threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Submission: On April 29 via api (April 29th 2021, 8:19:19 pm UTC) from US

Summary HTTP 244 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 47 IPs in 4 countries across 28 domains to perform 244 HTTP transactions. The main IP is 35.173.160.135, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is threatpost.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 10th 2020. Valid for: a year.

This is the only time threatpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	35.173.160.135 35.173.160.135	14618 (AMAZON-AES) (AMAZON-AES)
3	13.224.106.23 13.224.106.23	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:303... 2606:4700:3031::6815:4184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
8	2600:9000:20c... 2600:9000:20c8:6000:2:9275:3d40:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2600:9000:206... 2600:9000:206f:6a00:0:5c46:4f40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4	13.224.105.229 13.224.105.229	16509 (AMAZON-02) (AMAZON-02)
1 4	151.101.114.137 151.101.114.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
10	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
23	3.20.220.113 3.20.220.113	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20c... 2600:9000:20c8:b600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
15	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.113.140 151.101.113.140	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
18	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	74.125.140.157 74.125.140.157	15169 (GOOGLE) (GOOGLE)
8	34.249.222.42 34.249.222.42	16509 (AMAZON-02) (AMAZON-02)
1	142.250.218.227 142.250.218.227	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
8	2600:9000:20e... 2600:9000:20e8:e000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4 10	52.30.14.27 52.30.14.27	16509 (AMAZON-02) (AMAZON-02)
2 2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:3c::9	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
13	34.206.10.182 34.206.10.182	14618 (AMAZON-AES) (AMAZON-AES)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2 4	34.252.115.248 34.252.115.248	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:56::c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:56::a	15169 (GOOGLE) (GOOGLE)
244	47

18 35.173.160.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com

threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kasperskycontenthub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.106.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-23.mad50.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3031::6815:4184 (United States)

ASN13335 (CLOUDFLARENET, US)

qd.admetricspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:20c8:6000:2:9275:3d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:206f:6a00:0:5c46:4f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.105.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-105-229.mad50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.137 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland) 1 redirects

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 3.20.220.113 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-220-113.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:b600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

lit.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (United States)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.140.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.249.222.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-222-42.eu-west-1.compute.amazonaws.com

unified.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.218.227 (United States)

ASN15169 (GOOGLE, US)
PTR: gru14s26-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:20e8:e000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.30.14.27 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-27.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:3c::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5e6nzl.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.206.10.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-10-182.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.252.115.248 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-115-248.eu-west-1.compute.amazonaws.com

intelcorp.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:56::c (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

r6---sn-4g5e6nl6.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:56::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5e6nl6.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com lit.connatix.com vid.connatix.com img.connatix.com	2 MB
39	adsafeprotected.com 4 redirects unified.adsafeprotected.com static.adsafeprotected.com pixel.adsafeprotected.com dt.adsafeprotected.com	289 KB
36	threatpost.com threatpost.com assets.threatpost.com media.threatpost.com	658 KB
30	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pubads.g.doubleclick.net bid.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	166 KB
26	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	97 KB
17	google.com www.google.com adservice.google.com	37 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	771 KB
8	2mdn.net 3 redirects s0.2mdn.net r4---sn-4g5e6nzl.c.2mdn.net Failed gcdn.2mdn.net r6---sn-4g5e6nl6.c.2mdn.net r4---sn-4g5e6nl6.c.2mdn.net	894 KB
7	admetricspro.com qd.admetricspro.com	325 KB
6	googleapis.com imasdk.googleapis.com	2 MB
4	demdex.net 2 redirects intelcorp.demdex.net	4 KB
4	amazon-adsystem.com c.amazon-adsystem.com	37 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	adlightning.com tagan.adlightning.com	55 KB
1	reddit.com www.reddit.com	1 KB
1	linkedin.com www.linkedin.com
1	facebook.com graph.facebook.com	596 B
1	twitter.com analytics.twitter.com	650 B
1	google.de www.google.de	107 B
1	t.co t.co	458 B
1	quantcount.com rules.quantcount.com quantcount.com Failed	353 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	quantserve.com secure.quantserve.com	9 KB
1	wp.com i0.wp.com	65 B
1	gravatar.com 1 redirects secure.gravatar.com	371 B
1	googletagmanager.com www.googletagmanager.com	52 KB
1	kasperskycontenthub.com kasperskycontenthub.com	398 B
1	googletagservices.com www.googletagservices.com	21 KB
244	28

	Domain	Requested by
23	capi.connatix.com	cd.connatix.com
17	threatpost.com	threatpost.com
15	googleads.g.doubleclick.net
13	dt.adsafeprotected.com
12	pagead2.googlesyndication.com	srcdoc tpc.googlesyndication.com
11	www.google.com	threatpost.com tagan.adlightning.com www.gstatic.com www.google.com
11	media.threatpost.com	threatpost.com
10	ade.googlesyndication.com
10	pixel.adsafeprotected.com	4 redirects static.adsafeprotected.com tagan.adlightning.com
10	www.gstatic.com	www.google.com www.gstatic.com
9	vid.connatix.com	cd.connatix.com
8	static.adsafeprotected.com	imasdk.googleapis.com threatpost.com
8	unified.adsafeprotected.com	imasdk.googleapis.com
8	pubads.g.doubleclick.net	imasdk.googleapis.com
8	assets.threatpost.com	threatpost.com assets.threatpost.com
7	qd.admetricspro.com	threatpost.com qd.admetricspro.com
6	adservice.google.com	imasdk.googleapis.com
6	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
5	img.connatix.com	threatpost.com cd.connatix.com
4	intelcorp.demdex.net	2 redirects
4	tpc.googlesyndication.com	imasdk.googleapis.com tpc.googlesyndication.com
4	c.amazon-adsystem.com	qd.admetricspro.com c.amazon-adsystem.com
3	s0.2mdn.net	imasdk.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com threatpost.com
3	cds.connatix.com	threatpost.com tagan.adlightning.com cd.connatix.com
3	tagan.adlightning.com	threatpost.com tagan.adlightning.com
2	googleads4.g.doubleclick.net
2	gcdn.2mdn.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	securepubads.g.doubleclick.net	www.googletagservices.com tagan.adlightning.com
1	r4---sn-4g5e6nl6.c.2mdn.net
1	r6---sn-4g5e6nl6.c.2mdn.net	1 redirects
1	r4---sn-4g5e6nzl.c.2mdn.net
1	csi.gstatic.com	imasdk.googleapis.com
1	fonts.gstatic.com	www.google.com
1	www.reddit.com	threatpost.com
1	www.linkedin.com	threatpost.com
1	graph.facebook.com	threatpost.com
1	lit.connatix.com	cd.connatix.com
1	analytics.twitter.com	tagan.adlightning.com
1	www.google.de	threatpost.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	t.co	threatpost.com
1	rules.quantcount.com	secure.quantserve.com
1	static.ads-twitter.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	i0.wp.com	threatpost.com
1	secure.gravatar.com	1 redirects
1	www.googletagmanager.com	threatpost.com
1	kasperskycontenthub.com	threatpost.com
1	cd.connatix.com	1 redirects
1	www.googletagservices.com	threatpost.com
0	quantcount.com Failed	secure.quantserve.com
244	53

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
feedly.com
www.instagram.com
www.securityweek.com
nvd.nist.gov
cve.mitre.org
www.cisecurity.org
chromereleases.googleblog.com
akismet.com
t.co
indd.adobe.com

Subject Issuer	Validity	Valid
threatpost.com DigiCert SHA2 Secure Server CA	`2020-06-10` - `2021-06-15`	a year	crt.sh
*.adlightning.com Amazon	`2020-07-22` - `2021-08-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-10` - `2021-08-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
assets.threatpost.com Amazon	`2021-02-04` - `2022-03-05`	a year	crt.sh
media.threatpost.com Amazon	`2021-02-04` - `2022-03-05`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
kasperskycontenthub.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2021-06-09`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2021-08-16`	6 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-07-06`	6 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
wrapper-vast.adsafeprotected.com Amazon	`2020-12-18` - `2022-01-16`	a year	crt.sh
static.adsafeprotected.com Amazon	`2020-10-03` - `2021-11-03`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-04-20` - `2021-06-29`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Frame ID: 6F74492701498B165D6DCB4BB22B53E6
Requests: 104 HTTP requests in this frame

Frame: https://cds.connatix.com/p/115548/connatix.player.dc.js
Frame ID: BA2815FD90FA293106EC4B7568F58E36
Requests: 41 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&theme=standard&size=normal&cb=ijiug7kz7kzo
Frame ID: BD2B97A57937A946F99711CBF48057E9
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&theme=light&size=normal&cb=yr0xnkx92r33
Frame ID: 6287BC5F5672931E0E13BD568225EFEA
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 9A195FA6A520CE41CE83C30FB49860A9
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 8EB5B5566D3CCFB823E0541D26E9E444
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 6157AF94DF683D7D36F019DA40F12E10
Requests: 52 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B1AACC3608251CCD5F992B37CEEEC6FD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: BD618FE5F7C5E543526D45C8A7D2E30F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0EADE81A463A3A9EEC9151B8058284B4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&cb=4vl4nl1enud
Frame ID: 33482F3870DE55978716D03B0DE6F247
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&cb=11nlpqv1shsy
Frame ID: 74ED8900AA043E3554979C36F562B685
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: B372F243DCE6076211B5924D431FC7FC
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 4A4E272AE30939C84588829D44268342
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 38B67DF522FC1D5CC3373C702502F62F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 6EDE30AE1B3A6CE0EBB3A93E4A3EF84B
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 08EE6A1A8177E4E522A98FD29FD3E38F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 1B5110F94E76573A73B31729F253EFC7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

244
Requests

98 %
HTTPS

59 %
IPv6

28
Domains

53
Subdomains

47
IPs

4
Countries

7082 kB
Transfer

12780 kB
Size

3
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/threatpost/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/threatpost

Search URL Search Domain Scan URL

URL: https://feedly.com/threatpost

Search URL Search Domain Scan URL

URL: https://www.instagram.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://www.securityweek.com/google-patches-yet-another-serious-v8-vulnerability-chrome
Title: also noted

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-16040
Title: CVE-2020-16040

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15965
Title: CVE-2020-15965

Search URL Search Domain Scan URL

URL: https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-google-chrome-could-allow-for-arbitrary-code-execution_2021-056/
Title: another report

Search URL Search Domain Scan URL

URL: https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html
Title: stable channel release

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

URL: http://twitter.com/search?q=%23PII
Title: #PII

Search URL Search Domain Scan URL

URL: https://t.co/0FXHOAO9yy
Title: https://t.co/0FXHOAO9yy

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost
Title: Follow @threatpost

Search URL Search Domain Scan URL

URL: https://indd.adobe.com/view/01579c19-a6ca-4cb0-8106-ed4d5d02a292
Title: Advertise With Us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/115548/connatix.player.dc.js

Request Chain 40

https://secure.gravatar.com/avatar/d067d81298f837f67d893cebeb90083a?s=60&d=https%3A%2F%2Fthreatpost.com%2Fwp-content%2Fthemes%2Fthreatpost-2018%2Fassets%2Fimages%2Favatar-default.jpg&r=g HTTP 302
https://i0.wp.com/threatpost.com/wp-content/themes/threatpost-2018/assets/images/avatar-default.jpg?ssl=1

Request Chain 138

https://gcdn.2mdn.net/videoplayback/id/a6c8652727d81f2f/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634454/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/C925DF3809E85D7D2E2E30C5EEFB477DFD4EEDB.3C085DEA8D0F781BDFE6ADD5FFAC1A9B4C07D41/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/a6c8652727d81f2f/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634454/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/814E11D66E45926EE8BC5BFC907C747BD56A995C.706EE2222F22DEB398BDC4E492942A333ECF721F/key/cms1/cms_redirect/yes/mh/Xx/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1619726909/mv/m/mvi/4/pl/50/file/file.mp4

Request Chain 139

https://gcdn.2mdn.net/videoplayback/id/a6c8652727d81f2f/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634454/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/C925DF3809E85D7D2E2E30C5EEFB477DFD4EEDB.3C085DEA8D0F781BDFE6ADD5FFAC1A9B4C07D41/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/a6c8652727d81f2f/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634454/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4EA80B92E05EAA23EBA23DEC4FE0D4C4D9050494.69EFB7F71EA82596EF44718E0E2692E6C0A2FDB4/key/cms1/cms_redirect/yes/mh/Xx/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1619726909/mv/m/mvi/4/pl/50/file/file.mp4

Request Chain 152

https://pixel.adsafeprotected.com/rfw/st/682720/53794595/skeleton.js?videoId=55b8a13caece0d1009dcc6831da7f6d7&apiframeworks=2,8&bundleId=[BUNDLEID]&mon=53794596&omidPartner=-1&xmapp=0&xmtp=v&xsId=814ff91d-8e17-424f-b71e-889bfe558c36&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fthreatpost.com%2F&adsafe_type=f&adsafe_jsinfo=,id:b55a797e-b8aa-0cc2-e24f-c89cabbb684b,c:bda1He,sl:outOfView,em:false,fr:true,mn:app27ie,pt:2-5-15,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,br:u,abv:na,an:n,oam:0,vc:jv3,nbld:0,fm:sw0jHIS+1*.682720-53794595%7C11%7C12%7C13%7C141%7C151%7C16%7C171%7C18%7C191%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g,idMap:1*,pl:,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:fwjsvid,thd:1,et:43,oid:23f5f721-a928-11eb-93ea-02617d9e854e,v:19.8.193,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0,abc:0,abct:110,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso HTTP 302
https://static.adsafeprotected.com/skeleton.js?videoId=55b8a13caece0d1009dcc6831da7f6d7&apiframeworks=2,8&bundleId=[BUNDLEID]&mon=53794596&omidPartner=-1&xmapp=0&xmtp=v&xsId=814ff91d-8e17-424f-b71e-889bfe558c36

Request Chain 157

https://intelcorp.demdex.net/event?event=imp&d_campaign=25571066&d_site=5134578&d_placement=299779583&d_ad=492609029&d_creative=148504777 HTTP 302
https://intelcorp.demdex.net/firstevent?event=imp&d_campaign=25571066&d_site=5134578&d_placement=299779583&d_ad=492609029&d_creative=148504777

Request Chain 161

https://pixel.adsafeprotected.com/rfw/st/682720/53794596/skeleton.gif?xmtp=v&xmapp=0&xsId=814ff91d-8e17-424f-b71e-889bfe558c36 HTTP 302
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=814ff91d-8e17-424f-b71e-889bfe558c36

Request Chain 216

https://gcdn.2mdn.net/videoplayback/id/0251c9288dfc3da7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634728/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/906494168017F4560727AFD899A8A71EB66D3B4A.BA2709F002BE149F9F9C72CA73E6989F2451C5CB/key/ck2/file/file.mp4 HTTP 302
https://r6---sn-4g5e6nl6.c.2mdn.net/videoplayback/id/0251c9288dfc3da7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634728/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/54746E280D81373DAE0BD3CEEA4DA0E8EEFF5A05.3B926142EC47E0E7974A0775A8573DC0E1BAE859/key/cms1/cms_redirect/yes/mh/Fx/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nl6/ms/onc/mt/1619727400/mv/m/mvi/6/pl/50/file/file.mp4 HTTP 302
https://r4---sn-4g5e6nl6.c.2mdn.net/videoplayback/id/0251c9288dfc3da7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634728/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/54746E280D81373DAE0BD3CEEA4DA0E8EEFF5A05.3B926142EC47E0E7974A0775A8573DC0E1BAE859/key/cms1/cms_redirect/yes/mh/Fx/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nl6/ms/onc/mt/1619727400/mv/m/mvi/6/pl/50/ir/1/rr/12/file/file.mp4

Request Chain 226

https://pixel.adsafeprotected.com/rfw/st/682720/53794585/skeleton.js?videoId=055fc842c274354c5ee31d99adc86139&apiframeworks=2,8&bundleId=[BUNDLEID]&mon=53794586&omidPartner=-1&xmapp=0&xmtp=v&xsId=b9e30b0a-ec34-4d78-bc5e-b1d07f27b7ad&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fthreatpost.com%2F&adsafe_type=f&adsafe_jsinfo=,id:fb8e9e7c-b51a-70f8-95a5-998cc4570e98,c:bda3Y9,sl:outOfView,em:false,fr:true,mn:app08ie,pt:2-5-15,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,br:u,abv:na,an:n,oam:0,vc:jv3,nbld:0,fm:sw0jK0a+1*.682720-53794585%7C11%7C12%7C13%7C141%7C151%7C16%7C171%7C18%7C191%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:1*,pl:,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:fwjsvid,thd:1,et:20,oid:29350a7e-a928-11eb-bb77-025e58922a4e,v:19.8.193,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0,abc:0,abct:38,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso HTTP 302
https://static.adsafeprotected.com/skeleton.js?videoId=055fc842c274354c5ee31d99adc86139&apiframeworks=2,8&bundleId=[BUNDLEID]&mon=53794586&omidPartner=-1&xmapp=0&xmtp=v&xsId=b9e30b0a-ec34-4d78-bc5e-b1d07f27b7ad

Request Chain 231

https://intelcorp.demdex.net/event?event=imp&d_campaign=25571066&d_site=5134578&d_placement=299778155&d_ad=492609044&d_creative=148474637 HTTP 302
https://intelcorp.demdex.net/firstevent?event=imp&d_campaign=25571066&d_site=5134578&d_placement=299778155&d_ad=492609044&d_creative=148474637

Request Chain 235

https://pixel.adsafeprotected.com/rfw/st/682720/53794586/skeleton.gif?xmtp=v&xmapp=0&xsId=b9e30b0a-ec34-4d78-bc5e-b1d07f27b7ad HTTP 302
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=b9e30b0a-ec34-4d78-bc5e-b1d07f27b7ad

244 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/ 83 KB
21 KB 397ms
100ms Document
text/html 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5fe6aaba935aa93fd5d6d3ea3c6b7e5f1e5facd747c070b9fe6f59cba4dc7cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: threatpost.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Thu, 29 Apr 2021 20:18:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Link: <https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/wp-json/wp/v2/posts/165662>; rel="alternate"; type="application/json" <https://threatpost.com/?p=165662>; rel=shortlink
X-Frame-Options: SAMEORIGIN
X-Debug-Auth: off
X-Request-Host: threatpost.com
x-cache-hit: HIT
Content-Encoding: gzip

