72RwWtqbwtofkQ8jUZAsRc6On5Aw4f0_NZ0M00TrQ
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 5869 101 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9ce33d5c25659cfac7d43de803f0d367ddcabd7d31aee3ee9c95f9b7798784c

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 5869 15 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d11ffb8360c7b1d991f9d6079a363e38bc309074d30cbe911ed7c921e46a3921

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5869 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b3dc87f350d793c67f1898bdb781878608a4cfff1d6db4c91a97415d4a5e259

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/032008102328000/ Frame 72BC 206 KB
56 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008102328000/amp4ads-v0.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

138d0f3d45a018aeb677b12a56a051e88cf664f2322ceb68215fa603ad5d8ee5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 178741
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57439
x-xss-protection: 0
server: sffe
date: Tue, 11 Aug 2020 21:08:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9c7df6ebe91b3a04"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Aug 2021 21:08:04 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/032008102328000/v0/ Frame 72BC 16 KB
6 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008102328000/v0/amp-ad-exit-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64f791cf5b11444b177786340186cb3ef3ed1c39938f49bc9d4a69bd21ba076d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 178741
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5905
x-xss-protection: 0
server: sffe
date: Tue, 11 Aug 2020 21:08:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3ad1eb5461ef0024"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Aug 2021 21:08:04 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/032008102328000/v0/ Frame 72BC 94 KB
28 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008102328000/v0/amp-analytics-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f125fd246e10689d46bc3c7c529be4f784c9adf3f80f0790a3532f7efd01b012

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 84639
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28844
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 23:16:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7dfeab575efd177f"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 23:16:26 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/032008102328000/v0/ Frame 72BC 4 KB
2 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008102328000/v0/amp-fit-text-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

744f285380d50300c5f78b4a0e9b08f9cd096894251f5965264df5c21c287479

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 178741
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1786
x-xss-protection: 0
server: sffe
date: Tue, 11 Aug 2020 21:08:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7fce00afb81e6c42"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Aug 2021 21:08:04 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/032008102328000/v0/ Frame 72BC 48 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008102328000/v0/amp-form-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a1218e57e160a9bd9533ed8ac9d755feeb6249f8e0ba7ddb85a3ace770f45

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 83742
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14952
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 23:31:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aacd301e108e3900"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 23:31:23 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 72BC 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 41887
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 14 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 72BC 295 B
352 B 6ms
6ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 4807
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 14 Aug 2020 21:26:58 GMT

GET
H2 200 6601618543837339066
tpc.googlesyndication.com/simgad/ Frame 72BC 27 KB
27 KB 9ms
8ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6601618543837339066?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql0QhkoS8i1vgxKiooE8_xctNQCnQ

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb0481de0a27cd347fc3d1fa821a7cf6590296ec84668fa6c767c3a0dd6b6c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 17:09:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Jul 2020 16:01:54 GMT
server: sffe
age: 365872
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27367
x-xss-protection: 0
expires: Mon, 09 Aug 2021 17:09:13 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 72BC 0
0 14ms
14ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTnru7ruhYUgHaShM64GXKupfBvRPsMBhg-vid4cewMGFWt923eRIFmb0DxGKYucdiMV3J6
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 72BC 0
0 69ms
68ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COPuB6MI1X76uJdmR3gP1lpm4B9i_p9Veg7yQke0LnbmxncQaEAEg0YfSIGDM4e2B_C6gAe7kxu0DyAECqQIqxa-czkdoPuACAKgDAcgDCKoEiAJP0ErIX7bIiwNDOP0ynpG7DnBrqz25g0uSRWGyMjRz_exrzOFhFJdOveyrN2DiHhKcY6LaJIfIk_Agxv-f6MjefWGBhFLwU3bqdY-4zOJ8Q6HjRZ7LEKmSflj-l6LB6qpjWu_ak0587npaMgIwrMLmXqOSLqT1YnxeZccqWuJCb33gBq6thadzAftONl5egObKzuTQFspnAN5YC1JwY6W7Fl_2Gn_C5C3d0O1MCJ1uY8Nb58Bedd9W97-kdhRQT8PNy40-atENqK-ks-GI36e3Kwd81LjPkoDkfKlGSqLGq1qXEpG2z0smGZx50NnfxlnG0WfqmbhOYcyatS78ZJi7y3IJV3D8woHABLHN687_AuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfS1-A3qAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEJD1FNIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tNzI2MzU3MzQ0NjgwNDA3OIAKA8gLAdgTApgWAQ&sigh=alR706hkkjA&tpd=AGWhJmsisOJBOCiOXWOjGj2UY1nSflNKXbQSkxmjT7TuCbRuZg
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 72BC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f25a39f2c5474b9740b85e156237560c9ab36e58985906223520786551147e8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/032008102328000/ Frame AEFD 206 KB
56 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008102328000/amp4ads-v0.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

138d0f3d45a018aeb677b12a56a051e88cf664f2322ceb68215fa603ad5d8ee5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 178741
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57439
x-xss-protection: 0
server: sffe
date: Tue, 11 Aug 2020 21:08:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9c7df6ebe91b3a04"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Aug 2021 21:08:04 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/032008102328000/v0/ Frame AEFD 16 KB
6 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008102328000/v0/amp-ad-exit-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64f791cf5b11444b177786340186cb3ef3ed1c39938f49bc9d4a69bd21ba076d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 178741
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5905
x-xss-protection: 0
server: sffe
date: Tue, 11 Aug 2020 21:08:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3ad1eb5461ef0024"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Aug 2021 21:08:04 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/032008102328000/v0/ Frame AEFD 94 KB
28 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008102328000/v0/amp-analytics-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f125fd246e10689d46bc3c7c529be4f784c9adf3f80f0790a3532f7efd01b012

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 84639
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28844
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 23:16:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7dfeab575efd177f"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 23:16:26 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/032008102328000/v0/ Frame AEFD 4 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008102328000/v0/amp-fit-text-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

744f285380d50300c5f78b4a0e9b08f9cd096894251f5965264df5c21c287479

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 178741
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1786
x-xss-protection: 0
server: sffe
date: Tue, 11 Aug 2020 21:08:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7fce00afb81e6c42"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Aug 2021 21:08:04 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/032008102328000/v0/ Frame AEFD 48 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008102328000/v0/amp-form-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a1218e57e160a9bd9533ed8ac9d755feeb6249f8e0ba7ddb85a3ace770f45

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 83742
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14952
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 23:31:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aacd301e108e3900"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 23:31:23 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AEFD 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 41887
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 14 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AEFD 295 B
352 B 8ms
8ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 4807
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 14 Aug 2020 21:26:58 GMT

GET
H2 200 15180533470976463905
tpc.googlesyndication.com/daca_images/simgad/ Frame AEFD 73 KB
73 KB 9ms
9ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15180533470976463905

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd18f241cd171d77b274ee662234b71f48ebc073ac0f228df239ac42fe3d3945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 08 Aug 2020 04:13:14 GMT
x-content-type-options: nosniff
age: 498831
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74567
x-xss-protection: 0
last-modified: Mon, 20 Jul 2020 12:01:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Aug 2021 04:13:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AEFD 0
0 14ms
13ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQa8bSL97PaGY8TNSexij4TdjTBPN6YQEP6LzHVIZbm5rbfHvo3pqi2GuIKdaSQNjTvbMKQ
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AEFD 0
0 68ms
68ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CP2Pl6MI1X7-uJdmR3gP1lpm4B_GW9cReyJHlsNELv-iivcABEAEg0YfSIGDM4e2B_C6gAaOMz5UDyAECqQJiWZt8MAmSPuACAKgDAcgDCKoEiQJP0HMTSwAa6E2xPC5qRrJTrGfW19p2Pos-jwYsst1no06MHMtqM4_CXEvXy8G5yPYnhLAdjkd_RYX64EEfECDGuH5xjNVnRvdKH6y95ZRXXx-Ut63RHjLxa9qNQTG720XIjHQynCJXe8J6w30Ffv7qKkrDdyYA3EtCyGT7pJYMOq18twTK0XTyEjgWHiegwGDlQ1n1LBC7c0u8bNyMyMskCAUZ8suhiGjOdjlK5hmGkDHiYPvBsAyAQPgu0AIo3qlhZXLODwfZsdxvVGZrd27hIYCdQ8P6EE4FxbMpGQfJSDzoPw2Pee0trkpvgSdt5LzcgsOpZznWYGp7MhYX90mIJMQ87zCy1TsdwAS4jM2--gLgBAGSBQQIBBgBkgUECAUYBKAGAoAHxfOwaqgHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBCd1RjSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTcyNjM1NzM0NDY4MDQwNziACgPICwHYEww&sigh=DnF3u83vYMo&tpd=AGWhJmtj13j9C2IPGvL22XSHOl4Tj2vU85JJqDBxgeuM8_Ao-Q
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame AEFD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c2da5af765306938f3686c57c662647ba2795d1fd610ba731aab023ee46e0b0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012007302351000/ Frame BEFC 206 KB
56 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68ff86e6a3bc683739e7190e4efaff20bbafe0d89c99c42c1b17163ef5203968

