threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.silobreaker.com/e2t/tc/VVw6Km2rtFcPW33brmt2vY35BW4TqGZG4ndw0HN179mq_2-HwLV1-WJV7CgTS_VNNRz63rbNHkW1njM7515FrkwVp...
Effective URL:
https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88...
Submission: On February 19 via api (February 19th 2021, 12:04:30 pm UTC) from DE

Summary HTTP 131 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 32 IPs in 3 countries across 25 domains to perform 131 HTTP transactions. The main IP is 35.173.160.135, located in United States and belongs to AMAZON-AES, US. The main domain is threatpost.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 10th 2020. Valid for: a year.

This is the only time threatpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.2 199.60.103.2	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
18	35.173.160.135 35.173.160.135	14618 (AMAZON-AES) (AMAZON-AES)
3	13.226.159.35 13.226.159.35	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:e0:... 2606:4700:e0::ac40:6d0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
8	2600:9000:206... 2600:9000:206f:5a00:2:9275:3d40:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2600:9000:206... 2600:9000:206f:d200:0:5c46:4f40:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	65.9.95.127 65.9.95.127	16509 (AMAZON-02) (AMAZON-02)
1 17	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
10	18.224.195.241 18.224.195.241	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:7c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2016	15169 (GOOGLE) (GOOGLE)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.113.140 151.101.113.140	54113 (FASTLY) (FASTLY)
131	32

2 199.60.103.2 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.silobreaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 35.173.160.135 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com

threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kasperskycontenthub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.159.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-35.dus51.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:e0::ac40:6d0a (United States)

ASN13335 (CLOUDFLARENET, US)

qd.admetricspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:206f:5a00:2:9275:3d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:206f:d200:0:5c46:4f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.127 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.101.194.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.224.195.241 (Columbus, United States)

ASN16509 (AMAZON-02, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:7c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (United States)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	threatpost.com threatpost.com assets.threatpost.com media.threatpost.com	737 KB
27	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com vid.connatix.com img.connatix.com	2 MB
13	gstatic.com www.gstatic.com fonts.gstatic.com	769 KB
12	google.com www.google.com	46 KB
9	youtube.com www.youtube.com	670 KB
7	admetricspro.com qd.admetricspro.com	318 KB
4	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net	103 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	adlightning.com tagan.adlightning.com	48 KB
2	amazon-adsystem.com c.amazon-adsystem.com	33 KB
2	silobreaker.com 1 redirects info.silobreaker.com	3 KB
1	reddit.com www.reddit.com	1 KB
1	linkedin.com www.linkedin.com
1	facebook.com graph.facebook.com	593 B
1	twitter.com analytics.twitter.com	283 B
1	ytimg.com i.ytimg.com	32 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	google.de www.google.de	107 B
1	t.co t.co	170 B
1	quantcount.com rules.quantcount.com quantcount.com Failed	357 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	quantserve.com secure.quantserve.com	9 KB
1	googletagmanager.com www.googletagmanager.com	50 KB
1	kasperskycontenthub.com kasperskycontenthub.com	399 B
1	googletagservices.com www.googletagservices.com	19 KB
131	25

	Domain	Requested by
17	threatpost.com	info.silobreaker.com threatpost.com
12	www.google.com	threatpost.com www.youtube.com tagan.adlightning.com www.gstatic.com www.google.com
11	vid.connatix.com	cd.connatix.com
11	www.gstatic.com	www.google.com www.youtube.com www.gstatic.com
11	media.threatpost.com	threatpost.com
10	capi.connatix.com	cd.connatix.com
9	www.youtube.com	threatpost.com www.youtube.com
8	assets.threatpost.com	threatpost.com assets.threatpost.com
7	qd.admetricspro.com	threatpost.com qd.admetricspro.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com threatpost.com
3	cds.connatix.com	threatpost.com tagan.adlightning.com cd.connatix.com
3	tagan.adlightning.com	threatpost.com tagan.adlightning.com
2	img.connatix.com	threatpost.com
2	fonts.gstatic.com	www.youtube.com www.google.com
2	c.amazon-adsystem.com	qd.admetricspro.com c.amazon-adsystem.com
2	info.silobreaker.com	1 redirects
1	www.reddit.com	threatpost.com
1	www.linkedin.com	threatpost.com
1	graph.facebook.com	threatpost.com
1	analytics.twitter.com	tagan.adlightning.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.de	threatpost.com
1	t.co	threatpost.com
1	static.doubleclick.net	www.youtube.com
1	googleads.g.doubleclick.net	www.youtube.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	secure.quantserve.com
1	static.ads-twitter.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.googletagmanager.com	threatpost.com
1	kasperskycontenthub.com	threatpost.com
1	cd.connatix.com	1 redirects
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	www.googletagservices.com	threatpost.com
0	quantcount.com Failed	secure.quantserve.com
131	36

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
feedly.com
www.instagram.com
www.justice.gov
akismet.com
t.co
indd.adobe.com
spotlight.threatpost.com

Subject Issuer	Validity	Valid
info.silobreaker.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
threatpost.com DigiCert SHA2 Secure Server CA	`2020-06-10` - `2021-06-15`	a year	crt.sh
*.adlightning.com Amazon	`2020-07-22` - `2021-08-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-10` - `2021-08-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
assets.threatpost.com Amazon	`2021-02-04` - `2022-03-05`	a year	crt.sh
media.threatpost.com Amazon	`2021-02-04` - `2022-03-05`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
kasperskycontenthub.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2021-06-09`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-01-12` - `2022-01-11`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-30` - `2021-11-29`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2021-08-16`	6 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-07-06`	6 months	crt.sh

This page contains 7 frames:

Primary Page: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Frame ID: 8D2D9BE78588C18D9FCAC9B02F2A91C8
Requests: 74 HTTP requests in this frame

Frame: https://cds.connatix.com/p/102412/connatix.player.dc.js
Frame ID: BF41E9196A893246FC9DE9CFB2D6C30E
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed
Frame ID: C1D202FC977BCFE6CE2B715BC2963984
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&theme=standard&size=normal&cb=79hlwc8iimnk
Frame ID: B8D662F098029DD312866D7D44F9FA5E
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&theme=light&size=normal&cb=1a0jdvfhs6vw
Frame ID: 0AE0933CE35CD1B1920B995C14878CCA
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=zf6xv1l5kkyt
Frame ID: 85F38EA6E66801154BAEBBAC9C4F16A4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&cb=g89vo8ymmn2v
Frame ID: 3F75A98D4C71BA723C5A70AE25B34F08
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.silobreaker.com/e2t/tc/VVw6Km2rtFcPW33brmt2vY35BW4TqGZG4ndw0HN179mq_2-HwLV1-WJV7CgTS_VNNRz63... Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VVw6Km2rtFcPW33brmt2vY35BW4TqGZG4ndw0HN179mq_2-HwL... HTTP 307
https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-sc... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

131
Requests

99 %
HTTPS

65 %
IPv6

25
Domains

36
Subdomains

32
IPs

3
Countries

4421 kB
Transfer

10258 kB
Size

0
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/threatpost/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/threatpost

Search URL Search Domain Scan URL

URL: https://feedly.com/threatpost

Search URL Search Domain Scan URL

URL: https://www.instagram.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://www.justice.gov/usao-sdny/press-release/file/1368116/download
Title: in one incident

Search URL Search Domain Scan URL

URL: https://www.justice.gov/usao-sdny/pr/six-defendants-arrested-multiple-states-laundering-proceeds-fraud-schemes-targeting
Title: on Wednesday

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=VQO8HQSA54I&feature=emb_title
Title: talks to Threatpost about why these types of scams continue to work

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

URL: http://twitter.com/search?q=%23website
Title: #website

Search URL Search Domain Scan URL

URL: http://twitter.com/search?q=%23Microsoft
Title: #Microsoft

Search URL Search Domain Scan URL

URL: https://t.co/7ESThr7aKu
Title: https://t.co/7ESThr7aKu

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost
Title: Follow @threatpost

Search URL Search Domain Scan URL

URL: https://indd.adobe.com/view/01579c19-a6ca-4cb0-8106-ed4d5d02a292
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://spotlight.threatpost.com/
Title: HackerOne Spotlight

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.silobreaker.com/e2t/tc/VVw6Km2rtFcPW33brmt2vY35BW4TqGZG4ndw0HN179mq_2-HwLV1-WJV7CgTS_VNNRz63rbNHkW1njM7515FrkwVp4XqR2fN3v6W66KRbf2MtvlWW2W3tmX14gcgYVptQm54br9MBW2DVgX-3YbTy8W7pZpT4564-XfW6tdykr7wLRgVW1Tz5jT49znFpW1L9NPM1hQr-1W52XpGK8ZmFT1W8VDqrm6K7hdpW1bnZLS6mB131W7D-RSn2bHNW5W21qqNW2_6Y5DW3lZPKx1jd-5GW840zRg4m50qtW8yBhrt6QTj6LW3zmFxv3v4MGQW3gJRJn1rsbsXW1VNrnl2fNflfW4DJhHT4Lb8FcW6tb-j14bNy4vW9cPfTQ8S26D5W1h4h2Z7z-F-hW3Lg5Yh7RqsqJVB43Wl24Cm9m35b91 Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VVw6Km2rtFcPW33brmt2vY35BW4TqGZG4ndw0HN179mq_2-HwLV1-WJV7CgTS_VNNRz63rbNHkW1njM7515FrkwVp4XqR2fN3v6W66KRbf2MtvlWW2W3tmX14gcgYVptQm54br9MBW2DVgX-3YbTy8W7pZpT4564-XfW6tdykr7wLRgVW1Tz5jT49znFpW1L9NPM1hQr-1W52XpGK8ZmFT1W8VDqrm6K7hdpW1bnZLS6mB131W7D-RSn2bHNW5W21qqNW2_6Y5DW3lZPKx1jd-5GW840zRg4m50qtW8yBhrt6QTj6LW3zmFxv3v4MGQW3gJRJn1rsbsXW1VNrnl2fNflfW4DJhHT4Lb8FcW6tb-j14bNy4vW9cPfTQ8S26D5W1h4h2Z7z-F-hW3Lg5Yh7RqsqJVB43Wl24Cm9m35b91?_ud=1adeb019-bc02-42a7-a5f3-800362cfaa40&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/102412/connatix.player.dc.js