GET
H/1.1 200
OK main.css
threatpost.com/wp-content/themes/threatpost-2018/assets/css/ 253 KB
39 KB 308ms
104ms Stylesheet
text/css 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 41f3222c29889fb48f5dca1d481858e5339a759655510c256ef4edf56c80f7f5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Connection: keep-alive
Referer: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 29 Apr 2021 20:18:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 07:58:43 GMT
Server: nginx
ETag: W/"608915b3-3f2b8"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=604800 public
Connection: close
Expires: Thu, 06 May 2021 20:18:58 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/math-aids-threatpost/ 40 KB
14 KB 240ms
150ms Script
application/javascript 13.224.106.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-23.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c21cc5fe3c538e5c86a26b637528ec741229d66978f590cddf7ec8a186028b5

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:17:24 GMT
content-encoding: gzip
age: 95
x-cache: Hit from cloudfront
content-length: 14248
x-amz-meta-git_commit: 49c6f47
last-modified: Thu, 29 Apr 2021 20:14:23 GMT
server: AmazonS3
etag: "294618787f9e0a68513d8ecbea9d4f14"
x-amz-version-id: on_Jv_C2Qs7gbUkUQz8FkEz__2oyRtJM
via: 1.1 d8c266ed74a4ecc05eeffe79fa473f7e.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: jgizz4-8t4IHEnFukd54uMoqrRMNb8eFqxKrFCGiBJkdKRNOlYJpUA==

GET
H2 200 ros-layout.js Show response
qd.admetricspro.com/js/threatpost/ 25 KB
3 KB 56ms
31ms Script
application/javascript 2606:4700:3031::6815:4184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbc688ea0af0051ff5a2e638a07cc36980f10deef3e1d0bdd069811768c6fe30

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 24
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c0e1f15b0000d6b9fcb2c000000001
last-modified: Fri, 05 Mar 2021 17:45:49 GMT
server: cloudflare
etag: W/"626e-5bccda7913385-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5jG3WOBqJ1E%2FMa7zrJMa%2F9ZdQfA4SBij8HH8LKF4hScwhrbIL1booI%2BX3l0Zn2eAfR4Qo2PdR079Utps0sZu2wz7TmCipcg9VY5e99MdkIg7CvtC4pEeBn6anHdbcsYh"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 647b38fbc904d6b9-FRA
expires: Thu, 29 Apr 2021 20:23:53 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 63 KB
21 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68d672ba14063f922d7b4b0e6f90d68a45636e5f40f703e7a30285837c5b8778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "857 / 645 of 1000 / last-modified: 1619694582"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21267
x-xss-protection: 0
expires: Thu, 29 Apr 2021 20:18:58 GMT

GET
H2 200 cmp.js Show response
qd.admetricspro.com/js/threatpost/ 305 KB
82 KB 65ms
40ms Script
application/javascript 2606:4700:3031::6815:4184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73339d824e344121a3039b2e0e9c9353fb8132e005bb6d53249814c213520d5d

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 77
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c0e1f15b0000d6b9f0bcb000000001
last-modified: Tue, 06 Oct 2020 19:53:29 GMT
server: cloudflare
etag: W/"4c426-5b105f3f297c7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=URBg9Nrff03SwqE8sdpS%2FYtBCU17CRwsR%2Fpmmf2lzXl%2BaEL7ywkLf5QGzM9c07XVB%2FhS9%2FIeeU3EEGD3KI%2FSwHo3IGq3vm53GV%2FY8F7%2F4Bwa4Gzqyghuy%2Bas38eGj8Lt"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 647b38fbc908d6b9-FRA
expires: Thu, 29 Apr 2021 20:24:57 GMT

GET
H2 200 uspcmp.js Show response
qd.admetricspro.com/js/threatpost/ 148 KB
55 KB 59ms
34ms Script
application/javascript 2606:4700:3031::6815:4184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 77
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c0e1f15b0000d6b92b8e4000000001
last-modified: Sat, 08 Aug 2020 22:40:07 GMT
server: cloudflare
etag: W/"24e50-5ac65673cef1c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vFbmlhmLH2TDzbGT5CBdjT1xhidN9CgSG1TCUIeeuNb%2BvFfk%2Bptu%2Bf1pgFHY7oHF9ZzoNhLn3Vw8uVsxgz8%2BZ1rxre18OGwPSq4CDDqTNx%2BuhWuMiaBHM7pLHdRa6fJ5"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 647b38fbc90ad6b9-FRA
expires: Thu, 29 Apr 2021 20:24:02 GMT

GET
H2 200 targeting.js Show response
qd.admetricspro.com/js/threatpost/ 275 B
861 B 45ms
20ms Script
application/javascript 2606:4700:3031::6815:4184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/targeting.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cdc57f82f4b0d09e5b4e584ca4736cd3871f20563d4ce25120b057d8ffb4eb2

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 24
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c0e1f15c0000d6b937194000000001
last-modified: Sat, 08 Feb 2020 20:49:18 GMT
server: cloudflare
etag: W/"113-59e16a3cfb471-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pe8Rxd6DkF%2BayEk4QF14b9oDlw4U%2FhBoze07ooKQhcudoKb4bojNck5iu1gqSmTPitHQtioRNEO20R9Gz5TiLPY5eRScdY5eupUmtmRDNp%2F7v0L1Q9ti5jhYwKCsgpCe"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 647b38fbc90cd6b9-FRA
expires: Thu, 29 Apr 2021 20:24:56 GMT

GET
H2 200 prebid.js Show response
qd.admetricspro.com/js/threatpost/ 520 KB
145 KB 80ms
56ms Script
application/javascript 2606:4700:3031::6815:4184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dec046e34be07896b049576ab815e325858284addd14fb16f61f7b1c119378

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 24
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c0e1f15c0000d6b915067000000001
last-modified: Thu, 15 Apr 2021 21:43:37 GMT
server: cloudflare
etag: W/"821d6-5c009c17ea754-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LTFhJVtRTr5T9UKYjc40kvqSbtR%2FEcSKLzjhhr5KbbEhCNQnAmMXgSJ2NkTRD4v%2F5aUqpsaqeRF57mS23jjXH%2BClguYnjZh8HvuayDN9cHpWIUn2myO%2F8%2BOQZ8r%2BSOn0"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 647b38fbc90fd6b9-FRA
expires: Thu, 29 Apr 2021 20:24:52 GMT

GET
H2 200 engine.js Show response
qd.admetricspro.com/js/threatpost/ 33 KB
9 KB 50ms
26ms Script
application/javascript 2606:4700:3031::6815:4184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/engine.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83c6bdb6c54b2fb90a204cf0279e2d868513572d0963ec534083902c1307844b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 24
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c0e1f15c0000d6b966883000000001
last-modified: Mon, 19 Apr 2021 20:48:42 GMT
server: cloudflare
etag: W/"83c9-5c059747d2d30-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OfzVnhx3Curk3XbTBBvP1A3jy%2Fq3CFvRDDfXbCmSjKRt%2FjgmXv%2FQhsDtPXGOVF42fKEi%2Fr5ahNk30ul2e2TIeZg8UusP3y%2BGPPtf0GJdx40ITfyMgn6EDtUAn61fh219"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 647b38fbc90dd6b9-FRA
expires: Thu, 29 Apr 2021 20:20:21 GMT

GET
H2 200 /
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 94 KB
19 KB 704ms
615ms Stylesheet
text/css 2600:9000:20c8:6000:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=dd3adbbd

Requested by

Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20c8:6000:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

72eaaf36ecf9e2e0757d5154ce285d44296ee79b32ea122953df2a1133c6f2fb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:59 GMT
content-encoding: gzip
x-amz-cf-pop: MAD50-C1
x-cache: Miss from cloudfront
content-length: 19117
x-cache-hit: HIT
last-modified: Wed, 28 Apr 2021 07:58:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 89229acad212ad74c20ccd0ac96a8cbe.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: 41thXH2nIgCG2jhzHsjvCg63a2YV4q10VnwiZIrX0EsFXz8Ocnkiqg==
expires: Fri, 30 Apr 2021 18:51:39 GMT

GET
H/1.1 200
OK jquery-1.12.4-wp.js Show response
threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/ 95 KB
37 KB 311ms
106ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Connection: keep-alive
Referer: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 29 Apr 2021 20:18:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 07:58:41 GMT
Server: nginx
ETag: W/"608915b1-17a56"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800 public
Connection: close
Expires: Thu, 06 May 2021 20:18:58 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 177 KB
55 KB 668ms
579ms Script
application/x-javascript 2600:9000:20c8:6000:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=dd3adbbd

Requested by

Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20c8:6000:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b0209d39595432d762f6ba2a81dc0bffa6a6e1ed9021ba24ffa06c3c7e4bcb02

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:59 GMT
content-encoding: gzip
x-amz-cf-pop: MAD50-C1
x-cache: Miss from cloudfront
content-length: 56256
x-cache-hit: HIT
last-modified: Wed, 28 Apr 2021 07:58:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 89229acad212ad74c20ccd0ac96a8cbe.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: JGnCGWJLp8ovGWFBKmwJgKaKYRXNyDLvx3wUEH1oxz5wIIC3Tfq1GA==
expires: Fri, 30 Apr 2021 18:51:42 GMT

GET
H2 200 Google-Chrome-Browser.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/11/03120131/ 30 KB
31 KB 37ms
7ms Image
image/jpeg 2600:9000:206f:6a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/11/03120131/Google-Chrome-Browser.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 071a4fa383985360c3b0827c1e4df48a70e13d3cdf5e96e7e7835cc634001132

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 10:46:52 GMT
via: 1.1 059f7b4f5f4c20725a3c55323fefb585.cloudfront.net (CloudFront), 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Tue, 03 Nov 2020 17:01:32 GMT
server: AmazonS3
age: 7032728
etag: "31d098f469c670a8f5fa307fbfe027ec"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: MUC51-C1, FRA56-C1
accept-ranges: bytes
content-length: 31108
x-amz-cf-id: QM3NZ0AQlCpzA1VQZszcBvBj83BUhZgA9G1DiO9yC4AJp1PbtBMhXA==
expires: Wed, 03 Nov 2021 17:01:31 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
747 B 19ms
19ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b97ff1109b709bf33a4a7593782b6f5f0fe56b3b46ef504dba244a9026c3fdbe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Thu, 29 Apr 2021 20:18:59 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 2 KB
1 KB 368ms
368ms Script
application/x-javascript 2600:9000:20c8:6000:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/jquery.json.min.js&ver=dd3adbbd

Requested by

Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20c8:6000:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:59 GMT
content-encoding: gzip
x-amz-cf-pop: MAD50-C1
x-cache: Miss from cloudfront
content-length: 926
x-cache-hit: HIT
last-modified: Wed, 28 Apr 2021 07:58:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 89229acad212ad74c20ccd0ac96a8cbe.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: B4sy9zLxQoUnIRg7UOfHhcRPUY89Bi6YDBB8MN-Ep2RjFLEux3yJYQ==
expires: Fri, 30 Apr 2021 18:51:42 GMT

GET
H/1.1 200
OK gravityforms.min.js Show response
threatpost.com/wp-content/plugins/gravityforms/js/ 34 KB
12 KB 735ms
105ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.17.15
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Connection: keep-alive
Referer: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 29 Apr 2021 20:19:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 07:58:41 GMT
Server: nginx
ETag: W/"608915b1-88c2"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800 public
Connection: close
Expires: Thu, 06 May 2021 20:19:00 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 7 KB
3 KB 436ms
433ms Script
application/x-javascript 2600:9000:20c8:6000:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/conditional_logic.min.js&ver=dd3adbbd

Requested by

Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20c8:6000:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:59 GMT
content-encoding: gzip
x-amz-cf-pop: MAD50-C1
x-cache: Miss from cloudfront
content-length: 2685
x-cache-hit: HIT
last-modified: Wed, 28 Apr 2021 07:58:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 89229acad212ad74c20ccd0ac96a8cbe.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: xQSBG6AAlgullVqdPn3MYdgxZ9A20Ug2tc2o8yt6vnn1GPFVc-IT4g==
expires: Fri, 30 Apr 2021 18:51:46 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 5 KB
2 KB 434ms
432ms Script
application/x-javascript 2600:9000:20c8:6000:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/placeholders.jquery.min.js&ver=dd3adbbd

Requested by

Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20c8:6000:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:59 GMT
content-encoding: gzip
x-amz-cf-pop: MAD50-C1
x-cache: Miss from cloudfront
content-length: 1747
x-cache-hit: HIT
last-modified: Wed, 28 Apr 2021 07:58:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 89229acad212ad74c20ccd0ac96a8cbe.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: S-GPJMbzwqwqXW5PyziMtetiO-e625p_ducYVP0zdJi0EoLAW8u6Jg==
expires: Fri, 30 Apr 2021 18:51:39 GMT

GET
H3-29 200 api.js Show response
www.google.com/recaptcha/ 852 B
577 B 26ms
23ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en&render=explicit&ver=5.7

Requested by

Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aabef6fdf6754720952bba161391163f9b54dcd8302f64c85746a92c5aa8bae7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 1; mode=block
expires: Thu, 29 Apr 2021 20:18:59 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 2 KB
1 KB 436ms
433ms Script
application/x-javascript 2600:9000:20c8:6000:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/js/wp-embed.min.js,wp-content/plugins/akismet/_inc/form.js&ver=dd3adbbd

Requested by

Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20c8:6000:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4e5ea4214b4900c4c114a5d5370fdf6a22bd14a1b1b49328be823e523ece3839

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:59 GMT
content-encoding: gzip
x-amz-cf-pop: MAD50-C1
x-cache: Miss from cloudfront
content-length: 972
x-cache-hit: HIT
last-modified: Tue, 09 Mar 2021 20:32:23 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 89229acad212ad74c20ccd0ac96a8cbe.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: 7EKvgHyHKF8DQrHQYD9Aa6mHUHwGwubsMehZXVOMZ2AurXFm91pduw==
expires: Fri, 30 Apr 2021 18:51:43 GMT

GET
H2 200 b-49c6f47-67be9a36.js Show response
tagan.adlightning.com/math-aids-threatpost/ 69 KB
23 KB 51ms
49ms Script
application/javascript 13.224.106.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-49c6f47-67be9a36.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-23.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 178f058426830d14a05750625b5f6750efc3cb905e25899209cde01fcd4877af

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 01:43:02 GMT
content-encoding: gzip
age: 1362958
x-cache: Hit from cloudfront
content-length: 23203
x-amz-meta-git_commit: 49c6f47
last-modified: Mon, 05 Apr 2021 18:33:10 GMT
server: AmazonS3
etag: "a932a716635a0bdbfeda3195fd6261d6"
x-amz-version-id: NW9xaMZs.szhdoIzks3cD5Qpn1RWVACw
via: 1.1 d8c266ed74a4ecc05eeffe79fa473f7e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: KVAbfPual_JyAFB0Shw8TyYSYu-puDytCYuNoBkEpnnLSK1Uj0ywFw==

GET
H2 200 bl-d02cc15-ebf9494a.js Show response
tagan.adlightning.com/math-aids-threatpost/ 56 KB
17 KB 72ms
70ms Script
application/javascript 13.224.106.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-d02cc15-ebf9494a.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-23.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ec1a7f08fd6c787bcf44cf12976ba89759d0138cdec2209842c37929d226e1c

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:17:27 GMT
content-encoding: gzip
age: 93
x-cache: Hit from cloudfront
content-length: 17145
x-amz-meta-git_commit: d02cc15
last-modified: Thu, 29 Apr 2021 20:13:33 GMT
server: AmazonS3
etag: "6f5ecffbacffcad932c2901264370bbf"
x-amz-version-id: 5JF6GIdeJIsL05Vgo6MsG0.nwNskMUHk
via: 1.1 d8c266ed74a4ecc05eeffe79fa473f7e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: ZxifHCQFU7DbtmJ-juxz4qA_vE3rMxq-j2pbi5woKFLH9TSfpCRs_A==

GET
H2 200 pubads_impl_2021042801.js Show response
securepubads.g.doubleclick.net/gpt/ 300 KB
106 KB 40ms
15ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 29 Apr 2021 20:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 08:37:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108145
x-xss-protection: 0
expires: Thu, 29 Apr 2021 20:18:58 GMT

GET
H3-29 200 vendor-list.json Show response
qd.admetricspro.com/js/cmp2/ 286 KB
30 KB 183ms
173ms XHR
application/json 2606:4700:3031::6815:4184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/cmp2/vendor-list.json
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:4184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec95a631650981cd2ff2eecd07118042dee23fc0a3fd6ed70926fa3d94e4e5d3

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c0e1f36000003233782cf000000001
last-modified: Tue, 06 Oct 2020 19:31:27 GMT
server: cloudflare
etag: W/"4773b-5b105a5302c6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rruotakIrJ6oTW%2F2x%2Fsh%2FgmNpLd3stqIcLQ%2F2I4ZGv%2BWCdZ8neCbMoiOlxuPyWKigH3RdYWy8pgWizNwNtnsT00lbRta%2BfUubaI1MDwoJAoq5qMi9H6kLRRUIdvOVJUp"}],"max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 647b38fefb183233-FRA
expires: Thu, 29 Apr 2021 20:28:59 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 126 KB
33 KB 137ms
50ms Script
application/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: Server /
Resource Hash: 05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: oW1WkUw3q0XgFvWQKZ1dWZFi0xUowDr9
content-encoding: gzip
server: Server
age: 318
etag: 8975e8311e479cf7d71d71133ee2dff8
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bd86a70de12d26e8fcde971fee50512c.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Thu, 29 Apr 2021 20:13:41 GMT
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: oINWLrySmbr18EKjmAotjtQO7v3cD-NZHittMwZE1WGJs5ox_X-eJw==

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/115548/ Frame BA28
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/115548/connatix.player.dc.js

1015 KB
221 KB

11ms
10ms

Script
application/javascript

151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/115548/connatix.player.dc.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9645c27b5228acc34427d33f05597bb3046cb97b66d045fc5d30e50613779b71

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:59 GMT
content-encoding: br
last-modified: Thu, 29 Apr 2021 12:45:24 GMT
age: 27021
etag: "ebb1ae7b3ed5355128c0cd86e444ef90"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 225691

Redirect headers

location: https://cds.connatix.com/p/115548/connatix.player.dc.js
date: Thu, 29 Apr 2021 20:18:59 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
age: 0
accept-ranges: bytes
content-length: 0
retry-after: 0