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 36274
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57393
x-xss-protection: 0
server: sffe
date: Thu, 13 Aug 2020 12:42:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6c9ea7f49fde3b6d"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Aug 2021 12:42:31 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame BEFC 96 KB
29 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-analytics-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41f07eced66e12809bec654b0a18677a78a7814525dcb6b99934d0b4bcecfc4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 36277
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29738
x-xss-protection: 0
server: sffe
date: Thu, 13 Aug 2020 12:42:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c56a9dc6dcfd844b"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Aug 2021 12:42:28 GMT

GET
H2 200 7464639028652035684
tpc.googlesyndication.com/simgad/ Frame BEFC 330 B
443 B 7ms
6ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7464639028652035684

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f19e7ee6cdf20bd478c037707c447b7cd469051de4dadeac32a795efb463c2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 02:03:10 GMT
x-content-type-options: nosniff
age: 74635
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
last-modified: Tue, 28 Jan 2020 23:02:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Aug 2021 02:03:10 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame BEFC 0
64 B 70ms
68ms Image
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgNrW3sG7as4j809cm9mXTkSDxVdVptXTMwkqVvaHgmlqA7S2UHo7uCLhBAm0j6ApEdDbjJvgM3JgTED0f5fLnnA64MSqpafIMeW2PI7ddOffKvlSdlGspJ5UZS9_0NYSLKZz1fXITjr8KHRDv_QxVSwd2Ql7iOe8klz7GPdPniqmBpVqHq6zi1h_M4uR_cLcvnFsELnMtlJbKe0jnwuF_13GY4edmHhkCtRh9HTPfzQpQnj4ctuKG1FOYgWKXsfIzlxCGrH4q2eiSE_JdQA&sai=AMfl-YSyQzO1c15dcTlILmv_T99o8lb7QaklXiU01BTwKAU41YNVeus5fA0YRGOTIiLLsTJ_F_KCbgS7UqIPpe0FJ6TtyQjHuJPpmcWRnt2nfE1jaV7A2l7nyoAgafobRMY&sig=Cg0ArKJSzKhxoW9fxNbOEAE&adurl=

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 22:47:05 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 l
www.google.com/ads/measurement/ Frame BEFC 0
0 15ms
13ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8G2r3nK-_-J1U0iiLXfMf_UxeLN_40D_-HDoh6Ip9ZcVVV8AB_pUdSVPX2RdgGF_8eEiI
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame BEFC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 526b9f8b11732aaa1c63e4095d00260224980da6815af335fdbccd80c275cbb8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 72BC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
15ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 13 Aug 2020 22:47:05 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5869 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032008102328000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 41887
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 14 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5869 295 B
352 B 5ms
5ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032008102328000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 4807
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 14 Aug 2020 21:26:58 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame AEFD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 13 Aug 2020 22:47:05 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 122D 0
0 52ms
52ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=159196:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
ETag: "13006b6-94fd-5abd223c2ac92"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=40825
Expires: Fri, 14 Aug 2020 10:07:30 GMT
Date: Thu, 13 Aug 2020 22:47:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 8628 0
0 147ms
47ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIzLJhEAoYASABKAEw54XX-QU4AUABSAEQ54XX-QUYAA..; uuid2=5820429402912912611
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

Server: nginx/1.13.10
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Fri, 13 Aug 2021 22:47:05 GMT
Date: Thu, 13 Aug 2020 22:47:05 GMT
Connection: keep-alive

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame AB45 0
0 147ms
47ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 29 Jul 2020 16:40:43 GMT
Content-Encoding: gzip
Content-Length: 9469
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=31507
Expires: Fri, 14 Aug 2020 07:32:12 GMT
Date: Thu, 13 Aug 2020 22:47:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 4952 0
0 111ms
52ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=159196:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
ETag: "13006b6-94fd-5abd223c2ac92"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=40825
Expires: Fri, 14 Aug 2020 10:07:30 GMT
Date: Thu, 13 Aug 2020 22:47:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame AAFE 0
0 154ms
57ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

Server: Apache
Last-Modified: Mon, 19 Jun 2017 19:18:19 GMT
ETag: "e20015-112-55254ff6a1972"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 211
Date: Thu, 13 Aug 2020 22:47:05 GMT
Connection: keep-alive

GET
H2 200 pd
u.openx.net/w/1.0/ Frame 8E7A 0
0 56ms
56ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.192.0 /
Resource Hash

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=46eb59dc-824e-4276-aa58-e77fa83ae2a0|1597358823
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=46eb59dc-824e-4276-aa58-e77fa83ae2a0|1597358823; Version=1; Expires=Fri, 13-Aug-2021 22:47:05 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1597358825|gekin0vNiygu; Version=1; Expires=Fri, 28-Aug-2020 22:47:05 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.192.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 13 Aug 2020 22:47:05 GMT
content-type: text/html
content-length: 420
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2

204

sync
pixel.advertising.com/ups/55986/ Frame 5EF5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_...
https://pixel.advertising.com/ups/55986/sync?uid=XzXC6gAAAJ3Q6QFU&_origin=0&gdpr=1&gdpr_consent=&_test=XzXC6gAAAJ3Q6QFU

0
124 B

37ms
36ms

Image
text/plain

18.197.99.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55986/sync?uid=XzXC6gAAAJ3Q6QFU&_origin=0&gdpr=1&gdpr_consent=&_test=XzXC6gAAAJ3Q6QFU

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.99.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-99-6.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 13 Aug 2020 22:47:06 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1597358826.133964,VS0,VE0
x-served-by: cache-fra19124-FRA
status: 302
x-cache: HIT
location: https://pixel.advertising.com/ups/55986/sync?uid=XzXC6gAAAJ3Q6QFU&_origin=0&gdpr=1&gdpr_consent=&_test=XzXC6gAAAJ3Q6QFU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

204

sync
pixel.advertising.com/ups/55953/ Frame 5EF5
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
https://pixel.advertising.com/ups/55953/sync?uid=7aadb8d1-cd3e-40d1-8496-32be73fe0eee&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=7aadb8d1-cd3e-40d1-8496-32be73fe0eee

0
124 B

37ms
36ms

Image
text/plain

18.197.99.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55953/sync?uid=7aadb8d1-cd3e-40d1-8496-32be73fe0eee&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=7aadb8d1-cd3e-40d1-8496-32be73fe0eee

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.99.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-99-6.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 13 Aug 2020 22:47:06 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:06 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.advertising.com/ups/55953/sync?uid=7aadb8d1-cd3e-40d1-8496-32be73fe0eee&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=7aadb8d1-cd3e-40d1-8496-32be73fe0eee
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 369

GET
H2 200 %7Bcombo_uid%7D
pr-bh.ybp.yahoo.com/sync/adaptv_ortb/ Frame 5EF5 43 B
843 B 160ms
54ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/adaptv_ortb/%7Bcombo_uid%7D

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:05 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/57304/ Frame 5EF5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc
https://pixel.advertising.com/ups/57304/sync?uid=CAESEAQ5hyfcrATVzvi1LFBL-jE&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEAQ5hyfcrATVzvi1LFBL-jE&google_cver=1&apid=1Ae87d26e8-ddb6-11ea-a089-121c10c2940c

0
1 KB

102ms
35ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEAQ5hyfcrATVzvi1LFBL-jE&google_cver=1&apid=1Ae87d26e8-ddb6-11ea-a089-121c10c2940c

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 22:47:06 GMT
Server: ATS/7.1.2.113
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Thu, 13 Aug 2020 22:47:06 GMT
location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEAQ5hyfcrATVzvi1LFBL-jE&google_cver=1&apid=1Ae87d26e8-ddb6-11ea-a089-121c10c2940c
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 6601618543837339066
tpc.googlesyndication.com/simgad/ Frame 72BC 27 KB
27 KB 6ms
5ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6601618543837339066?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql0QhkoS8i1vgxKiooE8_xctNQCnQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032008102328000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb0481de0a27cd347fc3d1fa821a7cf6590296ec84668fa6c767c3a0dd6b6c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 17:09:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Jul 2020 16:01:54 GMT
server: sffe
age: 365872
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27367
x-xss-protection: 0
expires: Mon, 09 Aug 2021 17:09:13 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 72BC 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032008102328000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 41887
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 14 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 72BC 295 B
352 B 7ms
7ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032008102328000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 4807
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 14 Aug 2020 21:26:58 GMT