131 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVw6Km2rtFcPW33brmt2vY35BW4TqGZG4ndw0HN179mq_2-HwLV1-WJV7CgTS_VNNRz63rbNHkW1njM7515FrkwVp4XqR2fN3v6W66KRbf2MtvlWW2W3tmX14gcgYVptQm54br9MBW2DVgX-3YbTy8W7pZpT4564-XfW6tdykr7wLRgVW1Tz5jT49znFpW1L9NPM1...
info.silobreaker.com/e2t/tc/ 9 KB
3 KB 172ms
165ms Document
text/html 199.60.103.2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://info.silobreaker.com/e2t/tc/VVw6Km2rtFcPW33brmt2vY35BW4TqGZG4ndw0HN179mq_2-HwLV1-WJV7CgTS_VNNRz63rbNHkW1njM7515FrkwVp4XqR2fN3v6W66KRbf2MtvlWW2W3tmX14gcgYVptQm54br9MBW2DVgX-3YbTy8W7pZpT4564-XfW6tdykr7wLRgVW1Tz5jT49znFpW1L9NPM1hQr-1W52XpGK8ZmFT1W8VDqrm6K7hdpW1bnZLS6mB131W7D-RSn2bHNW5W21qqNW2_6Y5DW3lZPKx1jd-5GW840zRg4m50qtW8yBhrt6QTj6LW3zmFxv3v4MGQW3gJRJn1rsbsXW1VNrnl2fNflfW4DJhHT4Lb8FcW6tb-j14bNy4vW9cPfTQ8S26D5W1h4h2Z7z-F-hW3Lg5Yh7RqsqJVB43Wl24Cm9m35b91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: info.silobreaker.com
:scheme: https
:path: /e2t/tc/VVw6Km2rtFcPW33brmt2vY35BW4TqGZG4ndw0HN179mq_2-HwLV1-WJV7CgTS_VNNRz63rbNHkW1njM7515FrkwVp4XqR2fN3v6W66KRbf2MtvlWW2W3tmX14gcgYVptQm54br9MBW2DVgX-3YbTy8W7pZpT4564-XfW6tdykr7wLRgVW1Tz5jT49znFpW1L9NPM1hQr-1W52XpGK8ZmFT1W8VDqrm6K7hdpW1bnZLS6mB131W7D-RSn2bHNW5W21qqNW2_6Y5DW3lZPKx1jd-5GW840zRg4m50qtW8yBhrt6QTj6LW3zmFxv3v4MGQW3gJRJn1rsbsXW1VNrnl2fNflfW4DJhHT4Lb8FcW6tb-j14bNy4vW9cPfTQ8S26D5W1h4h2Z7z-F-hW3Lg5Yh7RqsqJVB43Wl24Cm9m35b91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:08 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=ddbc57727192f69c339b00fd30e2cae2f1613736248; expires=Sun, 21-Mar-21 12:04:08 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=4c919174911732113b29f78b60923d4059a72edb-1613736248; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray: 623fd9407b040b63-AMS
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 085bc61c4700000b630da48000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
server: cloudflare
content-encoding: br

GET
H/1.1

200
OK

Primary Request / Show response
threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/
Redirect Chain

https://info.silobreaker.com/events/public/v1/track/tc/VVw6Km2rtFcPW33brmt2vY35BW4TqGZG4ndw0HN179mq_2-HwLV1-WJV7CgTS_VNNRz63rbNHkW1njM7515FrkwVp4XqR2fN3v6W66KRbf2MtvlWW2W3tmX14gcgYVptQm54br9MBW2DVg...
https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoE...

85 KB
23 KB

1174ms
784ms

Document
text/html

35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w

Requested by

Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVw6Km2rtFcPW33brmt2vY35BW4TqGZG4ndw0HN179mq_2-HwLV1-WJV7CgTS_VNNRz63rbNHkW1njM7515FrkwVp4XqR2fN3v6W66KRbf2MtvlWW2W3tmX14gcgYVptQm54br9MBW2DVgX-3YbTy8W7pZpT4564-XfW6tdykr7wLRgVW1Tz5jT49znFpW1L9NPM1hQr-1W52XpGK8ZmFT1W8VDqrm6K7hdpW1bnZLS6mB131W7D-RSn2bHNW5W21qqNW2_6Y5DW3lZPKx1jd-5GW840zRg4m50qtW8yBhrt6QTj6LW3zmFxv3v4MGQW3gJRJn1rsbsXW1VNrnl2fNflfW4DJhHT4Lb8FcW6tb-j14bNy4vW9cPfTQ8S26D5W1h4h2Z7z-F-hW3Lg5Yh7RqsqJVB43Wl24Cm9m35b91

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6b88d2682090d977a5572bbe665a5cba66b7964012c7b2b7cd2e05de0e0495d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: threatpost.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://info.silobreaker.com/e2t/tc/VVw6Km2rtFcPW33brmt2vY35BW4TqGZG4ndw0HN179mq_2-HwLV1-WJV7CgTS_VNNRz63rbNHkW1njM7515FrkwVp4XqR2fN3v6W66KRbf2MtvlWW2W3tmX14gcgYVptQm54br9MBW2DVgX-3YbTy8W7pZpT4564-XfW6tdykr7wLRgVW1Tz5jT49znFpW1L9NPM1hQr-1W52XpGK8ZmFT1W8VDqrm6K7hdpW1bnZLS6mB131W7D-RSn2bHNW5W21qqNW2_6Y5DW3lZPKx1jd-5GW840zRg4m50qtW8yBhrt6QTj6LW3zmFxv3v4MGQW3gJRJn1rsbsXW1VNrnl2fNflfW4DJhHT4Lb8FcW6tb-j14bNy4vW9cPfTQ8S26D5W1h4h2Z7z-F-hW3Lg5Yh7RqsqJVB43Wl24Cm9m35b91

Response headers

Server: nginx
Date: Fri, 19 Feb 2021 12:04:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Link: <https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/wp-json/wp/v2/posts/164086>; rel="alternate"; type="application/json" <https://threatpost.com/?p=164086>; rel=shortlink
X-Frame-Options: SAMEORIGIN
X-Debug-Auth: off
X-Request-Host: threatpost.com
x-cache-hit: MISS
Content-Encoding: gzip

Redirect headers

date: Fri, 19 Feb 2021 12:04:08 GMT
location: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
cf-ray: 623fd9418dd80b63-AMS
link: <https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 085bc61cf300000b63a0a2d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-robots-tag: none
server: cloudflare

GET
H/1.1 200
OK main.css
threatpost.com/wp-content/themes/threatpost-2018/assets/css/ 253 KB
39 KB 499ms
239ms Stylesheet
text/css 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 41f3222c29889fb48f5dca1d481858e5339a759655510c256ef4edf56c80f7f5

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 19 Feb 2021 12:04:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 10:09:50 GMT
Server: nginx
ETag: W/"602f8e6e-3f2b8"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 26 Feb 2021 12:04:10 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/math-aids-threatpost/ 37 KB
13 KB 187ms
66ms Script
application/javascript 13.226.159.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-35.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61b12f8d4767ea81ad85d30304b6bd7f0312e2666a65a244ac142561146489a5

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: jVnLUjn__Nuoxz2fiLDhnmHG9tUSgCms
content-encoding: gzip
etag: "5869abd5259ed56402e7c5c7615abd61"
age: 3393
x-cache: Hit from cloudfront
content-length: 13349
x-amz-meta-git_commit: 9a4f7ce
last-modified: Thu, 18 Feb 2021 22:04:55 GMT
server: AmazonS3
date: Fri, 19 Feb 2021 11:07:38 GMT
content-type: application/javascript
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: zfSa-owF3kH6WRV_7NYCgQp3LHW5ie8dgNLKc1sqBTiL200RpQ3vKg==

GET
H2 200 ros-layout.js Show response
qd.admetricspro.com/js/threatpost/ 23 KB
3 KB 51ms
14ms Script
application/javascript 2606:4700:e0::ac40:6d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63d79a5b76b4bef8bb9cd4b451bb60b4a2d277e3b4664d26eac47cb8527fbe02

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 509
cf-request-id: 085bc622a500001f21799a4000000001
last-modified: Tue, 24 Nov 2020 20:59:06 GMT
server: cloudflare
etag: W/"5a6e-5b4e094d59cb4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kPDavwny%2FtIrAFHxFmhuSq1pD4h%2B2OJ%2B0%2Fa4tvifMJVEvSzrduKzuusFhvodvTpchWGFfw%2Fp1ncQHVB%2FFQhFHZl292sjZQxHO3gTxtyBN6GZRg0Y6FAswlHAdmY9ZGph"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 623fd94aaa8a1f21-FRA
expires: Fri, 19 Feb 2021 12:01:53 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 56 KB
19 KB 24ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9c3215051cf74f305e0d3fb72d249854498dd3a2ee85b6d6e029f6fec090d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "788 / 507 of 1000 / last-modified: 1613731346"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19459
x-xss-protection: 0
expires: Fri, 19 Feb 2021 12:04:09 GMT

GET
H2 200 cmp.js Show response
qd.admetricspro.com/js/threatpost/ 305 KB
82 KB 68ms
32ms Script
application/javascript 2606:4700:e0::ac40:6d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73339d824e344121a3039b2e0e9c9353fb8132e005bb6d53249814c213520d5d

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 509
cf-request-id: 085bc622a600001f213e177000000001
last-modified: Tue, 06 Oct 2020 19:53:29 GMT
server: cloudflare
etag: W/"4c426-5b105f3f297c7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NBvpQyEiGIF%2FxzOzSVdpf%2FAdFn4PAIxv9tPx%2BL%2BUtAfEVtxNP0A8%2FBive59ICLGE1Mb8nhXwXhd4F7oBI8%2FW2hjqJITJm6WQ33FtJltkSgUGpH6vWq7RhxnaF34m38Jk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 623fd94aaa8b1f21-FRA
expires: Fri, 19 Feb 2021 12:04:01 GMT

GET
H2 200 uspcmp.js Show response
qd.admetricspro.com/js/threatpost/ 148 KB
55 KB 62ms
26ms Script
application/javascript 2606:4700:e0::ac40:6d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 509
cf-request-id: 085bc622a600001f2165a13000000001
last-modified: Sat, 08 Aug 2020 22:40:07 GMT
server: cloudflare
etag: W/"24e50-5ac65673cef1c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y7TzH1TMVLjQBl0EooqlF8hUYaKNqGV3adeD5cCIBYr9kB42Tny3dTtiDQEl7XmLrS91QkKR8nARkjPQk3%2BDWqI131j%2FhuNMDdIf%2FffCCcKCVofOWLhB0H%2B%2BdSxS%2FJm1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 623fd94aaa8c1f21-FRA
expires: Fri, 19 Feb 2021 12:04:01 GMT

GET
H2 200 targeting.js Show response
qd.admetricspro.com/js/threatpost/ 275 B
798 B 49ms
13ms Script
application/javascript 2606:4700:e0::ac40:6d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/targeting.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cdc57f82f4b0d09e5b4e584ca4736cd3871f20563d4ce25120b057d8ffb4eb2

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 509
cf-request-id: 085bc622a600001f21542df000000001
last-modified: Sat, 08 Feb 2020 20:49:18 GMT
server: cloudflare
etag: W/"113-59e16a3cfb471-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BMeBQEsmVjVxp0aHV1X9nq4XJsoEhxOJXkUupzurdDrJhQgxpoe9gntBzVsoVG7I8zlwD3eRQNDM5%2B4KCdHlCNAozB1qdb1HzJGlSSQGmFOJAqhk3TbxDL3vp0iuZogg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 623fd94aaa901f21-FRA
expires: Fri, 19 Feb 2021 12:01:52 GMT

GET
H2 200 prebid.js Show response
qd.admetricspro.com/js/threatpost/ 505 KB
140 KB 82ms
47ms Script
application/javascript 2606:4700:e0::ac40:6d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab09814addb95f1753755def0c6f218e5b6e35ad6304225e08454c413cfc258a