GET
H/1.1 200
OK / Show response
kasperskycontenthub.com/ 0
398 B 424ms
103ms Script
application/javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=62421321&back=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 20:18:59 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Type: application/javascript
x-cache-hit: HIT
Transfer-Encoding: chunked
X-Debug-Auth: off
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Request-Host: kasperskycontenthub.com
X-XSS-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 163 KB
52 KB 23ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Requested by

Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63d4f8893d25b8bfc6802691a12cab78c44b2a1fa4fa883e6be58a5e66d8d496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52683
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Apr 2021 20:18:59 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/ 13 KB
5 KB 698ms
98ms Other
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: same-origin
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Connection: keep-alive
Referer: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 29 Apr 2021 20:19:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 07:58:41 GMT
Server: nginx
ETag: W/"608915b1-3496"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800 public
Connection: close
Expires: Thu, 06 May 2021 20:19:00 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 13 KB
5 KB 693ms
98ms Other
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: same-origin
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Connection: keep-alive
Referer: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 29 Apr 2021 20:19:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 07:58:41 GMT
Server: nginx
ETag: W/"608915b1-3496"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800 public
Connection: close
Expires: Thu, 06 May 2021 20:19:00 GMT

GET
H/1.1 200
OK logo.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 19 KB
19 KB 714ms
104ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Connection: keep-alive
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 29 Apr 2021 20:19:00 GMT
Last-Modified: Wed, 28 Apr 2021 07:58:39 GMT
Server: nginx
ETag: "608915af-4a32"
Content-Type: image/png
Cache-Control: max-age=604800 public
Connection: close
Accept-Ranges: bytes
Content-Length: 18994
Expires: Thu, 06 May 2021 20:19:00 GMT

GET
H/1.1 200
OK museosans-700-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 261ms
102ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Connection: keep-alive
Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 29 Apr 2021 20:18:59 GMT
Last-Modified: Wed, 28 Apr 2021 07:58:42 GMT
Server: nginx
ETag: "608915b2-51a4"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 20900
Expires: Fri, 29 Apr 2022 20:18:59 GMT

GET
H/1.1 200
OK museosans-100-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 285ms
99ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Connection: keep-alive
Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 29 Apr 2021 20:18:59 GMT
Last-Modified: Wed, 28 Apr 2021 07:58:42 GMT
Server: nginx
ETag: "608915b2-50c8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 20680
Expires: Fri, 29 Apr 2022 20:18:59 GMT

GET
H/1.1 200
OK museosans-300-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 388ms
199ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Connection: keep-alive
Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 29 Apr 2021 20:18:59 GMT
Last-Modified: Wed, 28 Apr 2021 07:58:41 GMT
Server: nginx
ETag: "608915b1-51b8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 20920
Expires: Fri, 29 Apr 2022 20:18:59 GMT

GET
H/1.1 200
OK museosans-500-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 295ms
99ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Connection: keep-alive
Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 29 Apr 2021 20:18:59 GMT
Last-Modified: Wed, 28 Apr 2021 07:58:42 GMT
Server: nginx
ETag: "608915b2-5194"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 20884
Expires: Fri, 29 Apr 2022 20:18:59 GMT

GET
H2 200 Tara-headshot.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/08/15114841/ 13 KB
13 KB 13ms
12ms Image
image/jpeg 2600:9000:206f:6a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/08/15114841/Tara-headshot.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89ce08431545cd3c6d42419d99ee0152027a68c1d0c7c82838cc9a51d9d52451

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 00:34:25 GMT
via: 1.1 9fc99ee5c5f05c23e5f643dbb0f4aeb9.cloudfront.net (CloudFront), 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Fri, 17 Aug 2018 16:22:08 GMT
server: AmazonS3
age: 11130275
etag: "dee18dfeea6de13bec60c1e5237eb723"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: HAM50-C3, FRA56-C1
accept-ranges: bytes
content-length: 13097
x-amz-cf-id: lKcDy3-tp8PSU0X7qYR_CYJZvSMJypmLeLOvKfRg5CrWoLHxuPJIzA==
expires: Sat, 17 Aug 2019 16:22:07 GMT

GET
H2 200 PromoPic2-300x138.png
media.threatpost.com/wp-content/uploads/sites/103/2021/04/21082808/ 44 KB
45 KB 13ms
12ms Image
image/png 2600:9000:206f:6a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/04/21082808/PromoPic2-300x138.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cc2442ed61a92fdfec0965866243b736e2e3b402d94a35c35000a2d5e19377b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 12:45:20 GMT
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront), 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Wed, 21 Apr 2021 12:28:10 GMT
server: AmazonS3
age: 718420
etag: "da3a0ed6c568f2ac39e2e5783a40a493"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1, FRA56-C1
accept-ranges: bytes
content-length: 45410
x-amz-cf-id: wlvzjDxhw4w_8tZjQos7kGDDpRlE2ItTaBDpBDB8NtclHO5yGqwT7Q==
expires: Thu, 21 Apr 2022 12:28:08 GMT

GET
H2 200 sewing-needle-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/02/26150212/ 19 KB
19 KB 13ms
12ms Image
image/jpeg 2600:9000:206f:6a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/02/26150212/sewing-needle-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9e6f27de18c7a916305db8af634996fd04e5535c12e2c97405c7af9cb406987

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:53:37 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront), 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Fri, 26 Feb 2021 20:02:17 GMT
server: AmazonS3
age: 365123
etag: "15d5f156aff3307aefd0766720b80876"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1, FRA56-C1
accept-ranges: bytes
content-length: 19105
x-amz-cf-id: pfzfIBTIf2142oyMHQZhBI3P5PupgkA0pDTVOstX2JRULvFhNbbEnA==
expires: Sat, 26 Feb 2022 20:02:16 GMT

GET
H2 200 Microsoft-Office-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/09/15073634/ 38 KB
38 KB 14ms
12ms Image
image/jpeg 2600:9000:206f:6a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/09/15073634/Microsoft-Office-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc66122a84b587e9985de2bc9ed2321f76dbe0b40040ec6a22ed4dbc8bb736c5

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 08:46:19 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront), 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 11:36:38 GMT
server: AmazonS3
age: 300761
etag: "905f27368513a8a1aa43dca0a634da17"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1, FRA56-C1
accept-ranges: bytes
content-length: 38695
x-amz-cf-id: C8fsyFdZLDo2hDloCYf1BC4tjmkH4bVW9O8U4LPB0AxJWcge5YEQGA==
expires: Wed, 15 Sep 2021 11:36:37 GMT

GET
H2 200 APT_Lazarus_APT-540x270.png
media.threatpost.com/wp-content/uploads/sites/103/2019/02/04145722/ 69 KB
70 KB 21ms
20ms Image
image/png 2600:9000:206f:6a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/02/04145722/APT_Lazarus_APT-540x270.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d298e0ae7130be068b724bc98b010406f7eb21467d0c8ba023ee176c15c41fa

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 07:01:57 GMT
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront), 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Mon, 04 Feb 2019 19:57:26 GMT
server: AmazonS3
age: 1084623
etag: "00c7d1cfbe98a33004b1c06672ab3c62"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1, FRA56-C1
accept-ranges: bytes
content-length: 71106
x-amz-cf-id: 0VGTJ8CBWtVm8m6rlBrOSCOzAAyVGJMo4i3hWvL6tSG7EBAWgDJtHw==
expires: Tue, 04 Feb 2020 19:57:22 GMT

GET
H2

404

avatar-default.jpg
i0.wp.com/threatpost.com/wp-content/themes/threatpost-2018/assets/images/
Redirect Chain

https://secure.gravatar.com/avatar/d067d81298f837f67d893cebeb90083a?s=60&d=https%3A%2F%2Fthreatpost.com%2Fwp-content%2Fthemes%2Fthreatpost-2018%2Fassets%2Fimages%2Favatar-default.jpg&r=g
https://i0.wp.com/threatpost.com/wp-content/themes/threatpost-2018/assets/images/avatar-default.jpg?ssl=1

65 B
65 B

31ms
14ms

Image
text/html

192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.wp.com/threatpost.com/wp-content/themes/threatpost-2018/assets/images/avatar-default.jpg?ssl=1
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: i1.wp.com
Software: nginx /
Resource Hash: 3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: EXPIRED hhn 3
date: Thu, 29 Apr 2021 20:18:59 GMT
server: nginx
content-type: text/html; charset=utf-8

Redirect headers

x-nc: HIT hhn 1
date: Thu, 29 Apr 2021 20:18:59 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: text/html; charset=utf-8
location: https://i0.wp.com/threatpost.com/wp-content/themes/threatpost-2018/assets/images/avatar-default.jpg?ssl=1
cache-control: max-age=300
link: <https://www.gravatar.com/avatar/d067d81298f837f67d893cebeb90083a?s=60&d=https%3A%2F%2Fthreatpost.com%2Fwp-content%2Fthemes%2Fthreatpost-2018%2Fassets%2Fimages%2Favatar-default.jpg&r=g>; rel="canonical"
content-length: 0
expires: Thu, 29 Apr 2021 20:23:59 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ 334 KB
131 KB 27ms
5ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://threatpost.com
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:32:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2779
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133604
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 19:32:40 GMT

GET
H/1.1 200
OK mail-plane-light.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 828 B
722 B 598ms
104ms Image
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-light.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Connection: keep-alive
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 29 Apr 2021 20:19:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 07:58:42 GMT
Server: nginx
ETag: W/"608915b2-33c"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800 public
Connection: close
Expires: Thu, 06 May 2021 20:19:00 GMT

GET
H/1.1 200
OK twitter-blue.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 868 B
847 B 239ms
102ms Image
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/twitter-blue.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Connection: keep-alive
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 29 Apr 2021 20:18:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 07:58:42 GMT
Server: nginx
ETag: W/"608915b2-364"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800 public
Connection: close
Expires: Thu, 06 May 2021 20:18:59 GMT

GET
H/1.1 200
OK museosans-700italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 15 KB
16 KB 244ms
105ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Connection: keep-alive
Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 29 Apr 2021 20:18:59 GMT
Last-Modified: Wed, 28 Apr 2021 07:58:42 GMT
Server: nginx
ETag: "608915b2-3dcc"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 15820
Expires: Fri, 29 Apr 2022 20:18:59 GMT

GET
H2 200 Text_Messaging-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/12/02081949/ 2 KB
2 KB 14ms
10ms Image
image/jpeg 2600:9000:206f:6a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/12/02081949/Text_Messaging-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79dbcaf65fbd773a5e27bf42f2c36e6c91758bd3932ef3f322761dcdc164ba69

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 16:49:45 GMT
via: 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront), 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Mon, 02 Dec 2019 13:19:52 GMT
server: AmazonS3
age: 185355
etag: "5a4ae1f7de667a27c3cdff38ad82b19e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1, FRA56-C1
accept-ranges: bytes
content-length: 1727
x-amz-cf-id: m_RY0JQBeSJwf5LEUJo095Pvs93qfKw1JylNb09lvRmqMisfgQ7gbA==
expires: Tue, 01 Dec 2020 13:19:49 GMT

GET
H2 200 IoT-City-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/08/25192407/ 2 KB
2 KB 13ms
11ms Image
image/jpeg 2600:9000:206f:6a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/08/25192407/IoT-City-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f8a0180f1faf6374a1d4fa3cb72d63d223fa6e139d1d854eb0b250be56dbfe7

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 17:13:50 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront), 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Tue, 25 Aug 2020 23:24:11 GMT
server: AmazonS3
age: 529510
etag: "b5d12e24a9b93a53fb9ade99937ae55c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1, FRA56-C1
accept-ranges: bytes
content-length: 1633
x-amz-cf-id: Nnl4xd3oCrP9WzyGYeS7m2Ni3c46olY5JzFkNz8dC0TDZg2646HunQ==
expires: Wed, 25 Aug 2021 23:24:10 GMT

GET
H2 200 bugs-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/12/09162617/ 2 KB
3 KB 15ms
12ms Image
image/jpeg 2600:9000:206f:6a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/12/09162617/bugs-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c92fded78b78e33ed04f2afa01045ef08f5b7bee1d4e22420faf621b1111a5b3

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 20:49:42 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront), 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Wed, 09 Dec 2020 21:26:20 GMT
server: AmazonS3
age: 689358
etag: "653f8b3a21406b781133ebe82180fbb1"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1, FRA56-C1
accept-ranges: bytes
content-length: 2481
x-amz-cf-id: x0WO78ipIT5YYC-CCaBmk2s7enujiNaVWtAJV_2CkQZpRcP9S7mHlg==
expires: Thu, 09 Dec 2021 21:26:19 GMT

GET
H2 200 climate-change-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/04/19111446/ 2 KB
2 KB 13ms
11ms Image
image/jpeg 2600:9000:206f:6a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/04/19111446/climate-change-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3143145c4a165c8481f6c7c3b7488069c45fead97d7b6cc8f2f5187d9ff0dc38

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 15:32:13 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront), 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 15:14:51 GMT
server: AmazonS3
age: 881207
etag: "bbfd4b068325b80e74eb1b1172a694bc"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1, FRA56-C1
accept-ranges: bytes
content-length: 1883
x-amz-cf-id: 9x4WYNMW2jlr9s9vi37X8gwPxmawRIItVmdU2JZO9gcbpiXch4KI6A==
expires: Tue, 19 Apr 2022 15:14:50 GMT

GET
H2 200 microsoft-exchange-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/04/07164022/ 2 KB
2 KB 12ms
11ms Image
image/jpeg 2600:9000:206f:6a00:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/04/07164022/microsoft-exchange-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6a00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d36998265578b1657d38d960ab7940b23e0e4c79ecb4709132768f1e14f61e73

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:03:07 GMT
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront), 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Tue, 07 Apr 2020 20:40:26 GMT
server: AmazonS3
age: 1145753
etag: "4e45b663b839a412cf5c1c7ff8ffb8da"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1, FRA56-C1
accept-ranges: bytes
content-length: 1616
x-amz-cf-id: GN9DSQQ_BsNlQgWIq_cXfvxLgVVJp0YLhfATWX-lco_RJ0FOM3MbfA==
expires: Wed, 07 Apr 2021 20:40:25 GMT

GET
H2 200 connatix.player.css
cds.connatix.com/p/115548/ 54 KB
8 KB 9ms
9ms Stylesheet
text/css 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/115548/connatix.player.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f1c022aff023cba27a95c593e440595dfb6f16413a18483866e74a56e2563db5

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:59 GMT
content-encoding: br
last-modified: Thu, 29 Apr 2021 12:45:24 GMT
age: 27021
etag: "fcaa0ea82bb0765612e6ce7eef717e24"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 8363

GET
H/1.1 200
OK mail-plane-large-dark.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 812 B
722 B 504ms
307ms Image
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-large-dark.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Cookie: _ga=GA1.2.964722461.1619727540; _gid=GA1.2.845551282.1619727540; _gat_UA-35676203-21=1
Connection: keep-alive
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 29 Apr 2021 20:19:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 07:58:42 GMT
Server: nginx
ETag: W/"608915b2-32c"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800 public
Connection: close
Expires: Thu, 06 May 2021 20:19:00 GMT

GET
H/1.1 200
OK logo-white.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 10 KB
10 KB 302ms
105ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo-white.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Cookie: _ga=GA1.2.964722461.1619727540; _gid=GA1.2.845551282.1619727540; _gat_UA-35676203-21=1
Connection: keep-alive
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 29 Apr 2021 20:19:00 GMT
Last-Modified: Wed, 28 Apr 2021 07:58:42 GMT
Server: nginx
ETag: "608915b2-260a"
Content-Type: image/png
Cache-Control: max-age=604800 public
Connection: close
Accept-Ranges: bytes
Content-Length: 9738
Expires: Thu, 06 May 2021 20:19:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2306
date: Thu, 29 Apr 2021 19:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Thu, 29 Apr 2021 21:40:33 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 25ms
7ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:59 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 06 May 2021 20:18:59 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 23ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:59 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 70047
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1619727540.656560,VS0,VE0
x-served-by: cache-hhn11551-HHN

POST
H/1.1 200
OK pls Show response
capi.connatix.com/core/ Frame BA28 10 KB
4 KB 475ms
133ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 21be1fd4130a8faa9372238549023577f886b4fe7ad0a445b8811e60aa8ebb04

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK museosans-300italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 23 KB
23 KB 357ms
100ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
Connection: keep-alive
Origin: https://threatpost.com
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1619596723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 29 Apr 2021 20:18:59 GMT
Last-Modified: Wed, 28 Apr 2021 07:58:39 GMT
Server: nginx
ETag: "608915af-5bac"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 23468
Expires: Fri, 29 Apr 2022 20:18:59 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 123ms
42ms XHR
application/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 69327
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Thu, 29 Apr 2021 01:03:32 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 bba411d0a1e93905fdec1b327205fbe0.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: iODP1lWfNcWfFNg_KE1H-eIRZAJmyQ-4OyzbjWgpKj_LleRH-PaB7Q==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&aip=1&a=2019940582&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&ul=en-us&de=UTF-8&dt=Google%20Chrome%20V8%20Bug%20Allows%20Remote%20Code-Execution%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1719062080&gjid=1465108114&cid=964722461.1619727540&tid=UA-35676203-21&_gid=845551282.1619727540&_r=1&gtm=2wg4l3PM29HLF&z=1362687347

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:18:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&aip=1&a=2019940582&t=event&ni=0&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&ul=en-us&de=UTF-8&dt=Google%20Chrome%20V8%20Bug%20Allows%20Remote%20Code-Execution%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VISIBILITY&ea=elementVisibility%20%2F%20%5BHeader%5D%20%2F%20Social%20Networks%20View&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=964722461.1619727540&tid=UA-35676203-21&_gid=845551282.1619727540&gtm=2wg4l3PM29HLF&z=166193539

Requested by

Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 03:06:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61950
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-_7kVx0t9Jqj90.js Show response
rules.quantcount.com/ 2 B
353 B 131ms
38ms Script
application/javascript 2600:9000:20c8:b600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-_7kVx0t9Jqj90.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:b600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:00:24 GMT
via: 1.1 6e828213221a8cbea0c54b35955f0008.cloudfront.net (CloudFront)
server: AmazonS3
age: 1114
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: MAD50-C1
content-length: 2
x-amz-cf-id: xWSqT2KrAxq38i_KJsqCpsS9DZ-5DnfSoVMwK57MJHc2lhtHAl3hXA==