GET
H2 200 15180533470976463905
tpc.googlesyndication.com/daca_images/simgad/ Frame AEFD 73 KB
73 KB 6ms
5ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15180533470976463905

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032008102328000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd18f241cd171d77b274ee662234b71f48ebc073ac0f228df239ac42fe3d3945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 08 Aug 2020 04:13:14 GMT
x-content-type-options: nosniff
age: 498831
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74567
x-xss-protection: 0
last-modified: Mon, 20 Jul 2020 12:01:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Aug 2021 04:13:14 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AEFD 2 KB
2 KB 8ms
5ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032008102328000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 41887
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 14 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AEFD 295 B
352 B 8ms
5ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032008102328000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 4807
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 14 Aug 2020 21:26:58 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame BEFC 0
54 B 70ms
69ms Image
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPfxYNyDUpp-ZsmO7d3p0adoZKkeOc_U1qtFlrSNZa267gzw-EIXm2OKtxEXY4CRy1Yu_To941RI9kusW6wPrGX4n3ZVSGGE9Bg2nWdajcaO8iaRanDY98f7m8fSO1y9LzvtdDl4PeBWz3ENiipAW5PRMhR13ATdDWqamm7GSUk4XFhoezez1QCmZjQFrQptpTlnnDCKzmeWv61Ss2GXiGx1FdskathV_tfZOzYEST3z9KLIYpWR8voc3T8zUYtPb6XuRN2NLUGmd2IAdWgCxt&sai=AMfl-YQwR-Hvyj25ZR1TNoRTxRuf8Ny7XkjkkL4VIjgsev-Zg5iRjKucRPmc4UPAuaFtcFAL886vOmNPH2Hcyc4ZFCPVrKdYwvz5uzMRCX3vXTetwbXyc3vwnhgWBi-CqXw&sig=Cg0ArKJSzFgCc2SU001LEAE&adurl=

Requested by

Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 22:47:05 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 7464639028652035684
tpc.googlesyndication.com/simgad/ Frame BEFC 330 B
388 B 6ms
5ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7464639028652035684

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f19e7ee6cdf20bd478c037707c447b7cd469051de4dadeac32a795efb463c2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 02:03:10 GMT
x-content-type-options: nosniff
age: 74635
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
last-modified: Tue, 28 Jan 2020 23:02:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Aug 2021 02:03:10 GMT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame 8D2B 0
353 B 41ms
41ms Image
text/html 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=36&serverTime=1597358823&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=89.238.186.243&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f35c2e77a6ed&contentFileId=0&mediaPlayListId=0&cbuster=1597358826167&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f35c2e7a527c&pubUrl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&floatStatus=true
Requested by: Host: threatpost.com
URL: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:05 GMT
content-encoding: gzip
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 29ms
17ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020080501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48bb205371f7266fdc88a9f818c312dc7690c0928ba049519e3e62675591261d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 22:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6157
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 22:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Thu, 13 Aug 2020 22:47:06 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 6534 0
0 6ms
5ms Document
text/html 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Thu, 13 Aug 2020 22:12:33 GMT
expires: Fri, 13 Aug 2021 22:12:33 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2073
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
233 B 40ms
40ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020080501&jk=3707331531159848&bg=!j4yljJRYx5OSuUEPhOgCAAAAXVIAAAAMmQGlf8gy6A3EXc9fP6iOdWEP10R-w_Jds8lCjoSPBP7OyulGoJzesd7E5XyfOXcpXEenYqX-BijW-kuqss3OygfAx9-ROdU5kpKBzFgayn2on5KGyuweNIAhkrFJmc0cbj9llD75gA19Sszjbx9fBRMv35_FEELX8LT0heZULU5eOcsdDnNlYwwKPpIx0UDCsVPp3R9cl0z4k90vO-DzFDdiSHueStgc2OhXgVCtpgrxb-LNQPmIbXyMrOKQg0EtpFHRarWL1e-pIQ0_a8mpJtgwl_qVnkv4R18weDYZ9OZ7hFIRuZYMlGwP1A-ktrG6Zz_ZafK3148tVg79vfcw2XM1mMi5sRxPCnDxYnTQTdhgsGcKFwOtBjiEXEToWV5mtekZvkdbkrFVj9x3ifbV0d6TkYIGRdEX2OpCeRzNca_Tu6_Y3KV2AqmG6FH5MLYr-oh6i_XjaaLVc1_f4901B6XDdqICqF35qPiZHnwxf4pBhMYSc_z1d_TKRjk07EFV7p687qvGpljP0S7XWUHnrEbCMTYkjV-Egdw6CHI8NPNp-SQEobD-uw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5869 42 B
112 B 47ms
47ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7IL5SrNKdjb-QHPQVdFnThA-O2vMI0XrK-bH4netUkT3ZkRbfFE42Xh9YeahyohQPs577Qgrvyw8gSTgGzToBVNqeZ9J2v3hSS2mk3MtrPDr8Qmn4BkSmk4fRTojIKgjCuJLnnnBiYBilvISHmAlS&sai=AMfl-YQuyIdDHmL5Ydijkyuqq5PzycOUDEpUpgXDp2Pum9aLCG-_uvx3YCiECHr2pqSypFsUnXfQpqzqiMRXp7RYZLlOWdK24atXnlxDEHdokf0MAg4B4tnX7Bzk4jLm3dU&sig=Cg0ArKJSzP1vZPu8l2UqEAE&cid=CAASPeRoJOTwsPn5oGe99B4itFT-V9jLh_Xzrk4KwBT8J7Y2jEYOfa1XaOxgMd8eHede-A5hFMPwa_GOUW8JgQ4&id=ampim&o=315,10&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=367&tls=1367&g=100&h=100&tt=1367&r=v&avms=ampa&adk=1015519800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 72BC 42 B
107 B 49ms
49ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmVHUY2XrnLTzf4GiIcqPVEKwec9mKQTlcYBRMxyT4_nkCP_QnD1Hd7R8XmHjmuH8E9TP0DLU1c_VLYmHepUxFHLIIDpUmrk1uDIBqEXLVgtmPKgBgJM9kcjtEGHcWvRkrMLh5UoQ5SnjTeE8YCq8tSQ&sai=AMfl-YTZoaIdFDp5Dnj_fD4TG3BbmXIg8SlVKndAs-37iuVlMkkDmYOuJXEwS1bGvZiA6JqXmikkzLfN4RpywT3NZnHZMmIpevMiwoal5b4mU0RVEjwx2tU7va4qnq7AvcA&sig=Cg0ArKJSzDhGPTqgWPyBEAE&cid=CAASPeRoaP70fyLg7Zil1aPrccRGlCb58d1F7NDESVtgWISEGRcAJNhbp5te_yKW-tLfjnyyDhz_mFC0s6WmNMg&id=ampim&o=1082,417&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=320&tls=1321&g=100&h=100&tt=1321&r=v&avms=ampa&adk=654286612

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BEFC 42 B
107 B 39ms
38ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcHZEiN7L0-Vzz0-Vjf61SFaDlbqVTUnQ4-82naN9PhTgYRQxBdzq1EpdjsNuRuo2nOWeStzsub7LlWkhAEp_t8nkVhnRgCMMfd2bH2Sk&sig=Cg0ArKJSzB5RFds7YpH2EAE&id=ampim&o=0,0&d=2,2&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=274&tls=1274&g=100&h=100&tt=1274&r=v&avms=ampa&adk=3385906655

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set beacon
ap.lijit.com/ Frame F03D 0
0 50ms
49ms Document
text/html 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13394437
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=b7dccbddd9c109a00a254eea
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

Server: nginx
Date: Thu, 13 Aug 2020 22:47:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxljzsSgEAMQu%2BytcUmm69Xc7y746cBy8cEAseQsYt3mrlqbsOl%2FFHKo%2BxWIpAVcSGmIMtE7m7KFwrM9192rPgc%2BcsoVIq%2BCHUuallGTJ2K%2FdRAKU%2B%2FzjZ1Ppy4YVGekd8a2eneYe95AdDXV1s%3D;Path=/;Domain=.lijit.com;Expires=Fri, 13-Aug-2021 22:47:07 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 13-Aug-2021 22:47:07 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=b7dccbddd9c109a00a254eea;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap3ams1

GET
H/1.1

200
OK

2000891.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame D8B4
Redirect Chain

https://sync.serverbid.com/ss/2000891.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html

0
0

285ms
52ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

Date: Thu, 13 Aug 2020 22:47:08 GMT
Connection: Keep-Alive
Cache-Control: max-age=80058
Content-Length: 4947
Content-Type: text/html
Last-Modified: Wed, 20 Nov 2019 20:29:05 GMT
Accept-Ranges: bytes
ETag: "1b0ebac83fe30af80513039edbdf566f"
x-amz-request-id: tx00000000000005005ba39-005f35aa26-35d9d00-nyc3a
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1597358828.dop208.lo4.t,1597358828.cds075.lo4.shn,1597358828.dop208.lo4.t,1597358828.cds210.lo4.c