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 509
cf-request-id: 085bc622a900001f21a58cb000000001
last-modified: Sun, 31 Jan 2021 19:19:37 GMT
server: cloudflare
etag: W/"7e597-5ba371e468061-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p1pLIuKhgsYpIu%2B%2BDvP6reMczK%2BIXVwYuLMaYyOGyNQEE9g%2BQNlmHxp7WGbyszPJCM3cHNRkQi%2BsbU2Hq9ot5QtpN21Aj0QIBgPycnp90ukvli7raw7AUbNHomD9eESb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 623fd94aaa921f21-FRA
expires: Fri, 19 Feb 2021 12:04:01 GMT

GET
H2 200 engine.js Show response
qd.admetricspro.com/js/threatpost/ 28 KB
8 KB 51ms
16ms Script
application/javascript 2606:4700:e0::ac40:6d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/engine.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 747a03fee397ff9cf8a76308966b2cc28f4dd00160af7610bc81ccfcb2836fab

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 509
cf-request-id: 085bc622a600001f2145275000000001
last-modified: Fri, 09 Oct 2020 03:25:52 GMT
server: cloudflare
etag: W/"6e56-5b1348179d4a3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jxwQhBy8oLarm%2BS8aCP9xQlTrzXGGrK%2BHBDzrXdXldGKFTI4bjXb%2BMqxaBUd4k1RLzax%2BsfbjmMsY9Y5j8XytSBHS5RJ%2BYjGD3UISb4hro1hPnF4XBgZlzouUVEs71%2BR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 623fd94aaa931f21-FRA
expires: Fri, 19 Feb 2021 12:04:01 GMT

GET
H2 200 /
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 87 KB
18 KB 752ms
709ms Stylesheet
text/css 2600:9000:206f:5a00:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=8cd19980

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:5a00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9cb34fc9e773a7a413885fe681bcf09ee674d882f7a2461bb27f3dc8f960bfac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:10 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 18268
x-cache-hit: HIT
last-modified: Fri, 19 Feb 2021 10:10:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: qGptlJGeilODuCXsVvO7lGMrSjvzX1_f-dLC-ViGa563UZMJI4GjeA==
expires: Sat, 20 Feb 2021 10:11:38 GMT

GET
H/1.1 200
OK jquery-1.12.4-wp.js Show response
threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/ 95 KB
37 KB 395ms
132ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 19 Feb 2021 12:04:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 10:09:54 GMT
Server: nginx
ETag: W/"602f8e72-17a56"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 26 Feb 2021 12:04:10 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 177 KB
55 KB 754ms
712ms Script
application/x-javascript 2600:9000:206f:5a00:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=8cd19980

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:5a00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b0209d39595432d762f6ba2a81dc0bffa6a6e1ed9021ba24ffa06c3c7e4bcb02

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:10 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 56256
x-cache-hit: HIT
last-modified: Fri, 19 Feb 2021 10:09:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: ZSsLftXOQboJkzcoS3CSHH_dULhBELosgKTTzWErMFH6-LKBUVnQcQ==
expires: Sat, 20 Feb 2021 10:12:33 GMT

GET
H2 200 Cybercriminal-enterprise-Ghana.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/02/18145644/ 28 KB
28 KB 40ms
6ms Image
image/jpeg 2600:9000:206f:d200:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/02/18145644/Cybercriminal-enterprise-Ghana.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 579a518cc3716e48123799f6fce8d5c024541b108ffeedea54ab7787c1513ba4

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:31:15 GMT
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront), 1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
last-modified: Thu, 18 Feb 2021 19:56:45 GMT
server: AmazonS3
age: 52376
etag: "b5b478099758b03bc62d59adf2a7bcb9"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA56-C1
accept-ranges: bytes
content-length: 28570
x-amz-cf-id: 3dVfw4pgxt0_8_th0zCjZU3VISOLRsIjP_4ZLH1WsndAwnYOuvYpAA==
expires: Fri, 18 Feb 2022 19:56:44 GMT

GET
H3-Q050 200 api.js Show response
www.google.com/recaptcha/ 850 B
679 B 17ms
16ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

293758e111415003d2d741e154bc633cde1320e6788bd75aa9c173ca84985108

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551
x-xss-protection: 1; mode=block
expires: Fri, 19 Feb 2021 12:04:10 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 2 KB
1 KB 364ms
364ms Script
application/x-javascript 2600:9000:206f:5a00:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/jquery.json.min.js&ver=8cd19980

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:5a00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:11 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 926
x-cache-hit: HIT
last-modified: Fri, 19 Feb 2021 10:09:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: wK9cKwsilM0BtEKbcas6mXmupNysvKC8TrExn3yZmIMLDLN8sWxQ7g==
expires: Sat, 20 Feb 2021 10:10:38 GMT

GET
H/1.1 200
OK gravityforms.min.js Show response
threatpost.com/wp-content/plugins/gravityforms/js/ 34 KB
12 KB 960ms
134ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.17.15
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 19 Feb 2021 12:04:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 10:09:58 GMT
Server: nginx
ETag: W/"602f8e76-88c2"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 26 Feb 2021 12:04:11 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 7 KB
3 KB 278ms
273ms Script
application/x-javascript 2600:9000:206f:5a00:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/conditional_logic.min.js&ver=8cd19980

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:5a00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:11 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 2685
x-cache-hit: HIT
last-modified: Fri, 19 Feb 2021 10:09:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: pXWNdV7c_LgDHBvRxEJ5VRhRDj1WaDrKmrMpO5Dv_MjpYOlR8xjEQw==
expires: Sat, 20 Feb 2021 10:10:54 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 5 KB
2 KB 278ms
273ms Script
application/x-javascript 2600:9000:206f:5a00:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/placeholders.jquery.min.js&ver=8cd19980

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:5a00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:11 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 1747
x-cache-hit: HIT
last-modified: Fri, 19 Feb 2021 10:09:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: uaEiSTr2-yOyLCDa6y6beEzpmDcK5HW6hlT1DefWTZRwR-zgGM9OGg==
expires: Sat, 20 Feb 2021 10:12:37 GMT

GET
H3-Q050 200 api.js Show response
www.google.com/recaptcha/ 852 B
579 B 20ms
16ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en&render=explicit&ver=5.6.1

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fde06f152e9231d3319414a1f9945b0aef3e24c95e703dcb0bb6f053c43a4c21

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 552
x-xss-protection: 1; mode=block
expires: Fri, 19 Feb 2021 12:04:10 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 2 KB
1 KB 370ms
365ms Script
application/x-javascript 2600:9000:206f:5a00:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/js/wp-embed.min.js,wp-content/plugins/akismet/_inc/form.js&ver=8cd19980

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:5a00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4e5ea4214b4900c4c114a5d5370fdf6a22bd14a1b1b49328be823e523ece3839

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:11 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 972
x-cache-hit: HIT
last-modified: Wed, 03 Feb 2021 21:27:35 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: dKqokibuQ5Cr6zVon-0-vFxalp57nv2BANIt8hUGhAm0w89efX4UvQ==
expires: Sat, 20 Feb 2021 10:15:53 GMT

GET
H2 200 b-9a4f7ce-a7f6098c.js Show response
tagan.adlightning.com/math-aids-threatpost/ 61 KB
21 KB 69ms
65ms Script
application/javascript 13.226.159.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-9a4f7ce-a7f6098c.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-35.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0119689800eadf6270855a19b65d74251e7da6be5e4686f36c15bf81281ddb4c

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:52:59 GMT
content-encoding: gzip
age: 1246272
x-cache: Hit from cloudfront
content-length: 20808
x-amz-meta-git_commit: 9a4f7ce
last-modified: Tue, 18 Aug 2020 17:45:57 GMT
server: AmazonS3
etag: "98ae1c21c96b68b5f173604d82c35d5d"
x-amz-version-id: PzdVsYQ0bdCd7Kp..jKBw4vE53Z4BW7z
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: jvYQev1jSMq04fQ1oj_ucBnUs5kQ2PRTJwP1LsWw857h3MiFkBLXuQ==

GET
H2 200 bl-c29bca2-47598b56.js Show response
tagan.adlightning.com/math-aids-threatpost/ 44 KB
14 KB 68ms
65ms Script
application/javascript 13.226.159.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-c29bca2-47598b56.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-35.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d467ea5aff01d857984e4ee9e8554e73c4d33c172f2eb2fa1b59e1799ce3936

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 22:05:00 GMT
content-encoding: gzip
age: 50351
x-cache: Hit from cloudfront
content-length: 13592
x-amz-meta-git_commit: c29bca2
last-modified: Thu, 18 Feb 2021 22:04:34 GMT
server: AmazonS3
etag: "ef9577d9bc5ca4c496837a0f9a9c76ec"
x-amz-version-id: M7W3lI6QAKBb6qMnZljcTWnl_iFK7dFs
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: KXHCE9djPmlUlbkkZojp5PmC8IgmjE17DEn26nUlMz9kDCiRyTD1Qw==

GET
H2 200 pubads_impl_2021021801.js Show response
securepubads.g.doubleclick.net/gpt/ 292 KB
102 KB 51ms
50ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060199

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

f76bf2498cc215bd189c7e15bdd617ef64110566f7701dcf920ad3838301624b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 19 Feb 2021 12:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 09:38:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104640
x-xss-protection: 0
expires: Fri, 19 Feb 2021 12:04:10 GMT

GET
H2 200 vendor-list.json Show response
qd.admetricspro.com/js/cmp2/ 286 KB
30 KB 199ms
179ms XHR
application/json 2606:4700:e0::ac40:6d0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/cmp2/vendor-list.json
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec95a631650981cd2ff2eecd07118042dee23fc0a3fd6ed70926fa3d94e4e5d3

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 06 Oct 2020 19:31:27 GMT
server: cloudflare
etag: W/"4773b-5b105a5302c6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8RlFELwPSxjf54WuQR%2BWoba1VhDY8iIv%2FzdDTluxdVMaULz%2BiL7OlNMizAkmAiSK6Qlgjf2AJTUxCPq%2BFLwqap6LePVdduJwxWfthrRvIujSQ7dIKCH0n5x%2FYjYF4j7C"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 623fd94ebfcf2bdd-FRA
cf-request-id: 085bc6252f00002bddfb367000000001
expires: Fri, 19 Feb 2021 12:14:10 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 115 KB
30 KB 87ms
83ms Script
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 130eab0b79272570e565d77bb286b5755b9aae8f33efe8af7a2689bf8eabb859

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:03:22 GMT
content-encoding: gzip
server: Server
age: 48
etag: d7c8ebbead57940cf77ae4183f7ff01a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c76f57c516237f120f723cde4dab446f.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: pkiOsnrw5ub40d2SPOSAjPBBoA7O4uIM
x-amz-cf-id: lE4zNHf2cEiAqzG2kpzP_h8z-oOAwYo5mMly9V6_LvhFPEPd7KKcQw==

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/102412/ Frame BF41
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/102412/connatix.player.dc.js