GET
H2 200 adsct
t.co/i/ 43 B
458 B 138ms
122ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 29 Apr 2021 20:18:59 GMT
server: tsa_devel
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 1764bd4d111a25a1e484315b96c225467cb5d93f67b7a69be0f8faf474a817b3
x-transaction: ce89bc4889196066
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-35676203-21&cid=964722461.1619727540&jid=1719062080&gjid=1465108114&_gid=845551282.1619727540&_u=YEBAAEAAAAAAAC~&z=363478345

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 29 Apr 2021 20:18:59 GMT
content-type: text/plain
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 32ms
32ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-35676203-21&cid=964722461.1619727540&jid=1719062080&_u=YEBAAEAAAAAAAC~&z=415836084

Requested by

Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:18:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-35676203-21&cid=964722461.1619727540&jid=1719062080&_u=YEBAAEAAAAAAAC~&z=415836084

Requested by

Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:18:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST error
quantcount.com/log/ 0
0

GET
H2 200 flipboard.svg
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/ 236 B
565 B 446ms
436ms Image
image/svg+xml 2600:9000:20c8:6000:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/flipboard.svg
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=dd3adbbd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:6000:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=dd3adbbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 29 Apr 2021 20:19:00 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 07:58:42 GMT
server: nginx
x-amz-cf-pop: MAD50-C1
etag: W/"608915b2-ec"
x-cache: Miss from cloudfront
content-type: image/svg+xml
via: 1.1 89229acad212ad74c20ccd0ac96a8cbe.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
x-amz-cf-id: aHjk19d0MyFUxiH-TZ-7UBrqRoXuupsoKOah8ul3U5N31Mv_EP0zTg==
expires: Thu, 06 May 2021 20:19:00 GMT

GET
H2 200 fontawesome-webfont.woff2
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/ 75 KB
76 KB 676ms
585ms Font
font/woff2 2600:9000:20c8:6000:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=dd3adbbd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:6000:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://threatpost.com
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=dd3adbbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 29 Apr 2021 20:19:00 GMT
via: 1.1 06bb36c6f8415e5c64e03df316bffb5b.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 07:58:43 GMT
server: nginx
x-amz-cf-pop: MAD50-C1
etag: "608915b3-12d68"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 77160
x-amz-cf-id: DKSbl1H5q4DG8xR5MdV-DBIaJb-KmWz4H2yf67CKYrWL_LX1Ot4yLA==
expires: Fri, 29 Apr 2022 20:19:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
650 B 142ms
125ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 115
pragma: no-cache
last-modified: Thu, 29 Apr 2021 20:19:00 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: de694c8cba1dbc79bcb3d39fd664f020
x-transaction: 00e77bb100c58c93
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame BD2B 20 KB
11 KB 23ms
23ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&theme=standard&size=normal&cb=ijiug7kz7kzo

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1fae2fa71985777563e10e045cfe8fdce2e2fb76702df565b713cac43b684e73

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VuBKcZBjPA20S0fr+8VzzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&theme=standard&size=normal&cb=ijiug7kz7kzo
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://threatpost.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Apr 2021 20:19:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-VuBKcZBjPA20S0fr+8VzzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10889
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 blockedDomains_1.bin Show response
lit.connatix.com/08d79ac9-d151-59b7-8ffc-1666f862d246/ Frame BA28 51 B
265 B 56ms
15ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lit.connatix.com/08d79ac9-d151-59b7-8ffc-1666f862d246/blockedDomains_1.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 814221921d936293a6dcceebe84bea01d2a40a18be1072d4b216914014532e2a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:00 GMT
content-encoding: gzip
fastly-restarts: 1
last-modified: Tue, 16 Feb 2021 13:25:11 GMT
age: 1265068
etag: "6867d1891d8793fd49a645adb5b6b6c3"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 62

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame BA28 0
295 B 119ms
119ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 24ms
23ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

b0c6e728aedbbdacc810656b61589c89e562b08543e5d2528a012243a75a4064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "857 / 947 of 1000 / last-modified: 1619694510"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21253
x-xss-protection: 0
expires: Thu, 29 Apr 2021 20:19:00 GMT

GET
H2 200 2_media.bin Show response
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/ Frame BA28 285 B
340 B 39ms
32ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d54c0c98ed5e002c65c921660fb38e112df05729e921a539a48d7563bd4d0cf1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:00 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 22:46:46 GMT
age: 101329
etag: "81b293b09d4923ee8c44b62bbdd60872"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 249

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BA28 334 KB
115 KB 55ms
18ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Thu, 29 Apr 2021 20:19:00 GMT

GET
H2 200 1.png
img.connatix.com/c2ecd04f-0dca-4ffa-8761-d93b34717380/ 6 KB
7 KB 46ms
12ms Image
image/png 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/c2ecd04f-0dca-4ffa-8761-d93b34717380/1.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:00 GMT
age: 1796081
etag: "CDlq0wWU2N6Hha9Y1OkqKS7K/JyWAUvXYL5GlZ2se8g"
access-control-max-age: 86400
fastly-io-info: ifsz=8114 idim=288x42 ifmt=png ofsz=6487 odim=288x42 ofmt=png
access-control-allow-origin: *
cache-control: max-age=31557600
fastly-stats: io=1
accept-ranges: bytes
content-type: image/png
content-length: 6487

GET
H2 400 / Show response
graph.facebook.com/ 202 B
596 B 91ms
42ms XHR
application/json 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d7bd0f1bb4e97d2514eb040d79dda8f9a0c3a53b0e3914dd7f82ef14abfb912

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1003707807
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 151
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: fa7px5RRon98xLKMd630SuNTzh6fbwMpbngSxHEW+gOClL5dk4SYYeqmsNsVXMDkIQscWEk26PldAoTg/yh9sg==
x-fb-trace-id: Gv0JQ1qPB4J
date: Thu, 29 Apr 2021 20:19:00 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-fb-request-id: AT5zU5Cp3_BOOxv_9cQDLJY
cache-control: no-store
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 404 share
www.linkedin.com/countserv/count/ 0
0 143ms
143ms Script
text/html 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linkedin.com/countserv/count/share?url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&format=jsonp&callback=jQuery1124024082741293771015_1619727539300&_=1619727539301
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 info.json Show response
www.reddit.com/api/ 102 B
1 KB 145ms
116ms XHR
application/json 151.101.113.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

f4f2c0a4763f01ee2b13b4f8189e6fd5f32bd704d71fed8d0f11883de9724198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:00 GMT
via: 1.1 varnish
x-content-type-options: nosniff
content-length: 102
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
server: snooserv
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: -1

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6287 20 KB
11 KB 25ms
25ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d6cdc35b3c8b842725fabc25a2f5f3aa619f9f28cdc04f898a7f4a41aa401338

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PN8ooG7ZhHKEcVUgdjt1nA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&theme=light&size=normal&cb=yr0xnkx92r33
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://threatpost.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Apr 2021 20:19:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-PN8ooG7ZhHKEcVUgdjt1nA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10883
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame BA28 0
295 B 252ms
251ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 prebid4.36.0.js Show response
cds.connatix.com/p/plugins/ Frame BA28 335 KB
93 KB 15ms
13ms Script
application/javascript 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/plugins/prebid4.36.0.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bf03f141aea69052f28b247a7fe480fcaf754fcb8284ac79abf6926d52fc43f3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:00 GMT
content-encoding: br
last-modified: Fri, 23 Apr 2021 08:41:22 GMT
age: 304562
etag: "b1327a56e07be2213ad3394e3800511a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 95002

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame BA28 296 B
524 B 525ms
185ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 75e108ea8e2a6431a6829c3ee869a2c7c606a6f2c6eed89792a11bf31a3828a2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 248

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame BA28 0
295 B 351ms
116ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 1_th.jpg
img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/ 8 KB
9 KB 20ms
16ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/1_th.jpg?crop=400:225,smart&width=400&height=225&format=jpeg&quality=60&fit=crop
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ae63b86b57288bbfe0165058fb76ff8836aac5a749713428a95225a28265122b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:00 GMT
age: 53679
etag: "m03uoFKbyxNeiBJVHm5eHzI6CToGrLfDVxXRgtG6MTA"
access-control-max-age: 86400
fastly-io-info: ifsz=90487 idim=2560x1440 ifmt=jpeg ofsz=8597 odim=400x225 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=31557600
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 8597

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame BD2B 51 KB
25 KB 16ms
14ms Stylesheet
text/css 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&theme=standard&size=normal&cb=ijiug7kz7kzo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 16:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
age: 14898
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Fri, 29 Apr 2022 16:10:42 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame BD2B 334 KB
131 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:32:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2780
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133604
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 19:32:40 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9A19 570 KB
570 KB 20ms
6ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://threatpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 583201
date: Thu, 29 Apr 2021 15:46:56 GMT
expires: Fri, 29 Apr 2022 15:46:56 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16324
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame BA28 44 KB
17 KB 44ms
13ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Thu, 29 Apr 2021 20:19:00 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8EB5 570 KB
570 KB 8ms
6ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://threatpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 583201
date: Thu, 29 Apr 2021 15:46:56 GMT
expires: Fri, 29 Apr 2022 15:46:56 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16324
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6157 570 KB
570 KB 8ms
6ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://threatpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 583201
date: Thu, 29 Apr 2021 15:46:56 GMT
expires: Fri, 29 Apr 2022 15:46:56 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16324
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 6287 51 KB
25 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 16:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
age: 14898
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Fri, 29 Apr 2022 16:10:42 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 6287 334 KB
131 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:32:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2780
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133604
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 19:32:40 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
367 B 88ms
87ms XHR
text/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&pid=A6w9WWTkPeCtz&cb=0&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22id%22%3A%22Amazon_400x225%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=0&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:00 GMT
via: 1.1 bd86a70de12d26e8fcde971fee50512c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MAD50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 9wY2z07WdpF5P-p1KuUZUfqiuV8_sMh3ZoO3cpVtojeWK-s0ks3btg==

GET
DATA 200
OK truncated
/ Frame BD2B 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BD2B 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame BD2B 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 87989
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Wed, 05 May 2021 19:52:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BD2B 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 21:46:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 167580
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Wed, 27 Apr 2022 21:46:00 GMT

GET
H3-29 200 4zEtDJej0gbMAtoXDEpBL-lX4_wzAnUzytr4Uik6g-k.js Show response
www.google.com/js/bg/ Frame BD2B 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/4zEtDJej0gbMAtoXDEpBL-lX4_wzAnUzytr4Uik6g-k.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3312d0c97a3d206cc02da170c4a412fe957e3fc33027533cadaf852293a83e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&theme=standard&size=normal&cb=ijiug7kz7kzo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 16:00:00 GMT
server: sffe
age: 356
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5771
x-xss-protection: 0
expires: Fri, 29 Apr 2022 20:13:04 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B1AA 36 KB
13 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1073
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Thu, 29 Apr 2021 21:01:07 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame BD61 36 KB
12 KB 29ms
10ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1073
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Thu, 29 Apr 2021 21:01:07 GMT

GET
H3-29 200 4zEtDJej0gbMAtoXDEpBL-lX4_wzAnUzytr4Uik6g-k.js Show response
www.google.com/js/bg/ Frame 6287 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/4zEtDJej0gbMAtoXDEpBL-lX4_wzAnUzytr4Uik6g-k.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3312d0c97a3d206cc02da170c4a412fe957e3fc33027533cadaf852293a83e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&theme=light&size=normal&cb=yr0xnkx92r33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 16:00:00 GMT
server: sffe
age: 356
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5771
x-xss-protection: 0
expires: Fri, 29 Apr 2022 20:13:04 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame BD2B 102 B
131 B 17ms
17ms Other
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5d77edb71e1031ff06541a7a2bd05cd3dbc3bfd5434711bae081fc06f8791558

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&theme=standard&size=normal&cb=ijiug7kz7kzo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Thu, 29 Apr 2021 20:19:00 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0EAD 36 KB
12 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1073
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Thu, 29 Apr 2021 21:01:07 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6287 102 B
131 B 17ms
17ms Other
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5d77edb71e1031ff06541a7a2bd05cd3dbc3bfd5434711bae081fc06f8791558

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&theme=light&size=normal&cb=yr0xnkx92r33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Thu, 29 Apr 2021 20:19:00 GMT

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame BA28 117 B
403 B 268ms
165ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 1bf36f722320de68e1ee53c54f807863e99a9ef5b7059d999dce985c01cdc23c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 127

GET
H2 200 playlist.m3u8 Show response
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/ Frame BA28 309 B
249 B 23ms
23ms XHR
application/x-mpegurl 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/playlist.m3u8
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:00 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 22:46:46 GMT
age: 104446
etag: "8a966507b13615ecdc1330a4bc9dcfe1"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 164

GET
H2 200 0.m3u8 Show response
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/ Frame BA28 606 B
371 B 22ms
21ms XHR
application/x-mpegurl 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/0.m3u8
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aefed2e2f730bc16ac245fe5a74dbd7cce0bd1b0a45eae47fb8d55244cb349f8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:01 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 22:46:45 GMT
age: 104447
etag: "adcad7c648cf376b35dd121c6ebdc6f6"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 256

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 3348 7 KB
1 KB 19ms
18ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&cb=4vl4nl1enud

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a0487787d0ea9f0db45895112d87f846589c8fdc5a56c0150a64c26c8e53943a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ca/CThrKJG3nkpCXxqUUZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&cb=4vl4nl1enud
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://threatpost.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Apr 2021 20:19:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-Ca/CThrKJG3nkpCXxqUUZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1113
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 74ED 7 KB
1 KB 19ms
18ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&cb=11nlpqv1shsy

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b171ad7708dc76541c3fe7adc60166c466ab97a57f458b6f6ba5b52b7a30cb29

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kGoMkRM2cLfLFVo5haoGYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&cb=11nlpqv1shsy
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://threatpost.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Apr 2021 20:19:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-kGoMkRM2cLfLFVo5haoGYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1113
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/ Frame 0
0 21ms
21ms Preflight 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/0.mp4
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
access-control-allow-methods: *
access-control-allow-headers: range
accept-ranges: bytes
date: Thu, 29 Apr 2021 20:19:01 GMT
access-control-max-age: 86400
cache-control: max-age=31557600
access-control-allow-origin: *
content-length: 0

GET
H2 206 0.mp4 Show response
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/ Frame BA28 1 KB
1 KB 18ms
17ms XHR
video/mp4 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/0.mp4
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b5d0d2962dc3bdfce6195ca4b0545c324a09ffccf7b4f3801cfb70538ecaff1e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-1361

Response headers

date: Thu, 29 Apr 2021 20:19:01 GMT
last-modified: Fri, 19 Mar 2021 22:46:45 GMT
age: 72683
etag: "d98c83b5c51d9565e3af1088ef59690a"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1361/4908921
cache-control: max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1362

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame BA28 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 20:19:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame BA28 2 B
327 B 114ms
114ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: ffdbea2a5a9959ea5f9809139a0178c725fa9474a88f1cfe10f702bdb35c3cc0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 206 0.mp4 Show response
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/ Frame BA28 772 KB
772 KB 17ms
16ms XHR
video/mp4 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/0.mp4
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6e4880a5fa66ebe5c6344ba5ae5668ab8f898db1e5e0f1c24e22bfda79933356

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=1362-791485

Response headers

date: Thu, 29 Apr 2021 20:19:01 GMT
last-modified: Fri, 19 Mar 2021 22:46:45 GMT
age: 72683
etag: "d98c83b5c51d9565e3af1088ef59690a"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 1362-791485/4908921
cache-control: max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 790124

OPTIONS
H2 200 0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/ Frame 0
0 17ms
17ms Preflight 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/0.mp4
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
access-control-allow-methods: *
access-control-allow-headers: range
accept-ranges: bytes
date: Thu, 29 Apr 2021 20:19:01 GMT
access-control-max-age: 86400
cache-control: max-age=31557600
access-control-allow-origin: *
content-length: 0

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 3348 51 KB
25 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&cb=4vl4nl1enud

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 16:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
age: 14899
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Fri, 29 Apr 2022 16:10:42 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 3348 334 KB
131 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&cb=4vl4nl1enud

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:32:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2781
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133604
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 19:32:40 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 74ED 51 KB
25 KB 10ms
10ms Stylesheet
text/css 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&cb=11nlpqv1shsy

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 16:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
age: 14899
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Fri, 29 Apr 2022 16:10:42 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 74ED 334 KB
131 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfsdrAaAAAAAMVKgei6k0EaDBTgmKv6ZQrG7aEs&cb=11nlpqv1shsy

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:32:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2781
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133604
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 19:32:40 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8EB5 156 B
854 B 287ms
262ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6148&description_url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1574064686971617&cust_params=domains%3Dthreatpost.com&sdkv=h.3.453.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2940233645&sdk_apis=2%2C8&sid=49C88850-FA6E-4E80-8451-1E531A3BBD78&eid=44730464%2C44739826&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&dt=1619727541497&cookie_enabled=1&scor=294906353919028&ged=ve4_td2_tt0_pd2_la2000_er974.1199.1127.1499_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/ Frame 0
0 16ms
15ms Preflight 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/0.mp4
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
access-control-allow-methods: *
access-control-allow-headers: range
accept-ranges: bytes
date: Thu, 29 Apr 2021 20:19:01 GMT
access-control-max-age: 86400
cache-control: max-age=31557600
access-control-allow-origin: *
content-length: 0

GET
H2 206 0.mp4 Show response
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/ Frame BA28 638 KB
639 KB 22ms
21ms XHR
video/mp4 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/0.mp4
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: af65dbdaee4d0a826e68202477ea4bcc32577f7bcd6c6ac79be55dc9311df1d0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=791486-1444893

Response headers

date: Thu, 29 Apr 2021 20:19:01 GMT
last-modified: Fri, 19 Mar 2021 22:46:45 GMT
age: 72684
etag: "d98c83b5c51d9565e3af1088ef59690a"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 791486-1444893/4908921
cache-control: max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 653408

POST
H/1.1 200
OK mq Show response
capi.connatix.com/tr/ Frame BA28 0
295 B 117ms
116ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/mq?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame BA28 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 20:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6157 25 KB
7 KB 312ms
298ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F2570&description_url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3132939416064185&cust_params=domains%3Dthreatpost.com&sdkv=h.3.453.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=1609378964&sdk_apis=2%2C8&sid=213A7CCB-E003-4420-9C95-9B183EC52F8F&eid=44732023%2C44739826&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&dlt=1619727539073&idt=2315&dt=1619727542308&cookie_enabled=1&scor=203057813276471&ged=ve4_td3_tt1_pd3_la3000_er974.1199.1127.1499_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