Redirect headers

status: 302
content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
cache-control: no-cache

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 2AE5 0
0 56ms
56ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=159196:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
ETag: "13006b6-94fd-5abd223c2ac92"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=40823
Expires: Fri, 14 Aug 2020 10:07:30 GMT
Date: Thu, 13 Aug 2020 22:47:07 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 3E4A 0
0 56ms
56ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.192.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=46eb59dc-824e-4276-aa58-e77fa83ae2a0|1597358823; pd=v2|1597358825|gekin0vNiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=46eb59dc-824e-4276-aa58-e77fa83ae2a0|1597358823; Version=1; Expires=Fri, 13-Aug-2021 22:47:07 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1597358825.2|kiiygevNgun0.mWgqsLommOns; Version=1; Expires=Fri, 28-Aug-2020 22:47:07 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.192.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 13 Aug 2020 22:47:07 GMT
content-type: text/html
content-length: 317
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame E13C 0
0 52ms
51ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 29 Jul 2020 16:40:43 GMT
Content-Encoding: gzip
Content-Length: 9469
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=31505
Expires: Fri, 14 Aug 2020 07:32:12 GMT
Date: Thu, 13 Aug 2020 22:47:07 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 sync.html
public.servenobid.com/ Frame 8B52 0
0 168ms
39ms Document
text/html 13.226.155.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.226.155.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-64.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

status: 200
content-type: text/html
last-modified: Sat, 01 Aug 2020 20:33:29 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 13 Aug 2020 11:01:57 GMT
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: m_9vO1tGQCkc2tZIvCMqeBXjgQYBy-ccvuj_K-qjxab5oExX0soYKw==
age: 42310

GET
H2 200 sync
eb2.3lift.com/ Frame 3EDE 0
0 112ms
46ms Document
text/html 52.58.173.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.173.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-173-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=3934030159030051574
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

status: 200
date: Thu, 13 Aug 2020 22:47:07 GMT
content-type: text/html; charset=utf-8
content-length: 465
set-cookie: sync=CgoIgQIQ7dCF0L4uCgoIoQEQ7dCF0L4uCgoI4gEQ7dCF0L4uCgoI5gEQ7dCF0L4uCgoI1gEQ7dCF0L4uCgoIhwIQ7dCF0L4uCgkIOhDt0IXQvi4KCQgLEO3QhdC-LgoJCF8Q7dCF0L4uCgkIHxDt0IXQvi4=; Max-Age=7776000; Expires=Wed, 11 Nov 2020 22:47:07 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=3934030159030051574; Max-Age=7776000; Expires=Wed, 11 Nov 2020 22:47:07 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame 6ADD 0
0 47ms
47ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

Server: Apache
Last-Modified: Mon, 19 Jun 2017 19:18:19 GMT
ETag: "e20015-112-55254ff6a1972"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 211
Date: Thu, 13 Aug 2020 22:47:07 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame D02E 0
0 52ms
52ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIzLJhEAoYASABKAEw54XX-QU4AUABSAEQ54XX-QUYAA..; uuid2=5820429402912912611
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/

Response headers

Last-Modified: Tue, 24 Mar 2020 15:52:19 GMT
ETag: "5e7a2cb3-cefd"
Server: nginx/1.13.10
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17037
Cache-Control: max-age=86402
Expires: Fri, 14 Aug 2020 22:47:09 GMT
Date: Thu, 13 Aug 2020 22:47:07 GMT
Connection: keep-alive

GET
H2

204

setuid
aas.dc-1.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Faas.dc-1.net%2Fsetuid%3FD%3D%26bidder%3Dsovrn%26uid%3D%24UID
https://aas.dc-1.net/setuid?D=&bidder=sovrn&uid=b7dccbddd9c109a00a254eea

0
193 B

496ms
176ms

Image
text/plain

107.21.45.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aas.dc-1.net/setuid?D=&bidder=sovrn&uid=b7dccbddd9c109a00a254eea
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.45.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 13 Aug 2020 22:47:08 GMT
cache-control: max-age=0, private, must-revalidate
server: Cowboy

Redirect headers

Date: Thu, 13 Aug 2020 22:47:07 GMT
Server: nginx
Location: https://aas.dc-1.net/setuid?D=&bidder=sovrn&uid=b7dccbddd9c109a00a254eea
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 sync
pixel.advertising.com/ups/56465/ 0
124 B 39ms
36ms Image
text/plain 18.197.99.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.99.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-99-6.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 13 Aug 2020 22:47:07 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

setuid
aas.dc-1.net/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faas.dc-1.net%2Fsetuid%3FD%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
https://aas.dc-1.net/setuid?D=&bidder=pubmatic&uid=9E224751-71E7-4CDA-B14D-0866B0A72813

0
198 B

291ms
176ms

Image
text/plain

107.21.45.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aas.dc-1.net/setuid?D=&bidder=pubmatic&uid=9E224751-71E7-4CDA-B14D-0866B0A72813
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.45.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 13 Aug 2020 22:47:08 GMT
cache-control: max-age=0, private, must-revalidate
server: Cowboy

Redirect headers

Location: https://aas.dc-1.net/setuid?D=&bidder=pubmatic&uid=9E224751-71E7-4CDA-B14D-0866B0A72813
Date: Thu, 13 Aug 2020 22:47:07 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 414
Content-Type: text/html; charset=iso-8859-1

GET
H2 403 /
c1.adform.net/serving/cookie/match/ 0
187 B 56ms
53ms Image
text/plain 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?CC=1&party=15&gdpr=1&gdpr_consent=&curl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55944%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3d1%26gdpr_consent%3d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:07 GMT
server: nginx
status: 403
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 76ms
73ms Image
image/gif 54.229.91.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.91.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:07 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2

204

sync
pixel.advertising.com/ups/55965/
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=w4ZURZXSAkjb1AZIk4ZKQ5fTVUjbg1ZAlYK963zw

0
124 B

38ms
37ms

Image
text/plain

18.197.99.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=w4ZURZXSAkjb1AZIk4ZKQ5fTVUjbg1ZAlYK963zw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.99.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-99-6.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 13 Aug 2020 22:47:07 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:07 GMT
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=w4ZURZXSAkjb1AZIk4ZKQ5fTVUjbg1ZAlYK963zw
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

204

setuid
aas.dc-1.net/
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Faas.dc-1.net%2Fsetuid%3FD%3D%26bidder%3Dindex_rtb%26uid%3D
https://aas.dc-1.net/setuid?D=&bidder=index_rtb&uid=XzXC51VbLVcAAE6behQAAABB%261140

0
193 B

395ms
177ms

Image
text/plain

107.21.45.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aas.dc-1.net/setuid?D=&bidder=index_rtb&uid=XzXC51VbLVcAAE6behQAAABB%261140
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.45.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 13 Aug 2020 22:47:08 GMT
cache-control: max-age=0, private, must-revalidate
server: Cowboy

Redirect headers

Pragma: no-cache
Date: Thu, 13 Aug 2020 22:47:07 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://aas.dc-1.net/setuid?D=&bidder=index_rtb&uid=XzXC51VbLVcAAE6behQAAABB%261140
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 275
Expires: Thu, 13 Aug 2020 22:47:07 GMT

GET
H2

204

setuid
aas.dc-1.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Faas.dc-1.net%2Fsetuid%3FD%3D%26bidder%3Dappnexus%26uid%3D%24UID
https://aas.dc-1.net/setuid?D=&bidder=appnexus&uid=5820429402912912611

0
193 B

557ms
175ms

Image
text/plain

107.21.45.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aas.dc-1.net/setuid?D=&bidder=appnexus&uid=5820429402912912611
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.45.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 13 Aug 2020 22:47:08 GMT
cache-control: max-age=0, private, must-revalidate
server: Cowboy

Redirect headers

Pragma: no-cache
Date: Thu, 13 Aug 2020 22:47:07 GMT
X-Proxy-Origin: 89.238.186.243; 89.238.186.243; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.155:80
AN-X-Request-Uuid: e43e44df-c8dd-4df0-aea9-731ff6c757df
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://aas.dc-1.net/setuid?D=&bidder=appnexus&uid=5820429402912912611
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
104 B 112ms
80ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Ae8513934-ddb6-11ea-8dbd-12f0dd10f918&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Thu, 13 Aug 2020 22:47:07 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame 8D2B 0
353 B 44ms
44ms Image
text/html 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1597358823&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=89.238.186.243&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f35c2e77a6ed&contentFileId=0&mediaPlayListId=0&dur=500&viewPct={%22w%22:100,%22h%22:100}&cbuster=1597358829232&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f35c2e7a527c&pubUrl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:08 GMT
content-encoding: gzip
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5EF5 144 B
838 B 50ms
49ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