945 KB
207 KB

45ms
43ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/102412/connatix.player.dc.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 860373f1865a43b2ac7823995fa1e22e9eb2f7c10c911a16b10f91728e2b9df3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: .aHdNUiXn9oU4DfkB3Y2gbSCt4pRPpQF
via: 1.1 varnish, 1.1 varnish
etag: "6eb1fbdf21404792cf6a344ff60fc1ae"
age: 59051
x-cache: HIT, HIT
x-amz-replication-status: FAILED
content-encoding: br
content-length: 211498
x-served-by: cache-dca17739-DCA, cache-hhn4045-HHN
last-modified: Thu, 18 Feb 2021 19:37:35 GMT
x-timer: S1613736251.866671,VS0,VE0
date: Fri, 19 Feb 2021 12:04:10 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 227

Redirect headers

date: Fri, 19 Feb 2021 12:04:10 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-served-by: cache-hhn4045-HHN
x-cache: HIT
location: https://cds.connatix.com/p/102412/connatix.player.dc.js
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
x-timer: S1613736251.817243,VS0,VE1
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK / Show response
kasperskycontenthub.com/ 0
399 B 581ms
181ms Script
application/javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=1332846434&back=https%3A%2F%2Fthreatpost.com%2Fcybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams%2F164086%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 12:04:11 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Type: application/javascript
x-cache-hit: MISS
Transfer-Encoding: chunked
X-Debug-Auth: off
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Request-Host: kasperskycontenthub.com
X-XSS-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 158 KB
50 KB 32ms
29ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dde149cd65d9e63eb4673c1f38e5eb2f3deaa1c79d89687f5f655ceaca836065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:10 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50994
x-xss-protection: 0
expires: Fri, 19 Feb 2021 12:04:10 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/ 13 KB
5 KB 917ms
133ms Other
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 19 Feb 2021 12:04:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 10:09:49 GMT
Server: nginx
ETag: W/"602f8e6d-3496"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 26 Feb 2021 12:04:11 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 13 KB
5 KB 923ms
132ms Other
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 19 Feb 2021 12:04:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 10:10:00 GMT
Server: nginx
ETag: W/"602f8e78-3496"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 26 Feb 2021 12:04:11 GMT

GET
H2 200 VQO8HQSA54I Show response
www.youtube.com/embed/ Frame C1D2 51 KB
22 KB 52ms
51ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f5188b5a9263c0a0e0b1dbedb01498f08969de3d3140fd2016625f753ef24ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/VQO8HQSA54I?feature=oembed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Feb 2021 12:04:11 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=_mZ6ltfORsM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=7ualSW4Bi7U; Domain=.youtube.com; Expires=Wed, 18-Aug-2021 12:04:11 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+342; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK logo.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 19 KB
19 KB 1020ms
235ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 19 Feb 2021 12:04:11 GMT
Last-Modified: Fri, 19 Feb 2021 10:09:49 GMT
Server: nginx
ETag: "602f8e6d-4a32"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 18994
Expires: Fri, 26 Feb 2021 12:04:11 GMT

GET
H/1.1 200
OK museosans-700-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 428ms
239ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 19 Feb 2021 12:04:11 GMT
Last-Modified: Fri, 19 Feb 2021 10:09:49 GMT
Server: nginx
ETag: "602f8e6d-51a4"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20900
Expires: Sat, 19 Feb 2022 12:04:11 GMT

GET
H/1.1 200
OK museosans-100-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 470ms
234ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 19 Feb 2021 12:04:11 GMT
Last-Modified: Fri, 19 Feb 2021 10:09:49 GMT
Server: nginx
ETag: "602f8e6d-50c8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20680
Expires: Sat, 19 Feb 2022 12:04:11 GMT

GET
H/1.1 200
OK museosans-300-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 490ms
237ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 19 Feb 2021 12:04:11 GMT
Last-Modified: Fri, 19 Feb 2021 10:09:49 GMT
Server: nginx
ETag: "602f8e6d-51b8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20920
Expires: Sat, 19 Feb 2022 12:04:11 GMT

GET
H/1.1 200
OK museosans-500-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 487ms
235ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 19 Feb 2021 12:04:11 GMT
Last-Modified: Fri, 19 Feb 2021 10:09:49 GMT
Server: nginx
ETag: "602f8e6d-5194"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20884
Expires: Sat, 19 Feb 2022 12:04:11 GMT

GET
H/1.1 200
OK museosans-700italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 15 KB
16 KB 396ms
133ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 19 Feb 2021 12:04:11 GMT
Last-Modified: Fri, 19 Feb 2021 10:09:56 GMT
Server: nginx
ETag: "602f8e74-3dcc"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 15820
Expires: Sat, 19 Feb 2022 12:04:11 GMT

GET
H/1.1 200
OK museosans-300italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 23 KB
23 KB 507ms
240ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 19 Feb 2021 12:04:11 GMT
Last-Modified: Fri, 19 Feb 2021 10:09:49 GMT
Server: nginx
ETag: "602f8e6d-5bac"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 23468
Expires: Sat, 19 Feb 2022 12:04:11 GMT

GET
H2 200 0.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2018/08/15115541/ 10 KB
11 KB 10ms
5ms Image
image/jpeg 2600:9000:206f:d200:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/08/15115541/0.jpeg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b1b3e1dbec0a6b898bf6b8f17caa692c112ba2d215a1300b1c014c75f9f5ad8

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 01:34:47 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront), 1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
last-modified: Mon, 20 Aug 2018 15:57:19 GMT
server: AmazonS3
age: 7727365
etag: "756a0525b47f4557fdfec408731afd91"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA56-C1
accept-ranges: bytes
content-length: 10662
x-amz-cf-id: Blg1RGoHplz-oTBUUenfOaqHLXnWfbT-pxNIP2RNjqZF5u4egLZ5lA==
expires: Tue, 20 Aug 2019 15:57:18 GMT

GET
H2 200 SMB-webinar-promo-article-b.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/02/17150450/ 157 KB
157 KB 13ms
8ms Image
image/jpeg 2600:9000:206f:d200:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/02/17150450/SMB-webinar-promo-article-b.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 793c1fa20d428c9cc9f0af0179d9de217c124f5d19d31c6b36878ba793bbacd2

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 20:11:14 GMT
via: 1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront), 1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 20:04:51 GMT
server: AmazonS3
age: 143578
etag: "a2fa17a9d3c4987c5c58e2be2ebd9669"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA56-C1
accept-ranges: bytes
content-length: 160257
x-amz-cf-id: mEJED9n7sXe91fRSEZufkQveoQpJUizrxaXNES7zgQq7Bx0VqpLyhQ==
expires: Thu, 17 Feb 2022 20:04:50 GMT

GET
H2 200 Apple-Singapore-Store-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/12/02084324/ 39 KB
39 KB 21ms
15ms Image
image/jpeg 2600:9000:206f:d200:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/12/02084324/Apple-Singapore-Store-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c6319cf0ae3791d36abec1ac52b8ac41732ade91b9e1408839a34a42953bd57

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 00:24:52 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront), 1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
last-modified: Wed, 02 Dec 2020 13:43:29 GMT
server: AmazonS3
age: 128360
etag: "4096725c06653dedcb9550662e4d864c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA56-C1
accept-ranges: bytes
content-length: 39894
x-amz-cf-id: JgBjNqSgn8xlOba5A4CkBXer58KR2fsG96rXQgUvAGtjP-uo45X4og==
expires: Thu, 02 Dec 2021 13:43:28 GMT

GET
H2 200 2020-Kia-Soul-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/02/18150341/ 31 KB
31 KB 22ms
16ms Image
image/jpeg 2600:9000:206f:d200:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/02/18150341/2020-Kia-Soul-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be3035303da80d81f11b1f24ef904f694c3d026b388f02e621023bc21566c1c0

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 20:06:40 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront), 1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
last-modified: Thu, 18 Feb 2021 20:03:46 GMT
server: AmazonS3
age: 57452
etag: "5fa7fb031a4e00728154bcfdb02e303f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA56-C1
accept-ranges: bytes
content-length: 31395
x-amz-cf-id: O88weYA0hWk-ADw0Sqs3yx_VI90SnZMIZ2Dx7ZncLwsssCFzJN-F2w==
expires: Fri, 18 Feb 2022 20:03:45 GMT

GET
H2 200 camera_video_lens-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/02/18084733/ 27 KB
27 KB 22ms
17ms Image
image/jpeg 2600:9000:206f:d200:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/02/18084733/camera_video_lens-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3836a9f50f5e4696de24c58aa91b4b39c4a7631cf474cff0dd5963e6a735147e

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 14:02:18 GMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront), 1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
last-modified: Thu, 18 Feb 2021 13:47:38 GMT
server: AmazonS3
age: 79314
etag: "f7194d6fd0665290ea3cdcbe5589bd72"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA56-C1
accept-ranges: bytes
content-length: 27381
x-amz-cf-id: YZvn6csItPNMOlMeNQF2j43igYZqkxCGc0-n0ssQAnZW7C1v83cr3g==
expires: Fri, 18 Feb 2022 13:47:37 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ 331 KB
129 KB 38ms
19ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b89c4addd9525e5ecf970750e2f2477a9354a59467997c8aa2d79adc55594e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://threatpost.com
Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1791
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131815
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 11:34:20 GMT

GET
H/1.1 200
OK mail-plane-light.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 828 B
722 B 746ms
138ms Image
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-light.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 19 Feb 2021 12:04:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 10:10:00 GMT
Server: nginx
ETag: W/"602f8e78-33c"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 26 Feb 2021 12:04:11 GMT

GET
H/1.1 200
OK twitter-blue.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 868 B
847 B 694ms
132ms Image
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/twitter-blue.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 19 Feb 2021 12:04:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 10:10:00 GMT
Server: nginx
ETag: W/"602f8e78-364"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 26 Feb 2021 12:04:11 GMT

GET
H2 200 credit-card-skimmer-1-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/11/20105102/ 2 KB
2 KB 11ms
7ms Image
image/jpeg 2600:9000:206f:d200:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/11/20105102/credit-card-skimmer-1-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 609d9dd3d8b83017d59c1dc4b1cec1b7033a04075060c78be1e0acc257da7757

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 15:01:33 GMT
via: 1.1 3f7bd14926d2704d3a00300bdc9dae98.cloudfront.net (CloudFront), 1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
last-modified: Fri, 20 Nov 2020 15:51:05 GMT
server: AmazonS3
age: 4395759
etag: "87311d3a07ab066308ec92b0215226ca"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: HAM50-C3, FRA56-C1
accept-ranges: bytes
content-length: 2046
x-amz-cf-id: DhMAC7H9qr5eKDXf3syMxtXDzel1euCFNvpwlbMkwUraWa2X3zgX5A==
expires: Sat, 20 Nov 2021 15:51:04 GMT

GET
H2 200 data-dump-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/12/07083811/ 2 KB
2 KB 17ms
14ms Image
image/jpeg 2600:9000:206f:d200:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/12/07083811/data-dump-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84c648e10fd55ab151cb6ab5df265a7e2d6c32a64c5dc1b85d6d667e158a2098

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 01:50:14 GMT
via: 1.1 79bfa0191487d8596f869845b4df5329.cloudfront.net (CloudFront), 1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 13:38:15 GMT
server: AmazonS3
age: 2456038
etag: "fa9667c7c9daab9215c676e3969c8501"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: MUC51-C1, FRA56-C1
accept-ranges: bytes
content-length: 1644
x-amz-cf-id: Q6SbC3JqiMqvUJfUKdkJyRBNyivjn-myNBVnE_01yXJWxUTHTFVpHg==
expires: Tue, 07 Dec 2021 13:38:14 GMT