8bb2bc71eddbb5647482329a474d058da4688d3913476676d31600a1f9bcedfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6660
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 6157 19 KB
11 KB 75ms
46ms XHR
text/xml 74.125.140.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C7rRVM4gXjdrHWdZPEPZMufQZLvP5wjr-7bQHg09RM7XpVpMmQ-0pAfeTBORq5jYm25zTG5eUIo4ngQjP6jdNsY2FF7w&dbm_d=AKAmf-DEzP5yU5Tnd3vDGFnNC1kCE0D2sQEgQhjAz05dKwy1MtXpHaRh3drfLQtq9AAGbjG6DOiFgjOSvzYucDYPtWFSRFsxgdecIMn8Zm8iAZl2mo1-Y3sHq6kxtpbPApofs8K00_EkdIuSHJbXivgDIoZLdFaFZCz5bj94src4TrmWFyx3zP6NKIQh_61PK0d8GQyMNUiSsEEW1cMBLwEfD7fuejPU6UytMooVKIj3K843oUxxpmmJd_ozxi0ljMw2KCiTE45iIkePIYPHr155W6tZdzKH5UOnQs1UPGcqeeOrOpe98YiWNy8QfHauuOLhzZSlR5T6_LR4qQR9HYKmZ2pXymfM2kuwYpiIwr_y21XlMi56Ef5ATyS-tyDTqkBTsGLOs3u-8-L-Dv73ZmecGRrRFe-8FxhGEsXY0gItTxiO4ymU29aJrWhmbuB7ERyp-T3yVGkPXkKrSfvBngaz0aHnp2TpNSOLuI1q7by8zjfMggGYIYKo_6phStUMdbTJCpjx0FYScOjp-_jiDUmII4vyss6eRGlSGdahL945RnAq481yU2GBAUEIJ9pnFQ6ucBH4Ad4D0kg82Kn3ZpQ6MikPW95Y55BQ6mvccO6f23kQxnEEXuZE7rcXuNPLEZiIt5uB26xXvfeLrTZuzsSJX4r7656lZYC3KCjy0gZb-uIo34W2quy8CFNOzWjJecq87rZzdG1bF9g7fIo9lm_Y_oYjtt7pjhOltEIGtmvmOAjgjO9WcjAPl2pU5lgpDJZN71Of99w9LbrZeREJ2JNJZWoMPD-_KMUOS90KrXz3-__gEBedjWmbt3Bw_3PKh9vvZmKAtwNj_NTOjtYssxMAXnv3bYGKcadZHokrJezCleEouIg4i1XuCdMxI1HmN06ePU6GglQsnUDMGovoVo9uOOCsLSe6Vm026lmGo9rhMk0Oz7OD4H-nV7qgXwOTMSCJueb7fneJRH2mJVobw-014NWxs5kw3jwJcTqs0vQ-m8jaf5UAiYhQXUufjQBYHbOgWPasKDa6df0L_KUullphqU4jdgOUo_hflaZuYxrbBJdsKNrGDBJSQQA6kgsZUVXIdnU-YUOdC2rCbR65mL_zTKBGkMjSoW2v-yC1vy0_kJFiZbH7xA33vjSZqUvI3a5Ar8c_-e3p3gytSy9a4tuano1ZLgpzB-kHrIzVlF3ko50TqwCY3g59HECwwVsPLAHdMqPHVRphE4hpMxPh3LCApGdXJ6mcp2uWDExRLptwTLRGsTiYprh2ERfjh-g-bf5Og3qtgxyDIjP9kQXX_XBq2xJylWCQv04nftd_GsF0EGZKlX4dQ2jodNlAKNq8wkgcWig3E9jWtzd5YeIjbPB9C8AT-b8gpVypcjSGtPinz_bvsRDkrz1O_lNmoZVct_E9eimGf8V2r6htjvzFPYFEOzSNrv5Xg0hQ8EKIjgc1jdLB3SiQ_1xxU7pyTokXP2F400wNlUkJv9UnXx4zwhapig4GHEbZQ3gyDosBgTB4Nj2VrpCeQkFBZ6KUtZ1EDaVyxyiB2JP53Sy_dQOve5n0Mq1uJWcFTg9Q-ONwo2w0Wl1nfxkB-tIj4m3ZCeHJ4wp5IQDknBmUw62pDatR_lKM8kFD3zsRrJCFY4xloC_4xel8rnj20kLty2n-4maPOTjLw6xp15fOlH1_ooSsoTh1hWTwqX4mDuR489cZ6aejAiE6DI6uQsm_bezfHMhh6I7NM0WTCbt5d8kk-vIq0lzqvUDUbctm98jgmLr_COJMEUeaqGospM-aOJJjJFJSYrI6rTc876_DQbESkWv9I9vGQjTg7K2OY7WdwLEJOUwVdw-5MZo5smLsZmrEIydVZ8DrF8bAx6E9P9L4uJjzFDBfw4lUz2RCbH3ahv7XVnCrUZ_BvC5ryl7Dphq4YIQEpaUcj97d1MzbIjAn1m1YMCVho-yh84jybQSu-N1Vfc2_oqu_f_6CSYYw3Tzc8VgnjbWiIDL6gvaz4zL3EByTTvh-2czQ7j4uIl3AkGdCl1t3ZQEm9EvmKZ_0Je3Th0jRqBDx3WrW6KPQvWxxCTLM4BteOpGhw0RW2m4s2P_Tf5OMh2JmnqyzWzfkzTb0MdmbAjPFqkFkmFT_wHgR5MJB5LfvZknNPwmemr_z38eIWxc5GSxZwTEE76otPEUpqbVNNWXraULqiivgTDdwOloAddPdglwfERV1YLUTPNzwsO8kVs4mKDmdtut_lzcZQT9CJo3aT1Dq8u7qdo1vPJAQFo2DhBP6lfZ6_H8LbNfGild-KmRHKmm-qTAfZ6Hbm-hlYop5MMwCabJHi10EKZcwIH5RGzMXbavWloVtMeIFGDZ8gQIZLBAtCkl5x4SgrXJvVq1yGHm8cqI6W5N823kIrXF3wGMWb_teFWHY1ccAY90hZmzXPOO998TffejkCIO43l_WqqlubzH3TXCKXjHPpPeHEyipt3TX6gOjeodYxjw3iuRq4TbpRr_bajheDEPdzAH5_rdyKKOYZZjUGhu-pe-7Nn3P1MPFc_eeRjNr0b2U4xTiZtiazrawLRJtlM6B3oTwEGx0aWbD_8Vz27s3cTLLm98Xtep_73388PsTNYZmkml2XAX2ZjY7qLNnht2jG_glb_prAk9IDsV3xH1t764Xo1VDAJDYJZ8ltHCYrrSBKS-efxIoCG5jfDoRY6QODinajWaBx1nMUwyrMw_OU0NqU6UjVxqDy0ckJiUtT2Hn9jhlrO-mH45AWECIE-KP1hVcn6w4GsJ9V-KdoaM5G0OHeUTo-heS1FuLvVBydovP4iky94FL9rjATr3Xg6Er0h0bJfik-tRGZhR7Cr-jwCDxmvUPKnNhGs6pTOyA4TQ1tLkQWggm_n-prbPVLhhtpDz1i580VlETR3O0YrSAzRvwRTMfDLTZR0dfNtmHhCh3BnXivYMOlDD07brY6uN79ZHHSR33OO-ZCt3TTEFDe2nh6QCH88JpYgOsSOC22as_newHEnO6MBsRN6io2ncF0Dp8et1RojPAiOrlqzibzj_AZwB83aQDOZLHxxCwwopIAWbKsePQwmgzvWse52Vv-4i7FtsRdpu3&cid=CAASEuRoA0nkMf-jAIVXSiyZd_K_vQ&sdkv=h.3.453.0&osd=2&frm=1&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=1609378964&sdk_apis=2%2C8&sid=213A7CCB-E003-4420-9C95-9B183EC52F8F&eid=44732023%2C44739826&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&dlt=1619727539073&idt=2315&dt=1619727542634&ged=ve4_td4_tt2_pd4_la4000_er974.1199.1127.1499_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f157.1e100.net

Software

cafe /

Resource Hash

ed966e2ee7710ca70eece0f61e4c0705fa46a7d41b9408c01cddd3cbc82d8ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11184
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 53794595 Show response
unified.adsafeprotected.com/v2/682720/ Frame 6157 20 KB
4 KB 232ms
133ms XHR
text/xml 34.249.222.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unified.adsafeprotected.com/v2/682720/53794595?mon=53794596&omidPartner=-1&apiframeworks=2,8&bundleId=[BUNDLEID]&originalVast=https://ad.doubleclick.net/ddm/pfadx/N418801.3478950AMNET-DV360/B25571066.299779583%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.3.453.0%3Bdc_osd%3D2%3Bdc_frm%3D1%3Bdc_adk%3D1609378964%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/%3Bdc_vast%3D4%3Bdc_ves%3DdGltZXN0YW1wOiAxNjE5NzI3NTQyNjk5Cg%3Bdc_cid%3D148504777%3Bdc_adid%3D492609029%3Bdc_vpaid%3D0%3B
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.222.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-222-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3af36df6ac4cd29af5a06e8a7e477bd0328c128565cb1d1e7d84e0b7118e4218

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 20:19:02 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 3877

POST
H/1.1 200
OK sv Show response
capi.connatix.com/tr/ Frame BA28 0
295 B 117ms
117ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sv?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H2 204 csi
csi.gstatic.com/ Frame 6157 0
331 B 999ms
246ms Ping
image/gif 142.250.218.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ko3byhl2&c=7775720181398&slotId=3887860090699&qqid=CN2ZrqajpPACFczAuwgdFGYEQg&gqid=thSLYPWwFP3C7_UPmKKvkA8&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&wta=1&ghmsh_eids=44732023%2C44739826&vmfc=19&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.218.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: gru14s26-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6157 42 B
121 B 18ms
18ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B372 50 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 826
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Thu, 29 Apr 2021 20:20:16 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6157 42 B
64 B 33ms
17ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
pubads.g.doubleclick.net/pagead/ Frame 6157 0
0 44ms
44ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CqRpNthSLYN3mFcyB7_UPlMyRkATYnKqMYp_om6TcDau7ivyXIhABINKW5jhglfrwgYwHoAH8_8vxAsgBBagDAcgDE5gEAKoE6QFP0G3sgsJl0UlF_NcHt-GB4L-ibzpDSP2eBf8kfN-C3gW7bzPGHiQIs_puE5YJMp2dKJ-wL2OvDsI_Qs8RtWRctmucxwlCEEor_hRfueWHiv973DwAHKwwu1jne-qsiOD3jbHV1Lwvj7ju90A6R0cmmohLSlQjgL2ab4nzD5OACVF5kD6stfobjKOukYE5NkptQLYlPCkyOOTygzF8bD_vsKN1Ia7jWe-V5H5NbQ-hNg3rhgGwOTPE-vo5fk8q263VDFCeec758bBJWXxgjOsXL_9kPqqDGaApORryMWOHu1f2l5I89HuxYMAE9bjU-r8D4AQDiAXH7IGTL5IFBggDEAIYAZIFBggbEAIYAZIFCwgiEAIYAUilnoABkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAfs_7OOAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUb2AcA8gcLEID06gEY0efZogHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEzNTY2MzI4NjIzNTQ0ODaACgPICwGwE8DhlAvIE5bo3QnQEwDYEwqIFAHYFAGyFxoKGAgAEhRwdWItMTkyOTYxNTY5NDM3MzEwMw&sigh=lc0g6eS0L1M&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&cid=CAQSPACNIrLM-QQR49ETQY9BGn5UQ2gUPIryhD7VUuB74C_97EexTMqBnpmfbNdKZGXmup-zqewvm4rEkmXXqg&vt=10&sdkv=h.3.453.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MTEyMTI3NTA2MjdAuwIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0OTI2MDkwMjkyCTE0ODUwNDc3N0BOCl8IARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDkyNjA5MDI5MgkxNDg1MDQ3NzdA6wFSHiUAAMBAKAE6CzE0ODUwNDc3Ny0xQgRHRENNUABgARgB
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 vpaid.2021.02.11-11.02-19676e0.js Show response
static.adsafeprotected.com/ias/v1/ Frame B372 176 KB
42 KB 46ms
14ms Script
application/javascript 2600:9000:20e8:e000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.02.11-11.02-19676e0.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40ca98c145bf27de21e87e43748da8e926d8986e851f3e6747cafc4da373bca2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ZsEmUm3s8P8exdmAU5RZZ00nN1LdAgYK
content-encoding: gzip
etag: W/"14bdef8489e0d98a23c89039d178011f"
age: 7707
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 11 Feb 2021 16:29:40 GMT
server: AmazonS3
date: Thu, 29 Apr 2021 18:10:37 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 2d69f677a4a0e3e7eefdf9d24bd43661.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: JGRs7YROQ1EKSEsF5anB4Jlnehrd3GEAXDKrEWTRjQdOZKtUzpMj9Q==

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/db2/video/682720/53794595/ 40 B
383 B 108ms
44ms XHR
application/javascript 52.30.14.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/db2/video/682720/53794595/skeleton.js?videoId=55b8a13caece0d1009dcc6831da7f6d7&adsafe_url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&adsafe_type=abdq&adsafe_jsinfo=br:u
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.02.11-11.02-19676e0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-27.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:03 GMT
content-encoding: gzip
x-server-name: app28.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://threatpost.com
access-control-expose-headers: X-Server-Name
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/fwjsvid/st/682720/53794595/ 222 KB
73 KB 118ms
55ms Script
application/javascript 52.30.14.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/fwjsvid/st/682720/53794595/skeleton.js?videoId=55b8a13caece0d1009dcc6831da7f6d7&apiframeworks=2,8&bundleId=[BUNDLEID]&mon=53794596&omidPartner=-1&xmapp=0&xmtp=v&xsId=814ff91d-8e17-424f-b71e-889bfe558c36&adsafe_par=&logTestResults=false
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-27.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6ca5e7ce5a8b75bcf39f2b53c7f3f987cfa47d458dcf4438501d8f53c5bcdf5

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:03 GMT
content-encoding: gzip
x-server-name: app27.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET

file.mp4
r4---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/a6c8652727d81f2f/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634454/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m...
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/a6c8652727d81f2f/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634454/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r4---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/a6c8652727d81f2f/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634454/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

GET
H/1.1

206
Partial Content

https://gcdn.2mdn.net/videoplayback/id/a6c8652727d81f2f/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634454/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r4---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/a6c8652727d81f2f/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634454/sparams/acao,ctier,expire,id,ip,ipbits,i...

443 KB
444 KB

19ms
7ms

Media
video/mp4

2a00:1450:4001:3c::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/a6c8652727d81f2f/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634454/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4EA80B92E05EAA23EBA23DEC4FE0D4C4D9050494.69EFB7F71EA82596EF44718E0E2692E6C0A2FDB4/key/cms1/cms_redirect/yes/mh/Xx/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1619726909/mv/m/mvi/4/pl/50/file/file.mp4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:3c::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7880f744e9731026f8df737f70ca5a50c257c0ee866cf15291b64d132c3650f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 20:19:03 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 31 Mar 2021 10:27:27 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-453765/453766
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 453766
Expires: Thu, 29 Apr 2021 20:19:03 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:03 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/a6c8652727d81f2f/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634454/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4EA80B92E05EAA23EBA23DEC4FE0D4C4D9050494.69EFB7F71EA82596EF44718E0E2692E6C0A2FDB4/key/cms1/cms_redirect/yes/mh/Xx/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1619726909/mv/m/mvi/4/pl/50/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 652
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 6157 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 22:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595569
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 22:52:54 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6157 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8Sw_thSLYN3mFcyB7_UPlMyRkATYnKqMYp_om6TcDau7ivyXIhABINKW5jhglfrwgYwHoAH8_8vxAsgBBagDAcgDE5gEAKoE7AFP0G3sgsJl0UlF_NcHt-GB4L-ibzpDSP2eBf8kfN-C3gW7bzPGHiQIs_puE5YJMp2dKJ-wL2OvDsI_Qs8RtWRctmucxwlCEEor_hRfueWHiv973DwAHKwwu1jne-qsiOD3jbHV1Lwvj7ju90A6R0cmmohLSlQjgL2ab4nzD5OACVF5kD6stfobjKOukYE5NkptQLYlPCkyOOTygzF8bD_vsKN1Ia7jWe-V5H5NbQ-hNg3rhgGwOTPE-vo5fk8q263VDFCeec758bBJWXxgjLMW3VH3xJARwiiGWpRdXI48lrFN-0DRmal0ks34ccAE9bjU-r8D4AQDkAYBoAZOgAfs_7OOAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTM1NjYzMjg2MjM1NDQ4NoAKA5gLAcgLAYAMAbATwOGUC8gTlujdCdATANgTCogUAdgUAQ&sigh=EkVll8nQbRY&label=vast_creativeview&ad_mt=0&acvw=sv%3D894%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D-1%26vmtime%3D-1%26is%3D0%26cs%3D0%26c%3D0%26mc%3D-1%26nc%3D-1%26mv%3D-1%26nv%3D-1%26lte%3D-2%26ces%26femt%3D1624%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D355547047%26psm%3D0%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1619727543259%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1619727543004&sdkv=h.3.453.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MTEyMTI3NTA2MjdAuwIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0OTI2MDkwMjkyCTE0ODUwNDc3N0BOCmQIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDkyNjA5MDI5MgkxNDg1MDQ3NzdA6wFSIxAEJQAAwEAoAToLMTQ4NTA0Nzc3LTFCBEdEQ01IjQJQAGABGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/db2/video/682720/53794595/ 91 B
314 B 45ms
45ms Script
application/javascript 52.30.14.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/db2/video/682720/53794595/skeleton.js?ias_callback=__IntegralAS_b55a797eb8aa0cc2e24fc89cabbb684b_416&videoId=55b8a13caece0d1009dcc6831da7f6d7&apiframeworks=2,8&bundleId=[BUNDLEID]&mon=53794596&omidPartner=-1&xmapp=0&xmtp=v&xsId=814ff91d-8e17-424f-b71e-889bfe558c36&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fthreatpost.com%2F&adsafe_type=f&adsafe_jsinfo=,id:b55a797e-b8aa-0cc2-e24f-c89cabbb684b,c:bda1He,sl:outOfView,em:false,fr:true,mn:app27ie,pt:2-5-15,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,br:u,abv:na,an:n,oam:0,vc:jv3,nbld:0,fm:sw0jHIS+1*.682720-53794595%7C11%7C12%7C13%7C141%7C151%7C16%7C171%7C18%7C191%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g,idMap:1*,pl:,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:fwjsvid,thd:1,et:43,oid:23f5f721-a928-11eb-93ea-02617d9e854e,v:19.8.193,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-27.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 278ea4e8f45e81f8da7d31ba5a63f297379f46265d5ce979712b1d1f86c3497f