58f7596b6149cfabe4dd7dab7caa99d5d6b20136861256e622b174ed04f3c3eb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 Aug 2020 22:47:12 GMT
X-Proxy-Origin: 89.238.186.243; 89.238.186.243; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.170:80
AN-X-Request-Uuid: 5309325c-a0b9-46b7-b556-2c9f33fba44b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 5EF5 0
215 B 321ms
250ms XHR
application/json 18.194.97.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.97.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-97-231.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 5EF5 0
59 B 53ms
51ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 13 Aug 2020 22:47:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://threatpost.com

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 5EF5 25 B
985 B 271ms
174ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=435871&v=8.1&r={%22id%22:%22321599ab5c32702%22,%22imp%22:[{%22id%22:%2233b636a69c93712%22,%22ext%22:{%22siteID%22:%22435871%22,%22sid%22:%22320x180%22},%22bidfloor%22:1.8,%22bidfloorcur%22:%22USD%22,%22video%22:{%22mimes%22:[%22video/mp4%22,%22application/javascript%22],%22minduration%22:1,%22maxduration%22:200,%22api%22:[1,2],%22protocols%22:[1,2,3,4,5,6],%22linearity%22:1,%22startdelay%22:0,%22skip%22:1,%22w%22:320,%22h%22:180,%22placement%22:1}},{%22id%22:%2234c63ec6cb2335e%22,%22ext%22:{%22siteID%22:%22435870%22,%22sid%22:%22320x180%22},%22bidfloor%22:1.8,%22bidfloorcur%22:%22USD%22,%22video%22:{%22mimes%22:[%22video/mp4%22,%22application/javascript%22],%22minduration%22:1,%22maxduration%22:200,%22api%22:[1,2],%22protocols%22:[1,2,3,4,5,6],%22linearity%22:1,%22startdelay%22:0,%22skip%22:1,%22w%22:320,%22h%22:180,%22placement%22:1}}],%22site%22:{%22page%22:%22https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F%22},%22ext%22:{%22source%22:%22prebid%22},%22source%22:{%22ext%22:{%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22admetricspro.com%22,%22sid%22:%221005%22,%22hp%22:1}]}}},%22regs%22:{%22ext%22:{%22gdpr%22:1}},%22user%22:{%22ext%22:{%22consent%22:%22%22}}}&ac=j&sd=1&nf=1
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3de492888289525f15f0e9981546a69e539b8d610d9d29c2f1313392d5c48ed3

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 Aug 2020 22:47:12 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Thu, 13 Aug 2020 22:47:12 GMT

GET
H2 200 avjp Show response
teachingaids-d.openx.net/v/1.0/ Frame 5EF5 92 B
282 B 62ms
61ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=141474ca-cc09-4dcb-93da-a368d710c81d&nocache=1597358832424&gdpr_consent=&gdpr=1&schain=1.0,1!admetricspro.com,1005,1,,,&skip=1&auid=540882778&vwd=320&vht=180
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.192.0 /
Resource Hash: 004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:12 GMT
via: 1.1 google
server: OXGW/16.192.0
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 92
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 5EF5 0
322 B 50ms
50ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:12 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://threatpost.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 5EF5 173 B
380 B 36ms
35ms XHR
application/json 52.29.141.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.141.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-141-223.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 812421b02eb63786971eaff88561f2e72e90e64b41ec4151c8c6b259ae135622

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:12 GMT
content-encoding: gzip
status: 200
content-type: application/json
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 167
expires: 0

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame 8D2B 0
353 B 47ms
46ms Image
text/html 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=25&serverTime=1597358823&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=89.238.186.243&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f35c2e77a6ed&contentFileId=0&mediaPlayListId=0&dur=1000&cbuster=1597358834057&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f35c2e7a527c&pubUrl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:13 GMT
content-encoding: gzip
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 5EF5 25 B
988 B 218ms
124ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=435871&v=8.1&r={%22id%22:%2241a3bc2e7d44945%22,%22imp%22:[{%22id%22:%224279475cd4d27f%22,%22ext%22:{%22siteID%22:%22435871%22,%22sid%22:%22320x180%22},%22bidfloor%22:1.8,%22bidfloorcur%22:%22USD%22,%22video%22:{%22mimes%22:[%22video/mp4%22,%22application/javascript%22],%22minduration%22:1,%22maxduration%22:200,%22api%22:[1,2],%22protocols%22:[1,2,3,4,5,6],%22linearity%22:1,%22startdelay%22:0,%22skip%22:1,%22w%22:320,%22h%22:180,%22placement%22:1}},{%22id%22:%22436cd0f36c57d94%22,%22ext%22:{%22siteID%22:%22435870%22,%22sid%22:%22320x180%22},%22bidfloor%22:1.8,%22bidfloorcur%22:%22USD%22,%22video%22:{%22mimes%22:[%22video/mp4%22,%22application/javascript%22],%22minduration%22:1,%22maxduration%22:200,%22api%22:[1,2],%22protocols%22:[1,2,3,4,5,6],%22linearity%22:1,%22startdelay%22:0,%22skip%22:1,%22w%22:320,%22h%22:180,%22placement%22:1}}],%22site%22:{%22page%22:%22https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F%22},%22ext%22:{%22source%22:%22prebid%22},%22source%22:{%22ext%22:{%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22admetricspro.com%22,%22sid%22:%221005%22,%22hp%22:1}]}}},%22regs%22:{%22ext%22:{%22gdpr%22:1}},%22user%22:{%22ext%22:{%22consent%22:%22%22}}}&ac=j&sd=1&nf=1
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: edb22a3a7ca5f29945ec20afbc45f688f926cb24970a6a5e6079e7f43e00d901

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 Aug 2020 22:47:14 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Thu, 13 Aug 2020 22:47:14 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5EF5 144 B
838 B 48ms
48ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

c3c3adf25e6ebe1ff55aa701a876cdef3b991cf47ae57f38d935f7394f8be0c3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 Aug 2020 22:47:14 GMT
X-Proxy-Origin: 89.238.186.243; 89.238.186.243; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.142:80
AN-X-Request-Uuid: 9c86c8f4-b01d-4673-b9c4-6243161bb8bc
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 avjp Show response
teachingaids-d.openx.net/v/1.0/ Frame 5EF5 92 B
282 B 64ms
63ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=d0d24c41-96a8-4f8b-bf6f-707e34dd1841&nocache=1597358834238&gdpr_consent=&gdpr=1&schain=1.0,1!admetricspro.com,1005,1,,,&skip=1&auid=540882778&vwd=320&vht=180
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.192.0 /
Resource Hash: 004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:14 GMT
via: 1.1 google
server: OXGW/16.192.0
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 92
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 5EF5 0
215 B 314ms
244ms XHR
application/json 18.194.97.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.97.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-97-231.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 5EF5 0
59 B 50ms
50ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 13 Aug 2020 22:47:14 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://threatpost.com

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame 8D2B 43 B
437 B 42ms
41ms Image
image/gif 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=6&serverTime=1597358824&s=58057&sta=12723341&x=320&y=180&msta=12348808&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=89.238.186.243&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f35c2e77a6ed&rvn=${VP_RVN_MACRO}&attemptMultiplier=10&contentFileId=0&mediaPlayListId=0&playerVer=3.0.0&cbuster=1597358834233&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f35c2e7a527c&pubUrl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:14 GMT
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="pixel.gif"
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame 8D2B 0
353 B 46ms
46ms Image
text/html 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1597358823&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=89.238.186.243&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f35c2e77a6ed&contentFileId=0&mediaPlayListId=0&dur=501&viewPct={%22w%22:100,%22h%22:100}&cbuster=1597358834241&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f35c2e7a527c&pubUrl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:13 GMT
content-encoding: gzip
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 5EF5 0
307 B 129ms
129ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:13 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://threatpost.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 5EF5 173 B
381 B 32ms
32ms XHR
application/json 52.29.141.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.3.19.0_9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.141.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-141-223.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 15ba3f1cbeac0010e26fe05dd3c46af2c9622740ad89a34edac1951dcfaea7db

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:14 GMT
content-encoding: gzip
status: 200
content-type: application/json
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame 8D2B 43 B
437 B 54ms
54ms Image
image/gif 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=6&serverTime=1597358824&s=58057&sta=13960552&x=320&y=180&msta=12348808&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=89.238.186.243&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f35c2e77a6ed&rvn=${VP_RVN_MACRO}&attemptMultiplier=10&contentFileId=0&mediaPlayListId=0&playerVer=3.0.0&cbuster=1597358834555&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f35c2e7a527c&pubUrl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:13 GMT
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="pixel.gif"
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK chunklist_640.m3u8 Show response
video.sekindo.com/uploads/cn5/video/users/hls/24485/video1523972806/vid5f2e270785d60094644426.mp4/ Frame 5EF5 2 KB
2 KB 223ms
55ms XHR
application/vnd.apple.mpegurl 185.127.16.53
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn5/video/users/hls/24485/video1523972806/vid5f2e270785d60094644426.mp4/chunklist_640.m3u8
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.53 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: c60a934b02b52bef2bb536d0e82835f488418cec11dffb901cc2d2478d6b6282