GET
H2 200 Magento_Ecomerce-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/10/24152937/ 1 KB
2 KB 11ms
7ms Image
image/jpeg 2600:9000:206f:d200:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/10/24152937/Magento_Ecomerce-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc40f75f13ff349ba67fc15f5efa01efc49bbfb995621578bd451695af7ef7f0

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Dec 2020 17:13:34 GMT
via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront), 1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
last-modified: Wed, 24 Oct 2018 19:29:39 GMT
server: AmazonS3
age: 4992638
etag: "2a191a1a0f7bae814f02136de3ae510a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1, FRA56-C1
accept-ranges: bytes
content-length: 1517
x-amz-cf-id: c3VPMF18Q-i--P5tscOJ54NVaNLD6DCafu-I7GgO7pAb6GCDKV1k8A==
expires: Thu, 24 Oct 2019 19:29:37 GMT

GET
H2 200 USA_Flag_State_Sponsored_Hacking-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/08/22171825/ 2 KB
3 KB 16ms
13ms Image
image/jpeg 2600:9000:206f:d200:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/08/22171825/USA_Flag_State_Sponsored_Hacking-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0937ab036c11b8d4593c97bacc66f50baa0de8747832e28d9367533f69a1eefd

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 21:01:32 GMT
via: 1.1 ccc3c8305c079db66ab9ac68a1ea9cd9.cloudfront.net (CloudFront), 1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
last-modified: Wed, 22 Aug 2018 21:18:28 GMT
server: AmazonS3
age: 5151760
etag: "b9614110e06131532968e0a5d67a5675"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: HAM50-C3, FRA56-C1
accept-ranges: bytes
content-length: 2491
x-amz-cf-id: E7EkXQeWGtAyRL4oa5prYsVjVm3UBh0KQWs9HAQHmYSuLz2QfkCYcQ==
expires: Thu, 22 Aug 2019 21:18:25 GMT

GET
H2 200 FinSpy-malware-macOS-Linux-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/09/28134930/ 2 KB
3 KB 16ms
14ms Image
image/jpeg 2600:9000:206f:d200:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/09/28134930/FinSpy-malware-macOS-Linux-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c549dc822027008d44be097358d6e36843a0700d4703a08d68908ddd5eedee9f

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 23:11:54 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront), 1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
last-modified: Mon, 28 Sep 2020 17:49:33 GMT
server: AmazonS3
age: 5489538
etag: "13a08c4cb120e41939db39dee9fef305"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA56-C1
accept-ranges: bytes
content-length: 2346
x-amz-cf-id: QTNDMAkvoldKysECooOa-CNKG2P3Gi1dapGvz422VftNThAs1GVUVg==
expires: Tue, 28 Sep 2021 17:49:32 GMT

GET
H/1.1 200
OK mail-plane-large-dark.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 812 B
722 B 403ms
137ms Image
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-large-dark.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 19 Feb 2021 12:04:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 10:09:49 GMT
Server: nginx
ETag: W/"602f8e6d-32c"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 26 Feb 2021 12:04:12 GMT

GET
H/1.1 200
OK logo-white.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 10 KB
10 KB 395ms
136ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo-white.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1613729400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Fri, 19 Feb 2021 12:04:12 GMT
Last-Modified: Fri, 19 Feb 2021 10:10:00 GMT
Server: nginx
ETag: "602f8e78-260a"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 9738
Expires: Fri, 26 Feb 2021 12:04:12 GMT

GET
H2 200 connatix.player.css
cds.connatix.com/p/102412/ 53 KB
8 KB 46ms
44ms Stylesheet
text/css 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/102412/connatix.player.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 503033d6d03cb3ae50c1f5afaecefda23b646efcdeccee5184958c2145483753

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: smN4es_INHkZQO3qF2jrjvxR0gOTPjp3
via: 1.1 varnish, 1.1 varnish
etag: "60d5eceaad5c0bc9cb6022b47e775a82"
age: 59053
x-cache: HIT, HIT
x-amz-replication-status: FAILED
content-encoding: br
content-length: 8314
x-served-by: cache-dca17766-DCA, cache-hhn4045-HHN
last-modified: Thu, 18 Feb 2021 19:37:35 GMT
x-timer: S1613736251.218329,VS0,VE0
date: Fri, 19 Feb 2021 12:04:11 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 2241

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 54ms
53ms XHR
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8kbPIzTLk7_TMvnggUSDACBTugDfX2qC
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 20228
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 29 Jan 2021 06:42:57 GMT
server: AmazonS3
date: Fri, 19 Feb 2021 06:33:19 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 d9c696d6d0c92f63870873ced2895baa.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: ffxUR4bbbpqd8ER--4XoiEPRkW160dE2yLz5XFmRr274-jJBRb7zyQ==

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/1c732901/ Frame C1D2 340 KB
51 KB 38ms
23ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1c732901/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6d62968f950e012756127c75eaed41a5b5d326c914ca18567f1ba19b7b1807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 01:19:22 GMT
server: sffe
age: 69518
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52112
x-xss-protection: 0
expires: Fri, 18 Feb 2022 16:45:33 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/1c732901/www-embed-player.vflset/ Frame C1D2 157 KB
57 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1c732901/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2812b5871e2eb8b88106d7c764dd455a05f541a5dc56d6338b0ce912cdef09e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 01:19:22 GMT
server: sffe
age: 69518
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58449
x-xss-protection: 0
expires: Fri, 18 Feb 2022 16:45:33 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/ Frame C1D2 2 MB
495 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f50c53e0d96300d7a6c66b9b337b3435531fdef0a2763d4cdd7c973e1df35efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 01:19:22 GMT
server: sffe
age: 69012
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 506939
x-xss-protection: 0
expires: Fri, 18 Feb 2022 16:53:59 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/1c732901/fetch-polyfill.vflset/ Frame C1D2 8 KB
3 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1c732901/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 01:19:22 GMT
server: sffe
age: 69518
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Fri, 18 Feb 2022 16:45:33 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C1D2 10 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 27513
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Sat, 19 Feb 2022 04:25:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 779
date: Fri, 19 Feb 2021 11:51:12 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 19 Feb 2021 13:51:12 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 12ms
11ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 90c501333a7444708a246330a634f98e52bd74a68db4c33eae13fa9cfffcf3fe

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:11 GMT
content-encoding: gzip
etag: "4sqkL39cwPnSlignmO0UhA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 26 Feb 2021 12:04:11 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 47ms
46ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:11 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 40387
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1613736251.337887,VS0,VE0
x-served-by: cache-hhn11574-HHN

POST
H/1.1 200
OK pls Show response
capi.connatix.com/core/ Frame BF41 7 KB
3 KB 596ms
152ms XHR
multipart/form-data 18.224.195.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=102412
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.195.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: 8c8ef346a016f391c45a0711e59f68b3cd25fe345071f77e7e75dcf6de4783ef

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Feb 2021 12:04:11 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 rules-p-_7kVx0t9Jqj90.js Show response
rules.quantcount.com/ 3 B
357 B 156ms
125ms Script
application/x-javascript 2600:9000:2127:7c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-_7kVx0t9Jqj90.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:7c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:01:55 GMT
via: 1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 136
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
cache-control: max-age=300
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: -1thRIVntP1SBmNBSDMRwcmwupESSsuaRK4ciQl0zHVZ4YvyeeP8Hg==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
65 B 13ms
13ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=992816760&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fcybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams%2F164086%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w&ul=en-us&de=UTF-8&dt=Cybercriminal%20Enterprise%20%27Ringleaders%27%20Stole%20%2455M%20Via%20COVID-19%20Fraud%2C%20Romance%20Scams%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2057280390&gjid=134881683&cid=187405518.1613736251&tid=UA-35676203-21&_gid=208988290.1613736251&_r=1&gtm=2wg2a1PM29HLF&z=215193488

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 12:04:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 7ms
6ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&aip=1&a=992816760&t=event&ni=0&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fcybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams%2F164086%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w&ul=en-us&de=UTF-8&dt=Cybercriminal%20Enterprise%20%27Ringleaders%27%20Stole%20%2455M%20Via%20COVID-19%20Fraud%2C%20Romance%20Scams%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VISIBILITY&ea=elementVisibility%20%2F%20%5BHeader%5D%20%2F%20Social%20Networks%20View&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=187405518.1613736251&tid=UA-35676203-21&_gid=208988290.1613736251&gtm=2wg2a1PM29HLF&z=696303188

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 03:29:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 30859
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-35676203-21&cid=187405518.1613736251&jid=2057280390&gjid=134881683&_gid=208988290.1613736251&_u=YEBAAEAAAAAAAC~&z=670244010

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Feb 2021 12:04:11 GMT
content-type: text/plain
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame C1D2 113 B
440 B 83ms
80ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1c732901/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a2b2716997f15b6f3d225922f345754426ba75c0d3291b1daf433ddabf15354f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C1D2 29 B
406 B 44ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1c732901/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:00:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 225
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Fri, 19 Feb 2021 12:15:26 GMT

GET
H2 200 adsct
t.co/i/ 43 B
170 B 185ms
181ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fcybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams%2F164086%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 111
pragma: no-cache
last-modified: Fri, 19 Feb 2021 12:04:11 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: fba67a7c2e27e2294ebae6c57166df55
x-transaction: 00095c5000ab5140
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
271 B 29ms
18ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-35676203-21&cid=187405518.1613736251&jid=2057280390&_u=YEBAAEAAAAAAAC~&z=922882354

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 12:04:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 27ms
16ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-35676203-21&cid=187405518.1613736251&jid=2057280390&_u=YEBAAEAAAAAAAC~&z=922882354

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 12:04:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/ Frame C1D2 95 KB
31 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdbd1eb459cc3afe33f1a009acd8b3dc10faf7abffbdb86af951ad89a5eb86f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 01:19:22 GMT
server: sffe
age: 68963
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32166
x-xss-protection: 0
expires: Fri, 18 Feb 2022 16:54:48 GMT

GET
H3-Q050 200 -3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js Show response
www.google.com/js/bg/ Frame C1D2 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 06:33:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:00:00 GMT
server: sffe
age: 19837
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6187
x-xss-protection: 0
expires: Sat, 19 Feb 2022 06:33:34 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/ Frame C1D2 29 KB
10 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214f4dfa46fa3332319a25096f499e734e2ff5acdfddf37c4313e7f0f7c9d003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 01:19:22 GMT
server: sffe
age: 69011
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9675
x-xss-protection: 0
expires: Fri, 18 Feb 2022 16:54:00 GMT

GET
DATA 200
OK truncated
/ Frame C1D2 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwninKBYaZ7SM6HS_KHrNyyhJpnifxhuKK9UuTak9UQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame C1D2 3 KB
3 KB 39ms
6ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwninKBYaZ7SM6HS_KHrNyyhJpnifxhuKK9UuTak9UQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7539022ead12746501d8d305f5985f79e3f89ae0b3ab4eb2f157f0193bb3b055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:06:21 GMT
x-content-type-options: nosniff
age: 10670
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3163
x-xss-protection: 0
server: fife
etag: "v150"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 20 Feb 2021 04:56:41 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/VQO8HQSA54I/ Frame C1D2 31 KB
32 KB 47ms
16ms Image
image/webp 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/VQO8HQSA54I/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3ef38c520568d28174ad0fb17fd15c7fbe35453b84c3a9c56f70845a143dc4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:11 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1613057391"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31984
x-xss-protection: 0
expires: Fri, 19 Feb 2021 14:04:11 GMT