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:03 GMT
content-encoding: gzip
x-server-name: app36.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: application/javascript;charset=utf-8
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 4A4E 82 KB
22 KB 13ms
13ms Script
application/javascript 2600:9000:20e8:e000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 20:48:37 GMT
content-encoding: gzip
age: 4750227
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: AmazonS3
etag: W/"793767aa29c23c195c863f01f1e83e06"
vary: Accept-Encoding
x-amz-version-id: k6_KQKgDzgGo157ZbUyztz7Xtr8SFesr
via: 1.1 2d69f677a4a0e3e7eefdf9d24bd43661.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL52-C1
content-type: application/javascript
x-amz-cf-id: XDvYC8YxWf6LXVbFX5_f-Fojf0F_LAdhmigJHvtLkJiCkder7EzK7Q==

GET
H3-29 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 38B6 23 KB
9 KB 18ms
16ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/H0ZEmIz7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imasdk.googleapis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8727
date: Thu, 29 Apr 2021 10:49:57 GMT
expires: Fri, 29 Apr 2022 10:49:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 34146
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js Show response
pagead2.googlesyndication.com/bg/ Frame 38B6 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:50:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 16087
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:50:56 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 324ms
105ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=682720&asId=b55a797e-b8aa-0cc2-e24f-c89cabbb684b&tv=%7Bc:bda1J6,time:158,type:e,env:%7Bgca:false,cca:true%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:158,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B149~100%5D,as:%5B149~400.225%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:O,tt:fwjsvid,dtt:0,fm:sw0jHIS+1*.682720-53794595%7C11%7C12%7C13%7C141%7C151%7C16%7C171%7C18%7C191%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:03 GMT
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame BA28 107 B
165 B 17ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 20:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 9A19 156 B
287 B 146ms
146ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6650&description_url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3816592927642415&cust_params=domains%3Dthreatpost.com&sdkv=h.3.453.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3918427860&sdk_apis=2%2C8&sid=EEBE2A51-CE8F-4159-809A-D4972519902E&eid=44731465%2C44739826&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&dlt=1619727539073&idt=2264&dt=1619727543496&cookie_enabled=1&scor=4192880263585115&ged=ve4_td4_tt2_pd4_la4000_er974.1199.1127.1499_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38B6 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.453.0&bgai=B-TfSthSLYM3zKfPFzAbn7YeYCAAAAAA4AeAEAg&bg=!kpGlkdXNAAZLnZBaS507ACkAdvg8Wjl7dTsqS8QEctBujThdxz04mqdChnpp5xrPfembtlHqMUEK7AIAAACEUgAAAA9oAQcKAFneZgVagzQMgDtzkOIktbvr_Ew-ztDXrrMg8e5706NVE-7Pc0rE5eNYNaUMgYGn_avTUvvCtOZHxwqAB9DcktK-GD7B_Nowx-MkOmBx1WpHzZvugaSpiGmIgJkCPOEEJjGcZvW35YZCkEg_794qeaKsgoeOBZykQmReWgcr4NPf2dxbVzobOyWYjWsHkEUMCXFszgSzEI5apyeX_SyReQqdWEt7ZB9kaExULjas440_4j0bdwA1sX_hh-RxiW-D3yUDVAyiCOiDXumVDHQIG4Yh8q6nVFszEy7clE7aXIvtI0Ub5hDvHHNJrXJLFxD-pwVlE8OY8j5rft84hyiCsbOX-OGDulbzol58DGUrnB4YUEAWpO5NjSKXO-OIxA_bmYq0f7d17Qwt7IUkSPD-OPcypOnWOoKyshO7YN2yKJuOHA8-8au2Auuq6YNPlc_7h4eEZrJHlfa_CB-gpyXZrvFwZZWqjkwoRPBWAuoz5IeDGjy2hiozIC4D12vfdixc1SnaM8SxFYNoB0-Q9OQ0jE351UT6CSqFGd-I8WjL3Z6bMOQOq7lW7zaqu7QXqhachEfarqRUmeI2Q5nUdcT9w0MQutQPsA3tp4ADkSb-Lge3i8HpHHrTlBUnXpbaygoanQ0az6U7OP2XRr05bJB8x4AYtOO9rUFIQkjP6EPtrSHBthaXUKE0lWCUR5UWuJ26hLrrnTeV1c1fvLtWU93qcy5vlWlH118sYEfRcJ6twA11pjf19nAGs3Sb__9kiuaqLR0Tc6zHQfY_3oXWh4U7UoJ-Zh7UFIwFrNqXd1FOwsThVLqjxNY7rNxPDjE8LPCvEMDZTRLDorAT8u1oKedCwSX8UkjHG_SBeToMgAIIGIaeHEj7z7DHEUMo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 111ms
108ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=682720&asId=b55a797e-b8aa-0cc2-e24f-c89cabbb684b&tv=%7Bc:bda1MI,pingTime:-10,time:382,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619727543662%7C%7Cd70dd71d455686857384b62c076ad5f1%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C77a99340cc4f681f3787897d4f4b4b92%7C%7Cedd2ef9169c78b45e4da45b8c58565f6%7C%7Cd77020d0c9b4bdf00bdbbd4c17a84bb1%7C%7Cd5d72cc4c6b60120baadd4c4da9df0e6%7C%7C70196054873fb9989ef251cb19e97212%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:03 GMT
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame B372 35 B
174 B 32ms
31ms Image
image/gif 34.249.222.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjozMDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vdGhyZWF0cG9zdC5jb20vZ29vZ2xlLWNocm9tZS12OC1idWctcmVtb3RlLWNvZGUtZXhlY3V0aW9uLzE2NTY2Mi8ifX0sImNiIjoxNjE5NzI3NTQzNjcyLCJpYXNfc2luZ2xldGFnIjp0cnVlLCJpYXNfc2luZ2xldGFnX291dGNvbWUiOjE5LCJoZWFkZXJzIjp7ImhlYWRlcjgiOiJpYXNvIn0sImN1c3RvbSI6eyJjdXN0b203IjoiNjgyNzIwIiwiY3VzdG9tOCI6IjUzNzk0NTk1IiwiY3VzdG9tMTEiOiIyMDIxLjAyLjExLTExLjAyLTE5Njc2ZTAiLCJ4c2lkIjoiODE0ZmY5MWQtOGUxNy00MjRmLWI3MWUtODg5YmZlNTU4YzM2In19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.222.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-222-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 20:19:03 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2

200

skeleton.js
static.adsafeprotected.com/
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/682720/53794595/skeleton.js?videoId=55b8a13caece0d1009dcc6831da7f6d7&apiframeworks=2,8&bundleId=[BUNDLEID]&mon=53794596&omidPartner=-1&xmapp=0&xmtp=v&xsId=8...
https://static.adsafeprotected.com/skeleton.js?videoId=55b8a13caece0d1009dcc6831da7f6d7&apiframeworks=2,8&bundleId=[BUNDLEID]&mon=53794596&omidPartner=-1&xmapp=0&xmtp=v&xsId=814ff91d-8e17-424f-b71e...

17 B
17 B

15ms
15ms

Image
application/javascript

2600:9000:20e8:e000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.js?videoId=55b8a13caece0d1009dcc6831da7f6d7&apiframeworks=2,8&bundleId=[BUNDLEID]&mon=53794596&omidPartner=-1&xmapp=0&xmtp=v&xsId=814ff91d-8e17-424f-b71e-889bfe558c36
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 10:01:14 GMT
via: 1.1 2d69f677a4a0e3e7eefdf9d24bd43661.cloudfront.net (CloudFront)
age: 7726670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: Nf_yyDEQNmgaViCY2zGu5ppMoCuc6aev_dCy-c-Jica4sEjWr0lQpQ==

Redirect headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:03 GMT
x-server-name: app30.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?videoId=55b8a13caece0d1009dcc6831da7f6d7&apiframeworks=2,8&bundleId=[BUNDLEID]&mon=53794596&omidPartner=-1&xmapp=0&xmtp=v&xsId=814ff91d-8e17-424f-b71e-889bfe558c36
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 dc_oe=ChMIzabCpqOk8AIV8yLTCh3n9gGDEAAYACDJgehGOhkIrYTRjgEQ9bjU-r8DGJbo3Qkgn-ibpNwNQhMI3ZmupqOk8AIVzMC7CB0UZgRC;dc_rmcid=CAASEuRoA0nkMf-jAIVXSiyZd_K_vQ;eps=CIDhgBAQARgd;met=1;acvw=sv%3D894%26cb%3Dj%...
ade.googlesyndication.com/ddm/activity/ Frame 6157 42 B
207 B 48ms
46ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzabCpqOk8AIV8yLTCh3n9gGDEAAYACDJgehGOhkIrYTRjgEQ9bjU-r8DGJbo3Qkgn-ibpNwNQhMI3ZmupqOk8AIVzMC7CB0UZgRC;dc_rmcid=CAASEuRoA0nkMf-jAIVXSiyZd_K_vQ;eps=CIDhgBAQARgd;met=1;acvw=sv%3D894%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1624%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D355547047%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1619727543684%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1619727543004;dc_rfl=1,https%253A%252F%252Fthreatpost.com%252Fgoogle-chrome-v8-bug-remote-code-execution%252F165662%252F%240;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6157 42 B
336 B 17ms
16ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8Sw_thSLYN3mFcyB7_UPlMyRkATYnKqMYp_om6TcDau7ivyXIhABINKW5jhglfrwgYwHoAH8_8vxAsgBBagDAcgDE5gEAKoE7AFP0G3sgsJl0UlF_NcHt-GB4L-ibzpDSP2eBf8kfN-C3gW7bzPGHiQIs_puE5YJMp2dKJ-wL2OvDsI_Qs8RtWRctmucxwlCEEor_hRfueWHiv973DwAHKwwu1jne-qsiOD3jbHV1Lwvj7ju90A6R0cmmohLSlQjgL2ab4nzD5OACVF5kD6stfobjKOukYE5NkptQLYlPCkyOOTygzF8bD_vsKN1Ia7jWe-V5H5NbQ-hNg3rhgGwOTPE-vo5fk8q263VDFCeec758bBJWXxgjLMW3VH3xJARwiiGWpRdXI48lrFN-0DRmal0ks34ccAE9bjU-r8D4AQDkAYBoAZOgAfs_7OOAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTM1NjYzMjg2MjM1NDQ4NoAKA5gLAcgLAYAMAbATwOGUC8gTlujdCdATANgTCogUAdgUAQ&sigh=EkVll8nQbRY&label=part2viewed&ad_mt=222&acvw=sv%3D894%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1624%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D355547047%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1619727543684%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1619727543004&sdkv=h.3.453.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MTEyMTI3NTA2MjdAuwIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0OTI2MDkwMjkyCTE0ODUwNDc3N0BOCmQIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDkyNjA5MDI5MgkxNDg1MDQ3NzdA6wFSIxAEJRKDwEAoAToLMTQ4NTA0Nzc3LTFCBEdEQ01IjQJQAGABGAE.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6157 0
20 B 43ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6157 0
827 B 75ms
49ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthJdLTYhk84Z2Zr0T88meo66xZHpq3S4_I6SC_GyWsJ2DOP7DTmp3MgAerFAuRoaZ_msKFQ_Tqy_PCNhJN1R6pwOrr0zEPI7JhpGkAwRqV9XQ7RxCWcnkAc1Z0c7-tM7ULwKCLtqPj1jgladiiq7WecyXH98L709WSpNR8mJIYS5yFuwVP5XMCxZmJKT_2cLkfI-xYo0JFhyEQ4E1_xPBF6X1vIFs0q__XWS13MpBU1VgDlULu9Mu74iftl_qzFuRlkFcjARAsU9w5m_0lWgYsU8pOv9pV8VVs9BQJUVSPMvMDatxtD9jlvLDlfbmcdCJDrA6VbrUlFWjRtC9H0ihjAKGWpE7qHE9eK655c9lCE95jU12GL6xBhesbJaojl6sbCJViMZhJ05-8ju2_8aPc1MiyI-X4wVGqbjzSyx0ItmHAnyrME-wQ41LCwTtl8rTNi581bZK9_NNqxHxlrvYOcsYkhWSzlaOV4KD5Dnc04cKWmFPKL3iOUhBRsBeG7T8nB5HZbz9GTEo3gmajT4XwWV9YY5PMquEAf-9kAE2v154r3ROMpQS55t1ze-SWHBjINi98PMV1dUJFWnmwQEfpNLNNr7a4JuhNlTSCkNAQcIVVtp6bmhf7FqGYjXRwECGu0rOgHP45RzzaYjzc6ul6xAj7TRus5VBDSDAIA2DdWW7KeQ-WksI50p0MpoBHo_beeRJJqk8F0CfpgGkqR5qj1_tbuCAt73ySKvflIOHfb21eDnc0oF3v0xozfM3NLE3nz9ww1FnIb0O90vWAY8kPP9VX3mJo95HkrlWZaw7dypmYHVMQ8CqyhlSWcq5sGon86NKJIuMQeab5EYlMVCoTtWv4vyMzy1Hqv4ZtoEVl44RziZJ7MzbLAiZrnIoop6hNH_ZMEt342DRFokak_vuOFgcO8LkNZyqVk8tsqp1NUieAH6EstciN3qDjZ9sxnQw3PFQKTOS1UExkN3bvyPmSyfR1cE1YTCkUd5GQ5zBjMmR_hJJlNHKb5wbdZB9CCmKLYkJh0iIJIVwFt8Hm926DvkWKtI5peeKxxG5poF6NHYwALxP2pF_f0G7lkWb8KGsvlazOemGww2wJJI3ctpn6iORJEhEvmaUgI_uHl_AkHbwPOu3coSvUlcqqAezPLAHcmmv5hokzSkEhnkAxPd8rDKcbjEqi8m0EgzKPstKmaboECQ5Gp8HQs-qyhvb4x2lVGBMI56A&sai=AMfl-YS6CnJu3tG7aMg96KVspXp4mTdTYpNUKR7IAgZEuKAqhpNoEIV4gJR4zUHmO_mRD4Q3Y79OObh_nBvOK3-rPqWSkqNZ_vbCIfqvAufmKjPaJLYJ2seAJXUJDoUsVa07edG0ZEFl7SmL3KNy-_Ycgv2Z_rgY3g&sig=Cg0ArKJSzJkQo9ETPGibEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.453.0&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 29 Apr 2021 20:19:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Apr 2021 20:19:03 GMT

GET
H/1.1

200
OK

firstevent
intelcorp.demdex.net/ Frame 6157
Redirect Chain

https://intelcorp.demdex.net/event?event=imp&d_campaign=25571066&d_site=5134578&d_placement=299779583&d_ad=492609029&d_creative=148504777
https://intelcorp.demdex.net/firstevent?event=imp&d_campaign=25571066&d_site=5134578&d_placement=299779583&d_ad=492609029&d_creative=148504777

42 B
987 B

37ms
37ms

Image
image/gif

34.252.115.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intelcorp.demdex.net/firstevent?event=imp&d_campaign=25571066&d_site=5134578&d_placement=299779583&d_ad=492609029&d_creative=148504777

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-115-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-0b3e56fcb.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ZlpcowNmS/c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v005-0018b13d1.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 43Dyd/oTS74=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://intelcorp.demdex.net/firstevent?event=imp&d_campaign=25571066&d_site=5134578&d_placement=299779583&d_ad=492609029&d_creative=148504777
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 6157 0
0 19ms
16ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIXULRDioeABGNHn2aIBIAEwAQ&v=APEucNVGsop1LzemCgRA6pZGnawdiCDQ83_0WOrvRP9ZSv4V6NaODjukY4V1KSoub6Hhq5y9d7LQ7j3LyoX7ejm0DTH4GGGBmg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 6157 43 B
181 B 9ms
6ms Image
image/gif 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
age: 66931
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:43:32 GMT

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 6157 35 B
174 B 43ms
32ms Image
image/gif 34.249.222.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vaW1hc2RrLmdvb2dsZWFwaXMuY29tLyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiNC4wIiwiY3VzdG9tMyI6IjQuMCIsImN1c3RvbTciOiI2ODI3MjAiLCJjdXN0b204IjoiNTM3OTQ1OTUiLCJ4c2lkIjoiODE0ZmY5MWQtOGUxNy00MjRmLWI3MWUtODg5YmZlNTU4YzM2In0sImhlYWRlcnMiOnsiaGVhZGVyMTEiOiJEQ00iLCJoZWFkZXIzIjoiLTEiLCJoZWFkZXI0IjoiMiw4IiwiaGVhZGVyNSI6IltCVU5ETEVJRF0iLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY2IiOiIxNjE5NzI3NTQyOTE3MjI2NjY0IiwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WUEFJRF9fV0VCX1BYTCJ9&key1=ROKU_ADS_APP_ID&key2=$APP_STOREURL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.222.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-222-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 20:19:03 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 6157
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/682720/53794596/skeleton.gif?xmtp=v&xmapp=0&xsId=814ff91d-8e17-424f-b71e-889bfe558c36
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=814ff91d-8e17-424f-b71e-889bfe558c36

43 B
480 B

15ms
15ms

Image
image/gif

2600:9000:20e8:e000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=814ff91d-8e17-424f-b71e-889bfe558c36
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 03:05:18 GMT
via: 1.1 2d69f677a4a0e3e7eefdf9d24bd43661.cloudfront.net (CloudFront)
age: 7146825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: 3Tcc8wL3z99D5t-Lz8PMCcan2YoZ3ub82jCGhvcbEW0YXMWD-cHP1A==