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 22:46:55 GMT
Last-Modified: Sun, 09 Aug 2020 04:21:12 GMT
Server: Tengine
ETag: "5f2f79b8-71a"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Thu, 20 Aug 2020 22:46:55 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 1818
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_640_000.ts Show response
video.sekindo.com/uploads/cn5/video/users/hls/24485/video1523972806/vid5f2e270785d60094644426.mp4/ Frame 5EF5 344 KB
344 KB 91ms
91ms XHR
video/mp2t 185.127.16.53
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn5/video/users/hls/24485/video1523972806/vid5f2e270785d60094644426.mp4/w_640_000.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.53 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: d32add32a46497be954c24de8302b9f8c6723ca84f7dd7bde5d8baf309d43915

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 22:46:55 GMT
Last-Modified: Sun, 09 Aug 2020 04:20:40 GMT
Server: Tengine
ETag: "5f2f7998-55f7c"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Thu, 20 Aug 2020 22:46:55 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 352124
X-Proxy-Cache: HIT

GET
BLOB 200
OK f786a33b-3dc3-4b1c-b6e8-76c164bdffd6
https://threatpost.com/ Frame 5EF5 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://threatpost.com/f786a33b-3dc3-4b1c-b6e8-76c164bdffd6
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H/1.1 200
OK w_640_001.ts Show response
video.sekindo.com/uploads/cn5/video/users/hls/24485/video1523972806/vid5f2e270785d60094644426.mp4/ Frame 5EF5 363 KB
363 KB 58ms
58ms XHR
video/mp2t 185.127.16.53
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn5/video/users/hls/24485/video1523972806/vid5f2e270785d60094644426.mp4/w_640_001.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.53 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 09d4a743d77aa6fe0f71e6a2192cbed1fb5195f6e73520ef929f24a4c147ab2b

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 22:46:55 GMT
Last-Modified: Sun, 09 Aug 2020 04:20:41 GMT
Server: Tengine
ETag: "5f2f7999-5ab20"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Thu, 20 Aug 2020 22:46:55 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 371488
X-Proxy-Cache: HIT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame 8D2B 0
353 B 45ms
45ms Image
text/html 194.146.38.23
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=16&serverTime=1597358823&s=0&sta=12348808&x=320&y=180&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=89.238.186.243&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&csuuid=5f35c2e77a6ed&contentFileId=946757&mediaPlayListId=5946&playerVer=3.0.0&contentMatchType=&isExcludeFromOpt=0&cbuster=1597358835171&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&uid=SekindoSPlayer5f35c2e7a527c&pubUrl=https%3A%2F%2Fthreatpost.com%2Fteamviewer-fhigh-severity-flaw-windows-app%2F158204%2F&floatStatus=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.23 -, , ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 22:47:14 GMT
content-encoding: gzip
server: nginx
age: 0
transfer-encoding: chunked
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK w_640_002.ts Show response
video.sekindo.com/uploads/cn5/video/users/hls/24485/video1523972806/vid5f2e270785d60094644426.mp4/ Frame 5EF5 317 KB
317 KB 57ms
56ms XHR
video/mp2t 185.127.16.53
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn5/video/users/hls/24485/video1523972806/vid5f2e270785d60094644426.mp4/w_640_002.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.53 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 6c6eaec776c9674bf1b09ac1de110c234aa55b3e4ad97106ba7c44cd988b84a1

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 22:46:55 GMT
Last-Modified: Sun, 09 Aug 2020 04:20:41 GMT
Server: Tengine
ETag: "5f2f7999-4f444"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Thu, 20 Aug 2020 22:46:55 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 324676
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_640_003.ts Show response
video.sekindo.com/uploads/cn5/video/users/hls/24485/video1523972806/vid5f2e270785d60094644426.mp4/ Frame 5EF5 324 KB
324 KB 56ms
56ms XHR
video/mp2t 185.127.16.53
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn5/video/users/hls/24485/video1523972806/vid5f2e270785d60094644426.mp4/w_640_003.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.53 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 7ec0ef05d9845b6d154c42f9494c0e952cfd46cb790960ed3744a33f4dba3812

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 22:46:55 GMT
Last-Modified: Sun, 09 Aug 2020 04:20:42 GMT
Server: Tengine
ETag: "5f2f799a-5102c"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Thu, 20 Aug 2020 22:46:55 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 331820
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_640_004.ts Show response
video.sekindo.com/uploads/cn5/video/users/hls/24485/video1523972806/vid5f2e270785d60094644426.mp4/ Frame 5EF5 342 KB
342 KB 56ms
55ms XHR
video/mp2t 185.127.16.53
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn5/video/users/hls/24485/video1523972806/vid5f2e270785d60094644426.mp4/w_640_004.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.53 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: fd75475c135be05c11519681df386bc75d83ff1a8ac65c408016a6904edda2ec

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 22:46:55 GMT
Last-Modified: Sun, 09 Aug 2020 04:20:42 GMT
Server: Tengine
ETag: "5f2f799a-556ac"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Thu, 20 Aug 2020 22:46:55 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 349868
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_640_005.ts Show response
video.sekindo.com/uploads/cn5/video/users/hls/24485/video1523972806/vid5f2e270785d60094644426.mp4/ Frame 5EF5 249 KB
249 KB 56ms
55ms XHR
video/mp2t 185.127.16.53
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn5/video/users/hls/24485/video1523972806/vid5f2e270785d60094644426.mp4/w_640_005.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.53 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: f09e4cecc35ca1512ed8645474955c4dccfc039d2b145657188ad94fe15417fe

Request headers

Referer: https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 22:46:55 GMT
Last-Modified: Sun, 09 Aug 2020 04:20:43 GMT
Server: Tengine
ETag: "5f2f799b-3e3d0"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Thu, 20 Aug 2020 22:46:55 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 254928
X-Proxy-Cache: HIT

Verdicts & Comments Add Verdict or Comment

249 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.casalemedia.com/	1970-01-19 20:28:14	Name: CMRUM3 Value: 275f35c2ea0b40&035f35c2ea276079685f35-c2e9-4100-83b1-7dc73ddf8b2f&2f5f35c2ea27606sy4bqBz1K6m025&585f35c2ea2760XzXC6gAAAJ3Q6QFU&2e5f35c2ea05a0&495f35c2ea05a00&1f5f35c2ea05a00&695f35c2ea05a00
.casalemedia.com/	1970-01-19 13:52:14	Name: CMPS Value: 5173
.adnxs.com/	1970-01-19 13:52:14	Name: uuid2 Value: 5820429402912912611
threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204	1970-01-19 11:52:43	Name: crfgL0cSt0r Value: true
.adnxs.com/	1970-01-19 13:52:14	Name: icu Value: ChgIzLJhEAoYASABKAEw54XX-QU4AUABSAEQ54XX-QUYAA..
.pubmatic.com/	1970-01-19 11:44:05	Name: pi Value: 159196:2
.casalemedia.com/	1970-01-19 11:44:05	Name: CMDD Value: AAamQAI*
.casalemedia.com/	1970-01-19 20:28:14	Name: CMID Value: XzXC51VbLVcAAE6behQAAABB
.ads.pubmatic.com/	1970-01-19 11:44:05	Name: KCCH Value: YES
.casalemedia.com/	1970-01-19 11:44:05	Name: CMST Value: XzXC5181wuoC
.openx.net/	1970-01-19 20:28:14	Name: i Value: 46eb59dc-824e-4276-aa58-e77fa83ae2a0\|1597358823
.pubmatic.com/	1970-01-19 13:52:14	Name: KTPCACOOKIE Value: YES
.openx.net/	1970-01-19 12:04:14	Name: pd Value: v2\|1597358825\|gekin0vNiygu
.threatpost.com/	1970-01-19 11:44:05	Name: _gid Value: GA1.2.2099508087.1597358824
.threatpost.com/	1970-01-20 05:13:50	Name: __gads Value: ID=2f119d03706d5318-22ac0e28b3b6009b:T=1597358824:S=ALNI_MataWfAC6PQJ-hmQE-gE9557y6cdQ
.threatpost.com/	1970-01-19 21:07:07	Name: __qca Value: P0-1534563410-1597358824298
.threatpost.com/	1970-01-20 05:13:50	Name: _ga Value: GA1.2.1383536824.1597358824
.casalemedia.com/	1970-01-19 13:52:14	Name: CMPRO Value: 1140
.threatpost.com/	1970-01-19 11:42:38	Name: _gat_UA-35676203-21 Value: 1