POST error
quantcount.com/log/ 0
0

GET
H3-Q050 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C1D2 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1c732901/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 06:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1801
x-xss-protection: 0
expires: Fri, 19 Feb 2021 12:04:11 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame C1D2 0
38 B 10ms
8ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?cFXRtw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:11 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame BF41 0
301 B 593ms
146ms XHR
multipart/form-data 18.224.195.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=102412
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.195.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Feb 2021 12:04:12 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

GET
H2 200 3_media.bin Show response
vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/ Frame BF41 232 B
468 B 138ms
43ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/3_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1e6cc52bffa814d7c7912cd64a2ef303e6a2f2387b428173dca05f032bfa5788

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:12 GMT
content-encoding: gzip
last-modified: Thu, 17 Sep 2020 01:42:41 GMT
age: 1331802
etag: "796c77896c9738780ae744fd3eb73483"
x-served-by: cache-bwi5151-BWI, cache-hhn4025-HHN
vary: Accept-Encoding
x-cache: HIT, HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-timer: S1613736252.302633,VS0,VE1
content-length: 204
x-cache-hits: 1, 1

GET
H2 200 1.png
img.connatix.com/c2ecd04f-0dca-4ffa-8761-d93b34717380/ 4 KB
5 KB 51ms
42ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/c2ecd04f-0dca-4ffa-8761-d93b34717380/1.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 98170098ad5b9e0e27bc80b4fab39889cb6437246979ee85680f64bb77d03a08

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:12 GMT
content-encoding: br
age: 1136145
x-cache: HIT, HIT
fastly-io-info: ifsz=8114 idim=288x42 ifmt=png ofsz=4328 odim=288x42 ofmt=webp
fastly-stats: io=1
content-length: 4333
x-served-by: cache-dca17761-DCA, cache-hhn4045-HHN
access-control-allow-origin: *
x-timer: S1613736252.223623,VS0,VE1
etag: "E00cBQTrMvE7BFKf7WtTa6oGFTVX3QMTXtfExBtu+i8"
vary: Accept
x-amz-request-id: JNB1VXZ9AXZRSP78
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 1

GET
H2 200 flipboard.svg
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/ 236 B
567 B 276ms
274ms Image
image/svg+xml 2600:9000:206f:5a00:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/flipboard.svg
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=8cd19980
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=8cd19980
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Fri, 19 Feb 2021 12:04:12 GMT
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 10:09:55 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"602f8e73-ec"
x-cache: Miss from cloudfront
content-type: image/svg+xml
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
x-amz-cf-id: R9KHWIg2J46vpcOVJTpD3G9-XZTdRThVA7_PgWDv9OQJTef8w-j0iw==
expires: Fri, 26 Feb 2021 12:04:12 GMT

GET
H2 200 fontawesome-webfont.woff2
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/ 75 KB
76 KB 381ms
364ms Font
font/woff2 2600:9000:206f:5a00:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=8cd19980
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://threatpost.com
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=8cd19980
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Fri, 19 Feb 2021 12:04:12 GMT
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
last-modified: Fri, 19 Feb 2021 10:09:50 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: "602f8e6e-12d68"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 77160
x-amz-cf-id: v61kZcTrbqoVH6bx6t5By2xl5eYms6jMztb4SJPB6COsRTGhdp1HCw==
expires: Sat, 19 Feb 2022 12:04:12 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
283 B 180ms
180ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fcybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams%2F164086%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Fri, 19 Feb 2021 12:04:12 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 6ed15088e593ff3dcc4afbaad73823a0
x-transaction: 0019ce65001f2388
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B8D6 22 KB
12 KB 28ms
27ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&theme=standard&size=normal&cb=79hlwc8iimnk

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f7b3473e0ca45186ae7002743521ec646c0ba67fd5d8ce374a2fb2ecfc3ad6f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z8j2m5dvtWktO2ccSCafWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&theme=standard&size=normal&cb=79hlwc8iimnk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Feb 2021 12:04:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-z8j2m5dvtWktO2ccSCafWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 12130
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 400 / Show response
graph.facebook.com/ 202 B
593 B 51ms
36ms XHR
application/json 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fthreatpost.com%2Fcybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams%2F164086%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dfa988eb51e0609282bd3fe438235f236659082bad2f7408e0813d699c628284

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1003331240
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 148
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Gar4qEn4w8AV3NBhynuhe+4qv6GVjVtzHli2D6ED2e1SmzvyR0Paj2XvjZwRg4OvVt2OrqjH/eXK/r4QN6X67A==
x-fb-trace-id: DELh3UjcuiM
date: Fri, 19 Feb 2021 12:04:12 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-fb-request-id: Ag3o0EieOwffiC7M-PzyLeV
cache-control: no-store
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame BF41 0
301 B 399ms
156ms XHR
multipart/form-data 18.224.195.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=102412
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.195.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Feb 2021 12:04:12 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame BF41 0
301 B 547ms
146ms XHR
multipart/form-data 18.224.195.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=102412
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.195.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Feb 2021 12:04:12 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

GET
H2 200 1_th.jpg
img.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/ 2 KB
2 KB 49ms
42ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/1_th.jpg?crop=400:225,smart&width=400&height=225&format=jpeg&quality=60&fit=crop
Requested by: Host: threatpost.com
URL: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3773223dc3f0b2c5f4ba6310b5eb478b52db9c305623545b0723b10a1e636b14

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:12 GMT
content-encoding: br
age: 1136143
x-cache: HIT, HIT
fastly-io-info: ifsz=36645 idim=2560x1440 ifmt=jpeg ofsz=2098 odim=400x225 ofmt=webp
fastly-stats: io=1
content-length: 2038
x-served-by: cache-dca17775-DCA, cache-hhn4045-HHN
access-control-allow-origin: *
x-timer: S1613736252.400784,VS0,VE1
etag: "iDhG33Z1a+GgxtfhSqjNbZ1Iz0hjRhSMeN4Q5WPVjm0"
vary: Accept
x-amz-request-id: GJGHS63CWTMWFJ13
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 1

GET
H2 404 share
www.linkedin.com/countserv/count/ 0
0 111ms
109ms Script
text/html 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linkedin.com/countserv/count/share?url=https%3A%2F%2Fthreatpost.com%2Fcybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams%2F164086%2F&format=jsonp&callback=jQuery112401049728177552145_1613736250840&_=1613736250841
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 info.json Show response
www.reddit.com/api/ 102 B
1 KB 532ms
433ms XHR
application/json 151.101.113.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fthreatpost.com%2Fcybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams%2F164086%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

f4f2c0a4763f01ee2b13b4f8189e6fd5f32bd704d71fed8d0f11883de9724198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:12 GMT
via: 1.1 varnish
x-content-type-options: nosniff
content-length: 102
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
server: snooserv
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: -1

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0AE0 20 KB
11 KB 35ms
34ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&theme=light&size=normal&cb=1a0jdvfhs6vw

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

94b6aa5c8d4de565e3e9213dee902468aab377f680aeb19c9ff47941a9b1c487

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Vi4AoSu4fO10DOu/3ZtC0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&theme=light&size=normal&cb=1a0jdvfhs6vw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Feb 2021 12:04:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-Vi4AoSu4fO10DOu/3ZtC0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10814
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame BF41 68 B
368 B 643ms
228ms XHR
multipart/form-data 18.224.195.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=102412
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.195.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: 2741ebe7c6b491ff8a2dce56b095da60b3ce45b0c849da3907bf9b7f9ed16f49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Feb 2021 12:04:12 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67

GET
H2 200 prebid4.17.0-2.js Show response
cds.connatix.com/p/plugins/ Frame BF41 299 KB
85 KB 44ms
43ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/plugins/prebid4.17.0-2.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41cee2dce48fb094367da8051cdfefceaf74cdced3640aeccf4d36875394d699

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ohhx1Y_MrDku6hvSNDUx_xrBhr0R9lcY
via: 1.1 varnish, 1.1 varnish
etag: "fe5d4207f98b38374b7f85ec059e0cec"
age: 1137647
x-cache: HIT, HIT
x-amz-replication-status: FAILED
content-encoding: br
content-length: 86548
x-served-by: cache-dca17775-DCA, cache-hhn4045-HHN
last-modified: Wed, 03 Feb 2021 08:53:15 GMT
x-timer: S1613736252.422956,VS0,VE0
date: Fri, 19 Feb 2021 12:04:12 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 17925

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ Frame B8D6 50 KB
25 KB 6ms
5ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&theme=standard&size=normal&cb=79hlwc8iimnk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&theme=standard&size=normal&cb=79hlwc8iimnk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:34:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
age: 23411
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Sat, 19 Feb 2022 05:34:01 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ Frame B8D6 331 KB
129 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b89c4addd9525e5ecf970750e2f2477a9354a59467997c8aa2d79adc55594e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&theme=standard&size=normal&cb=79hlwc8iimnk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 947
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131815
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 11:48:25 GMT

GET
H2 200 playlist.m3u8 Show response
vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/ Frame BF41 309 B
326 B 45ms
45ms XHR
application/x-mpegurl 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/playlist.m3u8
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:12 GMT
content-encoding: gzip
last-modified: Mon, 07 Sep 2020 18:49:42 GMT
age: 648820
etag: "8a966507b13615ecdc1330a4bc9dcfe1"
x-served-by: cache-bwi5121-BWI, cache-hhn4025-HHN
vary: Accept-Encoding
x-cache: HIT, HIT
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-timer: S1613736252.462029,VS0,VE1
content-length: 164
x-cache-hits: 1, 1

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ Frame 0AE0 50 KB
25 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&theme=light&size=normal&cb=1a0jdvfhs6vw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&theme=light&size=normal&cb=1a0jdvfhs6vw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:34:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
age: 23411
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Sat, 19 Feb 2022 05:34:01 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ Frame 0AE0 331 KB
129 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b89c4addd9525e5ecf970750e2f2477a9354a59467997c8aa2d79adc55594e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&theme=light&size=normal&cb=1a0jdvfhs6vw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 947
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131815
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 11:48:25 GMT

GET
DATA 200
OK truncated
/ Frame B8D6 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B8D6 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B8D6 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/styles__ltr.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/styles__ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 15:40:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 159834
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Wed, 24 Feb 2021 15:40:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B8D6 10 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&theme=standard&size=normal&cb=79hlwc8iimnk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 16:25:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 329941
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Tue, 15 Feb 2022 16:25:11 GMT

GET
H3-Q050 200 ydOkLltXi3sqQKXr7jbzvkiy7BPEOycBi3b1_S2JNe8.js Show response
www.google.com/js/bg/ Frame B8D6 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/ydOkLltXi3sqQKXr7jbzvkiy7BPEOycBi3b1_S2JNe8.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9d3a42e5b578b7b2a40a5ebee36f3be48b2ec13c43b27018b76f5fd2d8935ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&theme=standard&size=normal&cb=79hlwc8iimnk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:00:00 GMT
server: sffe
age: 101628
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6266
x-xss-protection: 0
expires: Fri, 18 Feb 2022 07:50:24 GMT