Redirect headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:03 GMT
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=814ff91d-8e17-424f-b71e-889bfe558c36
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 dc_oe=ChMIzabCpqOk8AIV8yLTCh3n9gGDEAAYACDJgehGOhkIrYTRjgEQ9bjU-r8DGJbo3Qkgn-ibpNwNQhMI3ZmupqOk8AIVzMC7CB0UZgRC;dc_rmcid=CAASEuRoA0nkMf-jAIVXSiyZd_K_vQ;eps=CIDhgBAQARgd;met=1;acvw=sv%3D894%26cb%3Dj%...
ade.googlesyndication.com/ddm/activity/ Frame 6157 42 B
107 B 45ms
43ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6157 42 B
64 B 43ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst85QRYH8LOPLvt07oFj5yfq3pPJeheWj_dJI6scDh6I7RXFudcWCjA5qRZii0haiLJox5gVKBeCmpcmp7O_7UYj32PotUok3oG13laPdnh_ka0B_xnj7XZtcf8UA&sai=AMfl-YQ8K8A-edOBFlskmjwXPV-7cf-pUeODokuphcGRLyotRaOT4f9JuWPDpNi7Xb5OAwwO5pd4xlj3LhhGL2jr9G4A6YS7YXJZk8j1HNf6Y3MBMoQIvIGPPCRchp9y&sig=Cg0ArKJSzHgnzTO3gA0mEAE&cid=CAASEuRoA0nkMf-jAIVXSiyZd_K_vQ&id=lidarv&acvw=sv%3D894%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1624%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D355547047%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1619727543681%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1619727543004&avm=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK ai Show response
capi.connatix.com/tr/ Frame BA28 0
295 B 116ms
116ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ai?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 1_th.jpg
img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/ 8 KB
8 KB 8ms
8ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/1_th.jpg?crop=400:225,smart&width=400&height=225&format=jpeg&quality=60&fit=crop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ae63b86b57288bbfe0165058fb76ff8836aac5a749713428a95225a28265122b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:03 GMT
age: 53682
etag: "m03uoFKbyxNeiBJVHm5eHzI6CToGrLfDVxXRgtG6MTA"
access-control-max-age: 86400
fastly-io-info: ifsz=90487 idim=2560x1440 ifmt=jpeg ofsz=8597 odim=400x225 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=31557600
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 8597

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame B372 35 B
174 B 30ms
30ms Image
image/gif 34.249.222.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjo0MDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vdGhyZWF0cG9zdC5jb20vZ29vZ2xlLWNocm9tZS12OC1idWctcmVtb3RlLWNvZGUtZXhlY3V0aW9uLzE2NTY2Mi8ifX0sImNiIjoxNjE5NzI3NTQ1MTY3LCJpYXNfc2luZ2xldGFnIjp0cnVlLCJpYXNfc2luZ2xldGFnX291dGNvbWUiOjE5LCJoZWFkZXJzIjp7ImhlYWRlcjgiOiJpYXNvIn0sImN1c3RvbSI6eyJjdXN0b203IjoiNjgyNzIwIiwiY3VzdG9tOCI6IjUzNzk0NTk1IiwiY3VzdG9tMTEiOiIyMDIxLjAyLjExLTExLjAyLTE5Njc2ZTAiLCJ4c2lkIjoiODE0ZmY5MWQtOGUxNy00MjRmLWI3MWUtODg5YmZlNTU4YzM2In19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.222.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-222-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 20:19:05 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 104ms
103ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=682720&asId=b55a797e-b8aa-0cc2-e24f-c89cabbb684b&tv=%7Bc:bda2aY,pingTime:-4,time:1886,type:m,clog:%5B%7Bpiv:100,vs:o,r:v,w:400,h:225,t:42%7D,%7Bvs:i,r:,t:486%7D%5D,ve:%7BvEventCount:8,vEvents:%5B%7Bt:-50,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-36,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:134,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:390,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:110,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:390,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:391,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1635,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1885,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1400,o:486,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B477~100%5D,as:%5B477~400.225%5D%7D%7D,%7Bsl:i,t:486,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1400~100%5D,as:%5B1400~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:O,tt:fwjsvid,dtt:115,fm:sw0jHIS+1*.682720-53794595%7C11%7C12%7C13%7C141%7C151%7C16%7C171%7C18%7C191%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:05 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 dc_oe=ChMIzabCpqOk8AIV8yLTCh3n9gGDEAAYACDJgehGOhkIrYTRjgEQ9bjU-r8DGJbo3Qkgn-ibpNwNQhMI3ZmupqOk8AIVzMC7CB0UZgRC;dc_rmcid=CAASEuRoA0nkMf-jAIVXSiyZd_K_vQ;eps=CIDhgBAQARgd;met=1;acvw=sv%3D894%26cb%3Dj%...
ade.googlesyndication.com/ddm/activity/ Frame 6157 42 B
63 B 44ms
43ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzabCpqOk8AIV8yLTCh3n9gGDEAAYACDJgehGOhkIrYTRjgEQ9bjU-r8DGJbo3Qkgn-ibpNwNQhMI3ZmupqOk8AIVzMC7CB0UZgRC;dc_rmcid=CAASEuRoA0nkMf-jAIVXSiyZd_K_vQ;eps=CIDhgBAQARgd;met=1;acvw=sv%3D894%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D1491,0,0,0,0%26mtos%3D1491,1491,1491,1491,1491%26amtos%3D0,0,0,0,0%26mcvt%3D1491%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1491%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1089%26pst%3D202%26vpaid%26dur%3D6016%26vmtime%3D1467%26dvs%3D1491%26dfvs%3D1491%26dvpt%3D1491%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1491,1491,1491,1491,1491%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1624%26femvt%3D0%26emc%3D11%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D355547047%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1619727545171%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1491;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1619727543004;ecn1=1;etm1=0;eid1=960584;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6157 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8Sw_thSLYN3mFcyB7_UPlMyRkATYnKqMYp_om6TcDau7ivyXIhABINKW5jhglfrwgYwHoAH8_8vxAsgBBagDAcgDE5gEAKoE7AFP0G3sgsJl0UlF_NcHt-GB4L-ibzpDSP2eBf8kfN-C3gW7bzPGHiQIs_puE5YJMp2dKJ-wL2OvDsI_Qs8RtWRctmucxwlCEEor_hRfueWHiv973DwAHKwwu1jne-qsiOD3jbHV1Lwvj7ju90A6R0cmmohLSlQjgL2ab4nzD5OACVF5kD6stfobjKOukYE5NkptQLYlPCkyOOTygzF8bD_vsKN1Ia7jWe-V5H5NbQ-hNg3rhgGwOTPE-vo5fk8q263VDFCeec758bBJWXxgjLMW3VH3xJARwiiGWpRdXI48lrFN-0DRmal0ks34ccAE9bjU-r8D4AQDkAYBoAZOgAfs_7OOAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTM1NjYzMjg2MjM1NDQ4NoAKA5gLAcgLAYAMAbATwOGUC8gTlujdCdATANgTCogUAdgUAQ&sigh=EkVll8nQbRY&label=videoplaytime25&ad_mt=1697&acvw=sv%3D894%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D1491,0,0,0,0%26mtos%3D1491,1491,1491,1491,1491%26amtos%3D0,0,0,0,0%26mcvt%3D1491%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1491%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1089%26pst%3D202%26vpaid%26dur%3D6016%26vmtime%3D1467%26dvs%3D1491%26dfvs%3D1491%26dvpt%3D1491%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1491,1491,1491,1491,1491%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1624%26femvt%3D0%26emc%3D11%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D355547047%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1619727545171%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1491&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1619727543004&sdkv=h.3.453.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MTEyMTI3NTA2MjdAuwIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0OTI2MDkwMjkyCTE0ODUwNDc3N0BOCmQIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDkyNjA5MDI5MgkxNDg1MDQ3NzdA6wFSIxAEJRKDwEAoAToLMTQ4NTA0Nzc3LTFCBEdEQ01IjQJQAGABGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK aq Show response
capi.connatix.com/tr/ Frame BA28 0
295 B 116ms
116ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/aq?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame BA28 0
295 B 116ms
116ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK av Show response
capi.connatix.com/tr/ Frame BA28 0
295 B 116ms
116ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/av?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 107ms
106ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=682720&asId=b55a797e-b8aa-0cc2-e24f-c89cabbb684b&tv=%7Bc:bda2kE,pingTime:2,time:2486,type:p,clog:%5B%7Bpiv:100,vs:o,r:v,w:400,h:225,t:42%7D,%7Bvs:i,r:,t:486%7D%5D,ve:%7BvEventCount:8,vEvents:%5B%7Bt:-50,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-36,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:134,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:390,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:110,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:390,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:391,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1635,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1885,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:2001,o:486,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B477~100%5D,as:%5B477~400.225%5D%7D%7D,%7Bsl:i,t:486,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2001~100%5D,as:%5B2001~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:O,tt:fwjsvid,dtt:106,fm:sw0jHIS+1*.682720-53794595%7C11%7C12%7C13%7C141%7C151%7C16%7C171%7C18%7C191%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:05 GMT
x-server-name: dt47.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 107ms
107ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=682720&asId=b55a797e-b8aa-0cc2-e24f-c89cabbb684b&tv=%7Bc:bda2kF,pingTime:2,time:2487,type:pf,clog:%5B%7Bpiv:100,vs:o,r:v,w:400,h:225,t:42%7D,%7Bvs:i,r:,t:486%7D%5D,ve:%7BvEventCount:8,vEvents:%5B%7Bt:-50,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-36,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:134,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:390,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:110,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:390,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:391,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1635,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1885,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:2001,o:486,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B477~100%5D,as:%5B477~400.225%5D%7D%7D,%7Bsl:i,t:486,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2001~100%5D,as:%5B2001~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:O,tt:fwjsvid,dtt:106,fm:sw0jHIS+1*.682720-53794595%7C11%7C12%7C13%7C141%7C151%7C16%7C171%7C18%7C191%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:05 GMT
x-server-name: dt42.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzabCpqOk8AIV8yLTCh3n9gGDEAAYACDJgehGOhkIrYTRjgEQ9bjU-r8DGJbo3Qkgn-ibpNwNQhMI3ZmupqOk8AIVzMC7CB0UZgRC;dc_rmcid=CAASEuRoA0nkMf-jAIVXSiyZd_K_vQ;eps=CIDhgBAQARgd;met=1;acvw=sv%3D894%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D2092,0,0,0,0%26mtos%3D2092,2092,2092,2092,2092%26amtos%3D0,0,0,0,0%26mcvt%3D2092%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2092%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1690%26pst%3D202%26vpaid%26dur%3D6016%26vmtime%3D1467%26dtos%3D2092%26dtoss%3D1%26dvs%3D601%26dfvs%3D601%26dvpt%3D601%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1624%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D14,0,0,0,0%26avms%3Dexc%26qi%3D355547047%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1619727545773%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2092;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1619727543004;ecn1=1;etm1=0;eid1=200000;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6157 42 B
64 B 48ms
47ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst85QRYH8LOPLvt07oFj5yfq3pPJeheWj_dJI6scDh6I7RXFudcWCjA5qRZii0haiLJox5gVKBeCmpcmp7O_7UYj32PotUok3oG13laPdnh_ka0B_xnj7XZtcf8UA&sai=AMfl-YQ8K8A-edOBFlskmjwXPV-7cf-pUeODokuphcGRLyotRaOT4f9JuWPDpNi7Xb5OAwwO5pd4xlj3LhhGL2jr9G4A6YS7YXJZk8j1HNf6Y3MBMoQIvIGPPCRchp9y&sig=Cg0ArKJSzHgnzTO3gA0mEAE&cid=CAASEuRoA0nkMf-jAIVXSiyZd_K_vQ&id=lidarv&acvw=sv%3D894%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D2092,0,0,0,0%26mtos%3D2092,2092,2092,2092,2092%26amtos%3D0,0,0,0,0%26mcvt%3D2092%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2092%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1690%26pst%3D202%26vpaid%26dur%3D6016%26vmtime%3D1467%26dtos%3D2092%26dtoss%3D1%26dvs%3D601%26dfvs%3D601%26dvpt%3D601%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1624%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D14,0,0,0,0%26avms%3Dexc%26qi%3D355547047%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1619727545773%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2092&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1619727543004