37 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 372) Message: gBrowserWidth =1600
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 397) Message: OpenX Slot defined for /21707124336/ThreatPost-970x250-ATF div-gpt-ad-6794670-2
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 397) Message: OpenX Slot defined for /21707124336/ThreatPost-300x250-ATF div-gpt-ad-6794670-3
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 397) Message: OpenX Slot defined for /21707124336/ThreatPost-300x600-ATF div-gpt-ad-6794670-5
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 397) Message: OpenX Slot defined for /21707124336/ThreatPost-2x2-Skin div-gpt-ad-6794670-1
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 28) Message: CMP: Startup v200
console-api	warning	URL: https://qd.admetricspro.com/js/threatpost/prebid.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: ENGINE: gSChainNodes found, prebid configured with 1 supply chain object(s)
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: ENGINE: final pbjs config
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: [object Object]
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: Initial Ad Load
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests() gPBJSTimeoutTimer=null pbjs.adserverRequestSent=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 28) Message: __uspLaunch begin
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 28) Message: CMP: No existing consent found in cookie, local or session storage
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 28) Message: CMP: checking non TCF vendor cookie
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 28) Message: CMP: No existing non-TCF consent found in cookie, local or session storage
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 28) Message: CMP: Locale=en-us gdpr= false
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 28) Message: CMP: GDPR does not apply
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: Amazon bids returned, count=4
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: [object Object],[object Object],[object Object],[object Object]
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: pbjs bids returned
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: gPBJSTimeoutTimer cleared
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendAdserverRequest(): pbjsBidsBack
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendAdserverRequest()
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: pbjs.getAdserverTargeting: >> Amazon >> Prebid
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: [object Object]
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: pbjs.getBidResponses:
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: [object Object]
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: gThisRefreshSlots=
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: [object Object],[object Object],[object Object],[object Object]
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendAdserverRequest(): ---> Calling googletag.pubads().refresh()
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: console.groupEnd
console-api	info	URL: https://cdn.ampproject.org/rtv/032008102328000/amp4ads-v0.js(Line 422) Message: Powered by AMP ⚡ HTML – Version 2008102328000 https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
console-api	info	URL: https://cdn.ampproject.org/rtv/032008102328000/amp4ads-v0.js(Line 422) Message: Powered by AMP ⚡ HTML – Version 2008102328000 https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
console-api	info	URL: https://cdn.ampproject.org/rtv/032008102328000/amp4ads-v0.js(Line 422) Message: Powered by AMP ⚡ HTML – Version 2008102328000 https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
console-api	info	URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js(Line 422) Message: Powered by AMP ⚡ HTML – Version 2007302351000 https://threatpost.com/teamviewer-fhigh-severity-flaw-windows-app/158204/
console-api	warning	URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPfxYNyDUpp-ZsmO7d3p0adoZKkeOc_U1qtFlrSNZa267gzw-EIXm2OKtxEXY4CRy1Yu_To941RI9kusW6wPrGX4n3ZVSGGE9Bg2nWdajcaO8iaRanDY98f7m8fSO1y9LzvtdDl4PeBWz3ENiipAW5PRMhR13ATdDWqamm7GSUk4XFhoezez1QCmZjQFrQptpTlnnDCKzmeWv61Ss2GXiGx1FdskathV_tfZOzYEST3z9KLIYpWR8voc3T8zUYtPb6XuRN2NLUGmd2IAdWgCxt&sai=AMfl-YQwR-Hvyj25ZR1TNoRTxRuf8Ny7XkjkkL4VIjgsev-Zg5iRjKucRPmc4UPAuaFtcFAL886vOmNPH2Hcyc4ZFCPVrKdYwvz5uzMRCX3vXTetwbXyc3vwnhgWBi-CqXw&sig=Cg0ArKJSzFgCc2SU001LEAE&adurl=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1922f1298d30d2bf058b0b9d293772cf.safeframe.googlesyndication.com
aas.dc-1.net
acdn.adnxs.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.servenobid.com
adserver-us.adtech.advertising.com
adservice.google.de
analytics.twitter.com
aol-match.dotomi.com
ap.lijit.com
as-sec.casalemedia.com
assets.threatpost.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cm.g.doubleclick.net
csync.loopme.me
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
hbopenbid.pubmatic.com
ib.adnxs.com
image2.pubmatic.com
js-sec.indexww.com
kasperskycontenthub.com
live.sekindo.com
match.adsrvr.org
media.threatpost.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prg.smartadserver.com
public.servenobid.com
qd.admetricspro.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ssum.casalemedia.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
sync.serverbid.com
t.co
tagan.adlightning.com
teachingaids-d.openx.net
threatpost.com
tlx.3lift.com
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
video.sekindo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.reddit.com
x.bidswitch.net
104.111.230.142
104.244.42.195
104.244.42.5
107.21.45.77
13.226.146.86
13.226.155.59
13.226.155.64
134.209.129.254
134.209.131.220
151.101.112.157
151.101.14.49
18.194.97.231
18.197.99.6
18.210.170.92
185.127.16.53
185.33.221.87
185.64.189.112
185.64.190.80
185.86.137.114
185.94.180.126
194.146.38.23
195.201.246.119
199.232.53.140
2.18.232.130
2.18.233.180
2.18.234.21
205.185.216.10
216.58.208.34
216.58.210.2
2600:9000:2182:b400:2:9275:3d40:93a1
2600:9000:2182:ce00:6:44e3:f8c0:93a1
2600:9000:2182:d600:0:5c46:4f40:93a1
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:e4::ac40:a60d
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:1ec:21::14
2a00:1288:110:c305::8000
2a00:1450:4001:800::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:815::2001
2a00:1450:4001:815::2002
2a00:1450:4001:815::2008
2a00:1450:4001:815::200e
2a00:1450:4001:818::2001
2a00:1450:4001:818::2002
2a00:1450:4001:818::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:825::2001
2a00:1450:400c:c00::9a
2a02:fa8:8806:12::1370
2a03:2880:f01c:800e:face:b00c:0:2
3.120.51.72
3.124.165.65
3.126.56.137
3.248.143.123
35.173.160.135
35.244.159.8
37.157.4.25
52.29.141.223
52.58.173.218
54.229.91.186
69.173.144.143
72.251.249.9
003c9273dfb8b75c0053dac9160e1015aced422aa4316e03a82b8b62f550a606
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14
00d4fbacbadc6ecbd73be323ec77febf3d856ce00dc5334d06462a315c7da8e7
01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0615aca9a317804aa42bf1c134629feafd836491badd06675a7b21f816dff4e9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
09d4a743d77aa6fe0f71e6a2192cbed1fb5195f6e73520ef929f24a4c147ab2b
0cf25abe73b03e246c0a820c825a1f433e36949c2cf456ce889d86e8dd9ec427
138d0f3d45a018aeb677b12a56a051e88cf664f2322ceb68215fa603ad5d8ee5
15ba3f1cbeac0010e26fe05dd3c46af2c9622740ad89a34edac1951dcfaea7db
15e9840f31982980328598c38e5c60434072901f2c902713ef9c4d4900e05307
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
1a8d6b535db2a2198bbcf4df783079928a9c863283e12463b128281c98306426