GET
H2 200 0.m3u8 Show response
vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/ Frame BF41 5 KB
1 KB 51ms
50ms XHR
application/x-mpegurl 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/0.m3u8
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ac1eed21fdddd6a981458cc46e79523f77a9b44b9b639d9df405c0d9827cc552

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:12 GMT
content-encoding: gzip
last-modified: Mon, 07 Sep 2020 18:49:41 GMT
age: 1925106
etag: "3a71266b043248350b2f39a55da8294e"
x-served-by: cache-bwi5129-BWI, cache-hhn4025-HHN
vary: Accept-Encoding
x-cache: HIT, HIT
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-timer: S1613736253.565310,VS0,VE1
content-length: 959
x-cache-hits: 1, 1

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame B8D6 102 B
183 B 17ms
17ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

81fa50822806b58c63d123c956b740c92033836e2477e82237f9c9ca0fa8c3a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&theme=standard&size=normal&cb=79hlwc8iimnk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 19 Feb 2021 12:04:12 GMT

GET
H3-Q050 200 ydOkLltXi3sqQKXr7jbzvkiy7BPEOycBi3b1_S2JNe8.js Show response
www.google.com/js/bg/ Frame 0AE0 14 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/ydOkLltXi3sqQKXr7jbzvkiy7BPEOycBi3b1_S2JNe8.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9d3a42e5b578b7b2a40a5ebee36f3be48b2ec13c43b27018b76f5fd2d8935ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&theme=light&size=normal&cb=1a0jdvfhs6vw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:00:00 GMT
server: sffe
age: 101628
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6266
x-xss-protection: 0
expires: Fri, 18 Feb 2022 07:50:24 GMT

OPTIONS
H2 200 0.mp4
vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/ Frame 0
0 42ms
42ms Other 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/0.mp4
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: range
accept-ranges: bytes
date: Fri, 19 Feb 2021 12:04:12 GMT
x-served-by: cache-hhn4025-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1613736253.709722,VS0,VE0
cache-control: max-age=31557600
content-length: 0

GET
H2 206 0.mp4 Show response
vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/ Frame BF41 1 KB
2 KB 43ms
42ms XHR
video/mp4 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/0.mp4
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8c207773b5b242229f77be9cde555a9cf5ced8288409f80da3d5192706e40e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-1428

Response headers

date: Fri, 19 Feb 2021 12:04:12 GMT
last-modified: Mon, 07 Sep 2020 18:49:41 GMT
age: 119410
etag: "7e14a97a9fd99818d5080eb2d1b8cc43-7"
x-served-by: cache-bwi5122-BWI, cache-hhn4025-HHN
x-cache: MISS, HIT
content-type: video/mp4
Content-Range: bytes 0-1428/32479190
cache-control: max-age=31557600
accept-ranges: bytes
x-timer: S1613736253.752407,VS0,VE0
access-control-allow-origin: *
Content-Length: 1429
x-cache-hits: 0, 1

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0AE0 102 B
134 B 30ms
28ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

81fa50822806b58c63d123c956b740c92033836e2477e82237f9c9ca0fa8c3a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&theme=light&size=normal&cb=1a0jdvfhs6vw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 19 Feb 2021 12:04:12 GMT

GET
H3-Q050 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 85F3 7 KB
1 KB 29ms
24ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=zf6xv1l5kkyt

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b13b5be1c8edf1bb856a1d79be90e3460f91fec36f6d62ae1c3658c1e18357bd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p9yd1hwmvYrQk9xzUOVZeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=zf6xv1l5kkyt
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Feb 2021 12:04:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-p9yd1hwmvYrQk9xzUOVZeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1122
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 0.mp4
vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/ Frame 0
0 42ms
42ms Other 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/0.mp4
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: range
accept-ranges: bytes
date: Fri, 19 Feb 2021 12:04:12 GMT
x-served-by: cache-hhn4025-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1613736253.875411,VS0,VE0
cache-control: max-age=31557600
content-length: 0

GET
H2 206 0.mp4 Show response
vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/ Frame BF41 444 KB
445 KB 44ms
42ms XHR
video/mp4 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/0.mp4
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dd7d093a1d67babe8e574f94231253e281cf71195d34d8d7035329c655915c90

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=1429-456334

Response headers

date: Fri, 19 Feb 2021 12:04:12 GMT
last-modified: Mon, 07 Sep 2020 18:49:41 GMT
age: 119410
etag: "7e14a97a9fd99818d5080eb2d1b8cc43-7"
x-served-by: cache-bwi5122-BWI, cache-hhn4025-HHN
x-cache: MISS, HIT
content-type: video/mp4
Content-Range: bytes 1429-456334/32479190
cache-control: max-age=31557600
accept-ranges: bytes
x-timer: S1613736253.919326,VS0,VE0
access-control-allow-origin: *
Content-Length: 454906
x-cache-hits: 0, 2

GET
H3-Q050 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 3F75 7 KB
1 KB 17ms
17ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&cb=g89vo8ymmn2v

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0c02f9c7b75ad0ad2770421afbf4226525b1cbcdf0214e29dea93ab42b88413e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5Eu9D1Z5qIqgO2mdbxt3uA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&cb=g89vo8ymmn2v
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatpost.com/cybercriminal-enterprise-ringleaders-stole-55m-via-covid-19-fraud-romance-scams/164086/?_hsmi=88974744&_hsenc=p2ANqtz-8CEFe9qwa3XA5v884FBPNNZ5_7I6FT6YZqX-aRMLCUYt659VGy8T6PoEjrmnwR4Y-sbexHsbrQFzFEnBekrPjhHAcqISNlNZm9OYP8bgOHw_i8Y2w

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Feb 2021 12:04:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-5Eu9D1Z5qIqgO2mdbxt3uA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1120
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ Frame 85F3 50 KB
25 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=zf6xv1l5kkyt

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=zf6xv1l5kkyt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:34:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
age: 23411
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Sat, 19 Feb 2022 05:34:01 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ Frame 85F3 331 KB
129 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=zf6xv1l5kkyt

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b89c4addd9525e5ecf970750e2f2477a9354a59467997c8aa2d79adc55594e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=zf6xv1l5kkyt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 947
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131815
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 11:48:25 GMT

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ Frame 3F75 50 KB
25 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&cb=g89vo8ymmn2v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&cb=g89vo8ymmn2v
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:34:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
age: 23411
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Sat, 19 Feb 2022 05:34:01 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ Frame 3F75 331 KB
129 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&cb=g89vo8ymmn2v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b89c4addd9525e5ecf970750e2f2477a9354a59467997c8aa2d79adc55594e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&cb=g89vo8ymmn2v
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 947
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131815
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 11:48:25 GMT

OPTIONS
H2 200 0.mp4
vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/ Frame 0
0 44ms
43ms Other 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/0.mp4
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: range
accept-ranges: bytes
date: Fri, 19 Feb 2021 12:04:13 GMT
x-served-by: cache-hhn4025-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1613736253.490216,VS0,VE0
cache-control: max-age=31557600
content-length: 0

GET
H2 206 0.mp4 Show response
vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/ Frame BF41 390 KB
390 KB 45ms
45ms XHR
video/mp4 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/0.mp4
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 91e8f81ef3c99be20d905536aa719b1fd716ce7760080c3ca6b0cd552723535d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=456335-855191

Response headers

date: Fri, 19 Feb 2021 12:04:13 GMT
last-modified: Mon, 07 Sep 2020 18:49:41 GMT
age: 119411
etag: "7e14a97a9fd99818d5080eb2d1b8cc43-7"
x-served-by: cache-bwi5122-BWI, cache-hhn4025-HHN
x-cache: MISS, HIT
content-type: video/mp4
Content-Range: bytes 456335-855191/32479190
cache-control: max-age=31557600
accept-ranges: bytes
x-timer: S1613736254.533961,VS0,VE0
access-control-allow-origin: *
Content-Length: 398857
x-cache-hits: 0, 3

POST
H/1.1 200
OK mq Show response
capi.connatix.com/tr/ Frame BF41 0
301 B 145ms
145ms XHR
multipart/form-data 18.224.195.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/mq?v=102412
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.195.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Feb 2021 12:04:13 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

POST
H/1.1 200
OK sv Show response
capi.connatix.com/tr/ Frame BF41 0
301 B 147ms
146ms XHR
multipart/form-data 18.224.195.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sv?v=102412
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.195.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Feb 2021 12:04:14 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame BF41 0
301 B 145ms
144ms XHR
multipart/form-data 18.224.195.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=102412
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.195.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Feb 2021 12:04:17 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame BF41 0
301 B 146ms
145ms XHR
multipart/form-data 18.224.195.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=102412
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.195.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Feb 2021 12:04:19 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C1D2 28 B
293 B 21ms
21ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1c732901/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/VQO8HQSA54I?feature=oembed
X-YouTube-Client-Version: 1.20210217.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgs3dWFsU1c0Qmk3VSi60r6BBg%3D%3D
X-YouTube-Ad-Signals: dt=1613736251493&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C664%2C374&vis=1&wgl=true&ca_type=image&bid=ANyPxKr03dH-5YZcypzW32qgIdxMPI-XyK4azM0F6F50J24H8xxIDO60KniSOTswZS2HdFYpox_NhDPen3gBR57PrIe9KqnkpQ

Response headers

date: Fri, 19 Feb 2021 12:04:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 19 Feb 2021 12:04:22 GMT

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame BF41 68 B
368 B 227ms
226ms XHR
multipart/form-data 18.224.195.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=102412
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.195.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: 2741ebe7c6b491ff8a2dce56b095da60b3ce45b0c849da3907bf9b7f9ed16f49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Feb 2021 12:04:24 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67

OPTIONS
H2 200 0.mp4
vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/ Frame 0
0 43ms
42ms Other 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/0.mp4
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: range
accept-ranges: bytes
date: Fri, 19 Feb 2021 12:04:24 GMT
x-served-by: cache-hhn4025-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1613736265.571017,VS0,VE0
cache-control: max-age=31557600
content-length: 0

GET
H2 206 0.mp4 Show response
vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/ Frame BF41 407 KB
407 KB 44ms
44ms XHR
video/mp4 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/54ab44ae-2675-4cee-bcea-ec4cd9d0180b/0.mp4
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3edf0837f49625ad64af84f2a4d223b69ea99fb468ebbb2ece40286dbe64b6a1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=855192-1271452

Response headers

date: Fri, 19 Feb 2021 12:04:24 GMT
last-modified: Mon, 07 Sep 2020 18:49:41 GMT
age: 119422
etag: "7e14a97a9fd99818d5080eb2d1b8cc43-7"
x-served-by: cache-bwi5122-BWI, cache-hhn4025-HHN
x-cache: MISS, HIT
content-type: video/mp4
Content-Range: bytes 855192-1271452/32479190
cache-control: max-age=31557600
accept-ranges: bytes
x-timer: S1613736265.614944,VS0,VE0
access-control-allow-origin: *
Content-Length: 416261
x-cache-hits: 0, 4

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: quantcount.com
URL: https://quantcount.com/log/error?msg=%5BUSPAPI%5D%20unsuccessful:%20TypeError:%20Cannot%20read%20property%20%27getItem%27%20of%20null

Verdicts & Comments Add Verdict or Comment

277 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

532 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://info.silobreaker.com/e2t/tc/VVw6Km2rtFcPW33brmt2vY35BW4TqGZG4ndw0HN179mq_2-HwLV1-WJV7CgTS_VNNRz63rbNHkW1njM7515FrkwVp4XqR2fN3v6W66KRbf2MtvlWW2W3tmX14gcgYVptQm54br9MBW2DVgX-3YbTy8W7pZpT4564-XfW6tdykr7wLRgVW1Tz5jT49znFpW1L9NPM1hQr-1W52XpGK8ZmFT1W8VDqrm6K7hdpW1bnZLS6mB131W7D-RSn2bHNW5W21qqNW2_6Y5DW3lZPKx1jd-5GW840zRg4m50qtW8yBhrt6QTj6LW3zmFxv3v4MGQW3gJRJn1rsbsXW1VNrnl2fNflfW4DJhHT4Lb8FcW6tb-j14bNy4vW9cPfTQ8S26D5W1h4h2Z7z-F-hW3Lg5Yh7RqsqJVB43Wl24Cm9m35b91(Line 13) Message: toS
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 382) Message: gBrowserWidth =1600
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 407) Message: OpenX Slot defined for /21707124336/ThreatPost-970x250-ATF div-gpt-ad-6794670-2
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 407) Message: OpenX Slot defined for /21707124336/ThreatPost-300x250-ATF div-gpt-ad-6794670-3
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 407) Message: OpenX Slot defined for /21707124336/ThreatPost-300x600-ATF div-gpt-ad-6794670-5
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 407) Message: OpenX Slot defined for /21707124336/ThreatPost-2x2-Skin div-gpt-ad-6794670-1
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 27) Message: %cCMP: Startup v270 color: #555599
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 8) Message: uspapi: uspapi_init() - v0.105
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 8) Message: USP: Locale=en-us gdpr= false
console-api	warning	URL: https://qd.admetricspro.com/js/threatpost/prebid.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: ENGINE: gAMPidentityLinkID not present, prebid configured without identyLink
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: ENGINE: gSChainNodes found, prebid configured with 1 supply chain object(s)
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: ENGINE: final pbjs config
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: [object Object]
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: Initial Ad Load
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 27) Message: %cCMP: GVL version is 45 color: #555599
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 27) Message: __uspLaunch begin
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://secure.quantserve.com/quant.js(Line 2) Message: ERROR Fri Feb 19 2021 13:04:11 GMT+0100 (Central European Standard Time) [USPAPI] unsuccessful: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
assets.threatpost.com
c.amazon-adsystem.com
capi.connatix.com
cd.connatix.com
cds.connatix.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
i.ytimg.com
img.connatix.com
info.silobreaker.com
kasperskycontenthub.com
media.threatpost.com
qd.admetricspro.com
quantcount.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.ads-twitter.com
static.doubleclick.net
stats.g.doubleclick.net
t.co
tagan.adlightning.com
threatpost.com
vid.connatix.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.reddit.com
www.youtube.com
yt3.ggpht.com
quantcount.com
104.244.42.5
104.244.42.67
13.226.159.35
142.250.185.130
151.101.113.140
151.101.194.137
18.224.195.241
199.232.136.157
199.60.103.2
2600:9000:206f:5a00:2:9275:3d40:93a1
2600:9000:206f:d200:0:5c46:4f40:93a1
2600:9000:2127:7c00:6:44e3:f8c0:93a1
2606:4700:e0::ac40:6d0a
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:21::14
2a00:1450:4001:803::2008
2a00:1450:4001:803::200e
2a00:1450:4001:808::2001
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2016
2a00:1450:4001:82b::2003
2a00:1450:400c:c07::9b
2a03:2880:f01c:800e:face:b00c:0:2
35.173.160.135
65.9.95.127
0119689800eadf6270855a19b65d74251e7da6be5e4686f36c15bf81281ddb4c
01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7
0937ab036c11b8d4593c97bacc66f50baa0de8747832e28d9367533f69a1eefd
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0c02f9c7b75ad0ad2770421afbf4226525b1cbcdf0214e29dea93ab42b88413e
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f5188b5a9263c0a0e0b1dbedb01498f08969de3d3140fd2016625f753ef24ab
130eab0b79272570e565d77bb286b5755b9aae8f33efe8af7a2689bf8eabb859
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e6cc52bffa814d7c7912cd64a2ef303e6a2f2387b428173dca05f032bfa5788
214f4dfa46fa3332319a25096f499e734e2ff5acdfddf37c4313e7f0f7c9d003
2741ebe7c6b491ff8a2dce56b095da60b3ce45b0c849da3907bf9b7f9ed16f49
2812b5871e2eb8b88106d7c764dd455a05f541a5dc56d6338b0ce912cdef09e3
293758e111415003d2d741e154bc633cde1320e6788bd75aa9c173ca84985108
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d
3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838
3773223dc3f0b2c5f4ba6310b5eb478b52db9c305623545b0723b10a1e636b14
3836a9f50f5e4696de24c58aa91b4b39c4a7631cf474cff0dd5963e6a735147e
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a
3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26
3edf0837f49625ad64af84f2a4d223b69ea99fb468ebbb2ece40286dbe64b6a1
41cee2dce48fb094367da8051cdfefceaf74cdced3640aeccf4d36875394d699
41f3222c29889fb48f5dca1d481858e5339a759655510c256ef4edf56c80f7f5
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d6d62968f950e012756127c75eaed41a5b5d326c914ca18567f1ba19b7b1807
4e5ea4214b4900c4c114a5d5370fdf6a22bd14a1b1b49328be823e523ece3839
503033d6d03cb3ae50c1f5afaecefda23b646efcdeccee5184958c2145483753
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70
579a518cc3716e48123799f6fce8d5c024541b108ffeedea54ab7787c1513ba4
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf
5a9c3215051cf74f305e0d3fb72d249854498dd3a2ee85b6d6e029f6fec090d6
5b1b3e1dbec0a6b898bf6b8f17caa692c112ba2d215a1300b1c014c75f9f5ad8
609d9dd3d8b83017d59c1dc4b1cec1b7033a04075060c78be1e0acc257da7757
61b12f8d4767ea81ad85d30304b6bd7f0312e2666a65a244ac142561146489a5
63d79a5b76b4bef8bb9cd4b451bb60b4a2d277e3b4664d26eac47cb8527fbe02
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6b88d2682090d977a5572bbe665a5cba66b7964012c7b2b7cd2e05de0e0495d7
6cdc57f82f4b0d09e5b4e584ca4736cd3871f20563d4ce25120b057d8ffb4eb2
6d467ea5aff01d857984e4ee9e8554e73c4d33c172f2eb2fa1b59e1799ce3936
73339d824e344121a3039b2e0e9c9353fb8132e005bb6d53249814c213520d5d
747a03fee397ff9cf8a76308966b2cc28f4dd00160af7610bc81ccfcb2836fab
7539022ead12746501d8d305f5985f79e3f89ae0b3ab4eb2f157f0193bb3b055
793c1fa20d428c9cc9f0af0179d9de217c124f5d19d31c6b36878ba793bbacd2
7c6319cf0ae3791d36abec1ac52b8ac41732ade91b9e1408839a34a42953bd57
81fa50822806b58c63d123c956b740c92033836e2477e82237f9c9ca0fa8c3a0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c648e10fd55ab151cb6ab5df265a7e2d6c32a64c5dc1b85d6d667e158a2098
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb
860373f1865a43b2ac7823995fa1e22e9eb2f7c10c911a16b10f91728e2b9df3
8c8ef346a016f391c45a0711e59f68b3cd25fe345071f77e7e75dcf6de4783ef
90c501333a7444708a246330a634f98e52bd74a68db4c33eae13fa9cfffcf3fe
91e8f81ef3c99be20d905536aa719b1fd716ce7760080c3ca6b0cd552723535d
94b6aa5c8d4de565e3e9213dee902468aab377f680aeb19c9ff47941a9b1c487
98170098ad5b9e0e27bc80b4fab39889cb6437246979ee85680f64bb77d03a08
9cb34fc9e773a7a413885fe681bcf09ee674d882f7a2461bb27f3dc8f960bfac
a2b2716997f15b6f3d225922f345754426ba75c0d3291b1daf433ddabf15354f
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22
ab09814addb95f1753755def0c6f218e5b6e35ad6304225e08454c413cfc258a
ac1eed21fdddd6a981458cc46e79523f77a9b44b9b639d9df405c0d9827cc552
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be
b0209d39595432d762f6ba2a81dc0bffa6a6e1ed9021ba24ffa06c3c7e4bcb02
b13b5be1c8edf1bb856a1d79be90e3460f91fec36f6d62ae1c3658c1e18357bd
b3ef38c520568d28174ad0fb17fd15c7fbe35453b84c3a9c56f70845a143dc4d
b89c4addd9525e5ecf970750e2f2477a9354a59467997c8aa2d79adc55594e1f
be3035303da80d81f11b1f24ef904f694c3d026b388f02e621023bc21566c1c0
c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01
c549dc822027008d44be097358d6e36843a0700d4703a08d68908ddd5eedee9f
c9d3a42e5b578b7b2a40a5ebee36f3be48b2ec13c43b27018b76f5fd2d8935ef
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dd7d093a1d67babe8e574f94231253e281cf71195d34d8d7035329c655915c90
dde149cd65d9e63eb4673c1f38e5eb2f3deaa1c79d89687f5f655ceaca836065
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfa988eb51e0609282bd3fe438235f236659082bad2f7408e0813d699c628284
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0
e8c207773b5b242229f77be9cde555a9cf5ced8288409f80da3d5192706e40e3
ec95a631650981cd2ff2eecd07118042dee23fc0a3fd6ed70926fa3d94e4e5d3
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4f2c0a4763f01ee2b13b4f8189e6fd5f32bd704d71fed8d0f11883de9724198
f50c53e0d96300d7a6c66b9b337b3435531fdef0a2763d4cdd7c973e1df35efa
f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6
f76bf2498cc215bd189c7e15bdd617ef64110566f7701dcf920ad3838301624b
f7b3473e0ca45186ae7002743521ec646c0ba67fd5d8ce374a2fb2ecfc3ad6f7
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189
fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7
fc40f75f13ff349ba67fc15f5efa01efc49bbfb995621578bd451695af7ef7f0
fdbd1eb459cc3afe33f1a009acd8b3dc10faf7abffbdb86af951ad89a5eb86f9
fde06f152e9231d3319414a1f9945b0aef3e24c95e703dcb0bb6f053c43a4c21

threatpost.com Open in urlscan Pro 35.173.160.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

131 Requests

99 %HTTPS

65 %IPv6

25 Domains

36 Subdomains

32 IPs

3 Countries

4421 kBTransfer

10258 kBSize

0 Cookies

16 Outgoing links

Page URL History

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

99 %
HTTPS

65 %
IPv6

25
Domains

36
Subdomains

32
IPs

3
Countries

4421 kB
Transfer

10258 kB
Size

0
Cookies

131 HTTP transactions
3 data transactions