1bc2d4892d5d3e050de338654a05e4a7f6f0d55500a772d0d9ebac8047fb7940
1d31e336c064a986da29ce2df5077d3cdcbb9ebcbe510e79d8d50780b5d34b05
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f152c8879492dd153cf7a47ad195151e20491e60985d86f9ef7a7ddc85062f6
203a1218e57e160a9bd9533ed8ac9d755feeb6249f8e0ba7ddb85a3ace770f45
21e46fe44c6929876f5a413c843ae516c0ddfd1aad3e8e33446b7bc0a6781b08
2a68210e87bc56a699e7ee5f9a409f0019406ef73a1f695cc57059b6a5bffa80
2a7a5100d1b04b40f49ec3661a2ce57d3af5acbd35497cd946e87912a6c9e021
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d
2f25a39f2c5474b9740b85e156237560c9ab36e58985906223520786551147e8
3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838
312c53d2ef204d3c99dbb86e9f0da9119f4b7c9eb973483bbc2dcf9a59282ebd
3380f4a77c068e267ee52ba22e2e075293437d717a30e1d9a8e19939fcff0659
3435531b595fb1b2b529346e1df8c979a1fd727f56ea8c0d792316035440cac5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a
3de492888289525f15f0e9981546a69e539b8d610d9d29c2f1313392d5c48ed3
41f3222c29889fb48f5dca1d481858e5339a759655510c256ef4edf56c80f7f5
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
436dfd564e3baffcbeb4069006516328e56a9ed3f8aae07fab853d41afe118a7
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48bb205371f7266fdc88a9f818c312dc7690c0928ba049519e3e62675591261d
4c9f27e004aed53ebd5ac2e98631c7dd8bff747e2ca43bedd73d687ad3026d2e
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70
526b9f8b11732aaa1c63e4095d00260224980da6815af335fdbccd80c275cbb8
52ed237161ec86c2e05c00a7df4b6d9ac50e7ae6decf02d372b8614c0f32e805
54049bb1b8bcf97ba04b9fdaffa61060041569b274e5581964c9f1251274aac5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58f7596b6149cfabe4dd7dab7caa99d5d6b20136861256e622b174ed04f3c3eb
59a95f3c7670090ee4ebd2d8ba3d11ab3c815082a4436afa22cfeecf81f65c12
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf
5b1b3e1dbec0a6b898bf6b8f17caa692c112ba2d215a1300b1c014c75f9f5ad8
5b3dc87f350d793c67f1898bdb781878608a4cfff1d6db4c91a97415d4a5e259
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d363c974cd81869ce3fd8d76a06f12b273be51cb358a9a85c21d157eedde824
61a4bc886b01b16910328fd679fb6c6aa5b1f4212e1220be6e2f2b722762ea23
64f791cf5b11444b177786340186cb3ef3ed1c39938f49bc9d4a69bd21ba076d
66cfd93f20fe1bb1545202b2138ec00c34d51f2cf915409404f4615560dcf7cb
68ff86e6a3bc683739e7190e4efaff20bbafe0d89c99c42c1b17163ef5203968
6c6eaec776c9674bf1b09ac1de110c234aa55b3e4ad97106ba7c44cd988b84a1
6cdc57f82f4b0d09e5b4e584ca4736cd3871f20563d4ce25120b057d8ffb4eb2
702cebd3ec221caf7a6a9c1087f3caf695c64e4031356024c8a380be0315f9c4
7415e4a3750c12578d0b5cf920c001beb198ae27dea873d5354ef58c2f8b1c51
744f285380d50300c5f78b4a0e9b08f9cd096894251f5965264df5c21c287479
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7517792de8d4a1319afd85d8c3dcffe799ba5545129a650182e6c4b055302852
76102878c1198de858725194952ba1c6b35bdee0f870cc6a124e93d17385e64e
7860ef37e85676dcb81a99d7e5d6453bdacdf9d35aa45517a9ba9ea25bbd4c85
7a6eb26b5d11ac938f68345a3217cb8c915ec08dfff508113da5d538c6fb4131
7aeb0fc951d809e10eaa86e3ccb3e305cf878dc1333abed95d2e13a2fc08b058
7baf1574c7b4916cd5415e6c7b16471aaed1f197e1b4a1b666f82d1b40c342df
7d0492c66125b1c2bdc419641e41542857e7d90e323d355ee0b8bb268da121fb
7e2b472509d9e149690aba45c5917ebdd2f52471b98d414c2726301b90e08f21
7ec0ef05d9845b6d154c42f9494c0e952cfd46cb790960ed3744a33f4dba3812
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
812421b02eb63786971eaff88561f2e72e90e64b41ec4151c8c6b259ae135622
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
81faef927df2f003e391441240c925a2bea36fafcaab9090d9d1ff4572617044
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb
8a6a43b510a2faf7043f3494d1e7368134f853414fa069f88fda04ffe2fa5105
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
9133948060eb1ff2d37b7621a91e0398b002b3389cc3803198878b0e2b82a5a5
92814e48e334fb45bb8d9d0d2a6e68a1e601fd7ce63d25c10969cfd57bf4b1e8
940e0c3385928422aae38e1a74f1d84b462d8ce1a056c686fde505a0bf3162bb
94bbe88597e0219d302f9831df93d35a4b6ac350466dab312b4df25485812998
975b5abb80ee69b00355a78479830000663bae4b62558f8811ff323484f81169
99adcdbae7594190017340a8081f8ae8b8945a333cc22bf8017e7a9b72165646
9a45f4c35a9544ba4b1680fc5aa050bd1b08e3e373754e8313874d34cd302b35
9c2da5af765306938f3686c57c662647ba2795d1fd610ba731aab023ee46e0b0
9c5228b973ae8b0b891552910f971a913aa45f05622945fba9c951772cb2ee22
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a8afe8d2016e9ed60c3bb86078bc70cb98d7b37c603d0f60aaef2d2f34676851
a8cf444d8798d8bdc2e9fe8dca30d22aff85268bdfd687a20209b8ed11719d38
a981c6547c539efb95258bec25c7625cb4426928e323c07934f867401acf88c7
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be
b0209d39595432d762f6ba2a81dc0bffa6a6e1ed9021ba24ffa06c3c7e4bcb02
b0e9c036b95059c5248d9843288d2ad9ccefcfc79041ce61cb66c79e10eccbfe
b222437a7acd5d13d239187596fcd234361e3e19cb93ed289d4be07834eb2ba0
b2becc3ee4c223f5379897841889a9f8cb556bd61fe71e39a04241eddd147292
b2f2120413c3f779a2cd805d5919902537bebbfa00fa2393d8decc17c89f0608
b87f7e8a0a35e47f08f9b3f55f335b4c08aac813635aeedaf93b2d4805d63588
b9ce33d5c25659cfac7d43de803f0d367ddcabd7d31aee3ee9c95f9b7798784c
bcaa21df70fd10c5a594ac5996411eb517750a210903adaa56dc097d5936dc9e
c01164467154e1c091b160900b552bfc13f5f0e46d47ab5eef7beea4492ff104
c3c3adf25e6ebe1ff55aa701a876cdef3b991cf47ae57f38d935f7394f8be0c3
c60a934b02b52bef2bb536d0e82835f488418cec11dffb901cc2d2478d6b6282
c797b8e76efd67b8a2a71b7443e67081bd8192f6c756980342b132f459543d66
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb25ad537f4ede3689bafe083e196a093d59902e596af34e0bfe30d139294762
cdb440eb188c5f3313b45fa1b7dbf65801b68dad0ae40abbae95eab522573dab
cff176af94fb2ba3d7947937af82d39b63b010dde7a1f51e0c3d3caabf811390
d11ffb8360c7b1d991f9d6079a363e38bc309074d30cbe911ed7c921e46a3921
d32add32a46497be954c24de8302b9f8c6723ca84f7dd7bde5d8baf309d43915
d50decabb6250067e778613b69053fa1159e52657ce7c4909689482dc6040acf
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d744b6662b204961c1ef434523154a39a83ccc2c0d43b7ddf86e9c938db5bd92
da3a64d7c90b3f78c4a5550868c5ea865f1306cc6524f4205a2298b8346fb4d1
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0
e41f07eced66e12809bec654b0a18677a78a7814525dcb6b99934d0b4bcecfc4
e42f7806fd699d172d728f73f966a5d173cad2f4091aeed75cdb6ef611b4396e
e6135de980f52934f552690002886b31516660c9fba603904ed2f956d9ff3bc1
e7785e680569abfe0d6b2000d49f7c3635e3dd0d031b5809fc206df87db11d07
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ed1bd9b5fc31e624bb0b3ca2c510546c8a1bb6b41923e06768a735c75a9c704c
edb22a3a7ca5f29945ec20afbc45f688f926cb24970a6a5e6079e7f43e00d901
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09e4cecc35ca1512ed8645474955c4dccfc039d2b145657188ad94fe15417fe
f125fd246e10689d46bc3c7c529be4f784c9adf3f80f0790a3532f7efd01b012
f19e7ee6cdf20bd478c037707c447b7cd469051de4dadeac32a795efb463c2e2
f40e3d5b91387e92272b6d46fc83ce21041f130a29316d7216d3a1793d46c4f3
f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189
fb0481de0a27cd347fc3d1fa821a7cf6590296ec84668fa6c767c3a0dd6b6c74
fd18f241cd171d77b274ee662234b71f48ebc073ac0f228df239ac42fe3d3945
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fd75475c135be05c11519681df386bc75d83ff1a8ac65c408016a6904edda2ec
fdc8925648b957baf9f68b4647a851f8ba9f5dc4b1b0b87a9db3c8d29f2de8d2

threatpost.com Open in urlscan Pro 35.173.160.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

249 Requests

100 %HTTPS

38 %IPv6

47 Domains

72 Subdomains

60 IPs

11 Countries

4891 kBTransfer

9753 kBSize

19 Cookies

18 Outgoing links

Redirected requests

249 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Screenshot
Live screenshot

Full Image

249
Requests

100 %
HTTPS

38 %
IPv6

47
Domains

72
Subdomains

60
IPs

11
Countries

4891 kB
Transfer

9753 kB
Size

19
Cookies

249 HTTP transactions
8 data transactions