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 106ms
106ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=682720&asId=b55a797e-b8aa-0cc2-e24f-c89cabbb684b&tv=%7Bc:bda2z9,pingTime:-4,time:3385,type:m,clog:%5B%7Bpiv:100,vs:o,r:v,w:400,h:225,t:42%7D,%7Bvs:i,r:,t:486%7D%5D,ve:%7BvEventCount:10,vEvents:%5B%7Bt:-50,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-36,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:134,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:390,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:110,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:390,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:391,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1635,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1885,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2885,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3385,tp:adVideoMidpoint,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:2899,o:486,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B477~100%5D,as:%5B477~400.225%5D%7D%7D,%7Bsl:i,t:486,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2899~100%5D,as:%5B2899~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:O,tt:fwjsvid,dtt:110,fm:sw0jHIS+1*.682720-53794595%7C11%7C12%7C13%7C141%7C151%7C16%7C171%7C18%7C191%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:06 GMT
x-server-name: dt36.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzabCpqOk8AIV8yLTCh3n9gGDEAAYACDJgehGOhkIrYTRjgEQ9bjU-r8DGJbo3Qkgn-ibpNwNQhMI3ZmupqOk8AIVzMC7CB0UZgRC;dc_rmcid=CAASEuRoA0nkMf-jAIVXSiyZd_K_vQ;eps=CIDhgBAQARgd;met=1;acvw=sv%3D894%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D2989,0,0,0,0%26mtos%3D2989,2989,2989,2989,2989%26amtos%3D0,0,0,0,0%26mcvt%3D2989%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2989%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2387%26pst%3D202%26vpaid%26dur%3D6016%26vmtime%3D2717%26dtos%3D897%26dtoss%3D2%26dvs%3D897%26dfvs%3D897%26dvpt%3D897%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1498,1498,1498,1498,1498%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1624%26femvt%3D0%26emc%3D19%26emuc%3D0%26emb%3D19,0,0,0,0%26avms%3Dexc%26qi%3D355547047%26psm%3D-2147483641%26psv%3D-2147483641%26psfv%3D-2147483641%26psa%3D0%26ptlt%3D1619727546669%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2989;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1619727543004;ecn1=1;etm1=0;eid1=18;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6157 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8Sw_thSLYN3mFcyB7_UPlMyRkATYnKqMYp_om6TcDau7ivyXIhABINKW5jhglfrwgYwHoAH8_8vxAsgBBagDAcgDE5gEAKoE7AFP0G3sgsJl0UlF_NcHt-GB4L-ibzpDSP2eBf8kfN-C3gW7bzPGHiQIs_puE5YJMp2dKJ-wL2OvDsI_Qs8RtWRctmucxwlCEEor_hRfueWHiv973DwAHKwwu1jne-qsiOD3jbHV1Lwvj7ju90A6R0cmmohLSlQjgL2ab4nzD5OACVF5kD6stfobjKOukYE5NkptQLYlPCkyOOTygzF8bD_vsKN1Ia7jWe-V5H5NbQ-hNg3rhgGwOTPE-vo5fk8q263VDFCeec758bBJWXxgjLMW3VH3xJARwiiGWpRdXI48lrFN-0DRmal0ks34ccAE9bjU-r8D4AQDkAYBoAZOgAfs_7OOAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTM1NjYzMjg2MjM1NDQ4NoAKA5gLAcgLAYAMAbATwOGUC8gTlujdCdATANgTCogUAdgUAQ&sigh=EkVll8nQbRY&label=videoplaytime50&ad_mt=3197&acvw=sv%3D894%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D2989,0,0,0,0%26mtos%3D2989,2989,2989,2989,2989%26amtos%3D0,0,0,0,0%26mcvt%3D2989%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2989%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2387%26pst%3D202%26vpaid%26dur%3D6016%26vmtime%3D2717%26dtos%3D897%26dtoss%3D2%26dvs%3D897%26dfvs%3D897%26dvpt%3D897%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1498,1498,1498,1498,1498%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1624%26femvt%3D0%26emc%3D19%26emuc%3D0%26emb%3D19,0,0,0,0%26avms%3Dexc%26qi%3D355547047%26psm%3D-2147483641%26psv%3D-2147483641%26psfv%3D-2147483641%26psa%3D0%26ptlt%3D1619727546669%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2989&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1619727543004&sdkv=h.3.453.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MTEyMTI3NTA2MjdAuwIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0OTI2MDkwMjkyCTE0ODUwNDc3N0BOCmQIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDkyNjA5MDI5MgkxNDg1MDQ3NzdA6wFSIxAEJRKDwEAoAToLMTQ4NTA0Nzc3LTFCBEdEQ01IjQJQAGABGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK aq Show response
capi.connatix.com/tr/ Frame BA28 0
295 B 118ms
118ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/aq?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame BA28 0
295 B 116ms
116ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 105ms
105ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=682720&asId=b55a797e-b8aa-0cc2-e24f-c89cabbb684b&tv=%7Bc:bda2Xl,pingTime:-4,time:4885,type:m,clog:%5B%7Bpiv:100,vs:o,r:v,w:400,h:225,t:42%7D,%7Bvs:i,r:,t:486%7D%5D,ve:%7BvEventCount:12,vEvents:%5B%7Bt:-50,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-36,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:134,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:390,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:110,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:390,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:391,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1635,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1885,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2885,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3385,tp:adVideoMidpoint,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3885,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4885,tp:adVideoThirdQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:4399,o:486,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B477~100%5D,as:%5B477~400.225%5D%7D%7D,%7Bsl:i,t:486,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4399~100%5D,as:%5B4399~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:O,tt:fwjsvid,dtt:108,fm:sw0jHIS+1*.682720-53794595%7C11%7C12%7C13%7C141%7C151%7C16%7C171%7C18%7C191%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:08 GMT
x-server-name: dt29.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzabCpqOk8AIV8yLTCh3n9gGDEAAYACDJgehGOhkIrYTRjgEQ9bjU-r8DGJbo3Qkgn-ibpNwNQhMI3ZmupqOk8AIVzMC7CB0UZgRC;dc_rmcid=CAASEuRoA0nkMf-jAIVXSiyZd_K_vQ;eps=CIDhgBAQARgd;met=1;acvw=sv%3D894%26cb%3Dj%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D4491,0,0,0,0%26mtos%3D4491,4491,4491,4491,4491%26amtos%3D0,0,0,0,0%26mcvt%3D4491%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4491%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3689%26pst%3D202%26vpaid%26dur%3D6016%26vmtime%3D3717%26dtos%3D1502%26dtoss%3D3%26dvs%3D1502%26dfvs%3D1502%26dvpt%3D1502%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1502,1502,1502,1502,1502%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1624%26femvt%3D0%26emc%3D26%26emuc%3D0%26emb%3D26,0,0,0,0%26avms%3Dexc%26qi%3D355547047%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D1619727548171%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4491;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1619727543004;ecn1=1;etm1=0;eid1=960585;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6157 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8Sw_thSLYN3mFcyB7_UPlMyRkATYnKqMYp_om6TcDau7ivyXIhABINKW5jhglfrwgYwHoAH8_8vxAsgBBagDAcgDE5gEAKoE7AFP0G3sgsJl0UlF_NcHt-GB4L-ibzpDSP2eBf8kfN-C3gW7bzPGHiQIs_puE5YJMp2dKJ-wL2OvDsI_Qs8RtWRctmucxwlCEEor_hRfueWHiv973DwAHKwwu1jne-qsiOD3jbHV1Lwvj7ju90A6R0cmmohLSlQjgL2ab4nzD5OACVF5kD6stfobjKOukYE5NkptQLYlPCkyOOTygzF8bD_vsKN1Ia7jWe-V5H5NbQ-hNg3rhgGwOTPE-vo5fk8q263VDFCeec758bBJWXxgjLMW3VH3xJARwiiGWpRdXI48lrFN-0DRmal0ks34ccAE9bjU-r8D4AQDkAYBoAZOgAfs_7OOAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTM1NjYzMjg2MjM1NDQ4NoAKA5gLAcgLAYAMAbATwOGUC8gTlujdCdATANgTCogUAdgUAQ&sigh=EkVll8nQbRY&label=videoplaytime75&ad_mt=4697&acvw=sv%3D894%26cb%3Dj%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D4491,0,0,0,0%26mtos%3D4491,4491,4491,4491,4491%26amtos%3D0,0,0,0,0%26mcvt%3D4491%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4491%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3689%26pst%3D202%26vpaid%26dur%3D6016%26vmtime%3D3717%26dtos%3D1502%26dtoss%3D3%26dvs%3D1502%26dfvs%3D1502%26dvpt%3D1502%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1502,1502,1502,1502,1502%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1624%26femvt%3D0%26emc%3D26%26emuc%3D0%26emb%3D26,0,0,0,0%26avms%3Dexc%26qi%3D355547047%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D1619727548171%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4491&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1619727543004&sdkv=h.3.453.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MTEyMTI3NTA2MjdAuwIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0OTI2MDkwMjkyCTE0ODUwNDc3N0BOCmQIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDkyNjA5MDI5MgkxNDg1MDQ3NzdA6wFSIxAEJRKDwEAoAToLMTQ4NTA0Nzc3LTFCBEdEQ01IjQJQAGABGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK aq Show response
capi.connatix.com/tr/ Frame BA28 0
295 B 116ms
116ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/aq?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 107ms
106ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=682720&asId=b55a797e-b8aa-0cc2-e24f-c89cabbb684b&tv=%7Bc:bda372,pingTime:5,time:5486,type:p,clog:%5B%7Bpiv:100,vs:o,r:v,w:400,h:225,t:42%7D,%7Bvs:i,r:,t:486%7D%5D,ve:%7BvEventCount:13,vEvents:%5B%7Bt:-50,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-36,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:134,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:390,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:110,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:390,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:391,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1635,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1885,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2885,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3385,tp:adVideoMidpoint,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3885,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4885,tp:adVideoThirdQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4885,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:5000,o:486,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B477~100%5D,as:%5B477~400.225%5D%7D%7D,%7Bsl:i,t:486,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:O,tt:fwjsvid,dtt:108,fm:sw0jHIS+1*.682720-53794595%7C11%7C12%7C13%7C141%7C151%7C16%7C171%7C18%7C191%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:08 GMT
x-server-name: dt66.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 106ms
106ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=682720&asId=b55a797e-b8aa-0cc2-e24f-c89cabbb684b&tv=%7Bc:bda373,pingTime:5,time:5487,type:pf,clog:%5B%7Bpiv:100,vs:o,r:v,w:400,h:225,t:42%7D,%7Bvs:i,r:,t:486%7D%5D,ve:%7BvEventCount:13,vEvents:%5B%7Bt:-50,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-36,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:134,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:390,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:110,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:390,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:391,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1635,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1885,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2885,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3385,tp:adVideoMidpoint,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3885,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4885,tp:adVideoThirdQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4885,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:486,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B477~100%5D,as:%5B477~400.225%5D%7D%7D,%7Bsl:i,t:486,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:O,tt:fwjsvid,dtt:108,fm:sw0jHIS+1*.682720-53794595%7C11%7C12%7C13%7C141%7C151%7C16%7C171%7C18%7C191%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:08 GMT
x-server-name: dt65.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET pixel.png
unified.adsafeprotected.com/ Frame B372 0
0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 107ms
106ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=682720&asId=b55a797e-b8aa-0cc2-e24f-c89cabbb684b&tv=%7Bc:bda3io,pingTime:-4,time:6190,type:m,clog:%5B%7Bpiv:100,vs:o,r:v,w:400,h:225,t:42%7D,%7Bvs:i,r:,t:486%7D%5D,ve:%7BvEventCount:15,vEvents:%5B%7Bt:-50,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-36,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:134,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:390,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:110,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:390,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:391,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1635,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1885,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2885,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3385,tp:adVideoMidpoint,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3885,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4885,tp:adVideoThirdQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4885,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:6135,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:6188,tp:adVideoComplete,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:5704,o:486,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B477~100%5D,as:%5B477~400.225%5D%7D%7D,%7Bsl:i,t:486,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5705~100%5D,as:%5B5705~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:O,tt:fwjsvid,dtt:110,fm:sw0jHIS+1*.682720-53794595%7C11%7C12%7C13%7C141%7C151%7C16%7C171%7C18%7C191%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:09 GMT
x-server-name: dt48.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 107ms
107ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=682720&asId=b55a797e-b8aa-0cc2-e24f-c89cabbb684b&tv=%7Bc:bda3ip,pingTime:-1,time:6191,type:u,clog:%5B%7Bpiv:100,vs:o,r:v,w:400,h:225,t:42%7D,%7Bvs:i,r:,t:486%7D%5D,ve:%7BvEventCount:15,vEvents:%5B%7Bt:-50,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-36,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:134,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:390,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:110,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:390,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:391,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1635,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1885,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2885,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3385,tp:adVideoMidpoint,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3885,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4885,tp:adVideoThirdQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4885,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:6135,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:6188,tp:adVideoComplete,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,ndt:9,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:5705,o:486,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B477~100%5D,as:%5B477~400.225%5D%7D%7D,%7Bsl:i,t:486,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5705~100%5D,as:%5B5705~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:O,tt:fwjsvid,dtt:110,fm:sw0jHIS+1*.682720-53794595%7C11%7C12%7C13%7C141%7C151%7C16%7C171%7C18%7C191%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g,idMap:1*,rmeas:1,rend:1,renddet:env,lt:2%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:09 GMT
x-server-name: dt41.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzabCpqOk8AIV8yLTCh3n9gGDEAAYACDJgehGOhkIrYTRjgEQ9bjU-r8DGJbo3Qkgn-ibpNwNQhMI3ZmupqOk8AIVzMC7CB0UZgRC;dc_rmcid=CAASEuRoA0nkMf-jAIVXSiyZd_K_vQ;eps=CIDhgBAQARgd;met=1;acvw=sv%3D894%26cb%3Dj%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26p0%3D974,1199,1199,1599%26p1%3D974,1199,1199,1599%26p2%3D974,1199,1199,1599%26p3%3D974,1199,1199,1599%26tos%3D5795,0,0,0,0%26mtos%3D5795,5795,5795,5795,5795%26amtos%3D0,0,0,0,0%26mtos1%3D1491,0,0%26mtos2%3D1498,0,0%26mtos3%3D1502,0,0%26mcvt%3D5795%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5795%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D4691%26pst%3D202%26vpaid%26dur%3D6016%26vmtime%3D5967%26dtos%3D1304%26dtoss%3D4%26dvs%3D1304%26dfvs%3D1304%26dvpt%3D1304%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1304,1304,1304,1304,1304%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1624%26femvt%3D0%26emc%3D33%26emuc%3D0%26emb%3D33,0,0,0,0%26avms%3Dexc%26qi%3D355547047%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26ptlt%3D1619727549476%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5795%26ss0%3D0.04%26ss1%3D0.04%26ss2%3D0.04%26ss3%3D0.04;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1619727543004;ecn1=1;etm1=0;eid1=13;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6157 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8Sw_thSLYN3mFcyB7_UPlMyRkATYnKqMYp_om6TcDau7ivyXIhABINKW5jhglfrwgYwHoAH8_8vxAsgBBagDAcgDE5gEAKoE7AFP0G3sgsJl0UlF_NcHt-GB4L-ibzpDSP2eBf8kfN-C3gW7bzPGHiQIs_puE5YJMp2dKJ-wL2OvDsI_Qs8RtWRctmucxwlCEEor_hRfueWHiv973DwAHKwwu1jne-qsiOD3jbHV1Lwvj7ju90A6R0cmmohLSlQjgL2ab4nzD5OACVF5kD6stfobjKOukYE5NkptQLYlPCkyOOTygzF8bD_vsKN1Ia7jWe-V5H5NbQ-hNg3rhgGwOTPE-vo5fk8q263VDFCeec758bBJWXxgjLMW3VH3xJARwiiGWpRdXI48lrFN-0DRmal0ks34ccAE9bjU-r8D4AQDkAYBoAZOgAfs_7OOAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTM1NjYzMjg2MjM1NDQ4NoAKA5gLAcgLAYAMAbATwOGUC8gTlujdCdATANgTCogUAdgUAQ&sigh=EkVll8nQbRY&label=videoplaytime100&ad_mt=6016&acvw=sv%3D894%26cb%3Dj%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D974,1199,1199,1599%26p0%3D974,1199,1199,1599%26p1%3D974,1199,1199,1599%26p2%3D974,1199,1199,1599%26p3%3D974,1199,1199,1599%26tos%3D5795,0,0,0,0%26mtos%3D5795,5795,5795,5795,5795%26amtos%3D0,0,0,0,0%26mtos1%3D1491,0,0%26mtos2%3D1498,0,0%26mtos3%3D1502,0,0%26mcvt%3D5795%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5795%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D4691%26pst%3D202%26vpaid%26dur%3D6016%26vmtime%3D5967%26dtos%3D1304%26dtoss%3D4%26dvs%3D1304%26dfvs%3D1304%26dvpt%3D1304%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1304,1304,1304,1304,1304%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1624%26femvt%3D0%26emc%3D33%26emuc%3D0%26emb%3D33,0,0,0,0%26avms%3Dexc%26qi%3D355547047%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26ptlt%3D1619727549476%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5795%26ss0%3D0.04%26ss1%3D0.04%26ss2%3D0.04%26ss3%3D0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1619727543004&sdkv=h.3.453.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MTEyMTI3NTA2MjdAuwIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0OTI2MDkwMjkyCTE0ODUwNDc3N0BOCmQIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDkyNjA5MDI5MgkxNDg1MDQ3NzdA6wFSIxAEJRKDwEAoAToLMTQ4NTA0Nzc3LTFCBEdEQ01IjQJQAGABGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK aq Show response
capi.connatix.com/tr/ Frame BA28 0
295 B 116ms
116ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/aq?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 1_th.jpg
img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/ 8 KB
8 KB 7ms
7ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/1_th.jpg?crop=400:225,smart&width=400&height=225&format=jpeg&quality=60&fit=crop
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ae63b86b57288bbfe0165058fb76ff8836aac5a749713428a95225a28265122b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:09 GMT
age: 53688
etag: "m03uoFKbyxNeiBJVHm5eHzI6CToGrLfDVxXRgtG6MTA"
access-control-max-age: 86400
fastly-io-info: ifsz=90487 idim=2560x1440 ifmt=jpeg ofsz=8597 odim=400x225 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=31557600
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 8597

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame BA28 107 B
122 B 24ms
23ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 20:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8EB5 156 B
142 B 253ms
253ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6148&description_url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=948580587650015&cust_params=domains%3Dthreatpost.com&sdkv=h.3.453.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2940233645&sdk_apis=2%2C8&sid=49C88850-FA6E-4E80-8451-1E531A3BBD78&eid=44730464%2C44739826&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&dlt=1619727539073&idt=2288&dt=1619727549996&cookie_enabled=1&scor=3164788747194686&ged=ve4_td11_tt9_pd11_la11000_er974.1199.1127.1499_vi0.0.1200.1600_vp100_ts9_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame BA28 0
295 B 119ms
119ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame BA28 0
295 B 116ms
116ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame BA28 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 20:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 9A19 156 B
287 B 168ms
168ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F2570&description_url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=839098526981042&cust_params=domains%3Dthreatpost.com&sdkv=h.3.453.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3918427860&sdk_apis=2%2C8&sid=EEBE2A51-CE8F-4159-809A-D4972519902E&eid=44731465%2C44739826&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&dlt=1619727539073&idt=2264&dt=1619727550762&cookie_enabled=1&scor=800698717349387&ged=ve4_td12_tt10_pd12_la12000_er974.1199.1127.1499_vi0.0.1200.1600_vp100_ts8_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
370 B 97ms
97ms XHR
text/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&pid=A6w9WWTkPeCtz&cb=1&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22id%22%3A%22Amazon_400x225%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=0&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:11 GMT
via: 1.1 bd86a70de12d26e8fcde971fee50512c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MAD50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: HxEL9kug6QUqmrBy_RUHq0muLy9_50q1GU7mxHexYFAzODFRJjuxAQ==

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame BA28 279 B
540 B 221ms
221ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e687e03f4e42f5196a8f812676c2b264833833560d96e18a743099a29832dd13

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame BA28 100 B
393 B 144ms
144ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 104c7c46433b619342889e252384598a1e747d2d70c96c9ee31d1620573619cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 117

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame BA28 2 B
303 B 124ms
124ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: ffdbea2a5a9959ea5f9809139a0178c725fa9474a88f1cfe10f702bdb35c3cc0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 28

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame BA28 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 20:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6157 25 KB
7 KB 236ms
235ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6650&description_url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2946326282778639&cust_params=domains%3Dthreatpost.com&sdkv=h.3.453.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=1609378964&sdk_apis=2%2C8&sid=213A7CCB-E003-4420-9C95-9B183EC52F8F&eid=44732023%2C44739826&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&dlt=1619727539073&idt=2315&dt=1619727551517&cookie_enabled=1&scor=1999602340336404&ged=ve4_td13_tt11_pd13_la13000_er974.1199.1199.1599_vi0.0.1200.1600_vp100_ts9_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

d85598d9bc33f7f030e8b50255a61a2a1c484c1865375a4003e4035a2af13a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6651
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 6157 20 KB
11 KB 39ms
39ms XHR
text/xml 74.125.140.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BZ3EwoySudWTh6hN3VdN4aVrmt3siweQNSpiFHy0pXvTaNENMMmJ0mqqkwnrgCBsZvyBzk9oTn7FFXScwDv1nx98YmEg&dbm_d=AKAmf-CAv7JRSasOdFQB0uKIDfK7jjMRYBTmYZ1I3ezUOe-RRNVspKyHAI45VTyAMjTZFEWcEUWt_37c1xKYP7Ut77amqykz1rTWOOoaUJToSNQKxuIPnXesynGBI0tQXieSZoWr7eRxFGTwxqkjgwVk3O-xjCmy2DGYe5qIMsgJXc6DW1rjkseIrFCkRWz_B73QJfffJ91S9Rwi2P54VEEAoPAt9mhr5q-KHzlFX2tdmN4TfgeZ1hUZCVyH446oaJvNJeJqFbYxPcCTM6QiFmDom3972VFTb3T22WytSUtgWAovGHrzS7xgVVuKL--hxJyNQbrBfHl7sOq3ERCI-f0uZHjjnYoRndvhM2lcl0lN04Jztc-ZZF3rU5jo25XnvUry-4wRS-z3vicNqCj3GKo_rGGNNzaO7ejQ7dvQZK9XBlFdO_2OVAq2xg-VRryVL3T70uZ_XrswMObnTc5KGaKwZPN4PknAx4UGrwmgTTalRBkNy8Dr-ldnHEOe35euMugooMjpPX-127ZTBAkvRVtcG0QkUja8jLu1Cu9oRf7xAUyWZ6FH9VNML4jii3apxXCI1Ltd0ujlbuz7j_nF2QBeD7sfDj7SS_TlQNm0p9FmBlPUfQ_Yy_xvLBV5m-XkeqersptLz1BbUe-Mx6oUAMkNORhqp09O7E73IKLfUdV586hC8CYI5mfDkDhED9g3HOHfInUQbtrD67-kQjgTPfWz1sA5Lry7xy5UFB8NzIjurbAwxlgWSiho8EAqX1ZE9mzPA38KvHEz699p8Lm-n8jgKP1ti-mIo_dpsOc_r0UvS10z4WZGdj0UUUoF64_xs8Mihz71pYmCblGwrdcicdKUdJJPxJbzsMH15E-vtWknyP7ovhf6NOf9UgfoDzS7NJcljwfWiJPNg1F5w3wkQFrqbpOyx8wYNoWTtC7WR0qiwrnSzD1SWhCQ6wYmxSmP7g4iccnOG9JEyAMWRDQTNnOBBQlZ15RW50dibnTZ-QUS_qGQHUGxL3KlbQvepO46ttFUmMppCpG01DQsiugZCVeBg-5JKUHkIUVb2gUfPw3pQDSCmH76dBvDwBSwd56O-V2qY1ccXYLjM5gtOwGJOLRWF-grcFG-7F9uYSv4yiLjiFMdiwXKWbzIgmYL48hBTj2RMCh8lfTa32VKl3oi5XlsshebtbAmkYgW2YsbkU16PJvfzBW5lzjrnaSnTrawvJmYXTv5UG7EhIpNl4TAbfkE83SnVSVE9Jh8xV09nNqi4n9HbhkKBiJeHqe2CXXmKRr1S56pvGzjOnXDKdzO7dNCNKBz_VpkoNJLRzE3nXS-LdvGISkyTAwI9vZ5_soagFOLhJxKbWLMsT6OGw76_IXKAcdDBrUOxktDjgg8_5hOSkYa_fu1je3eKgMp-QWVeZrwBpZn1gYUarTQyDNDfbUadPGhM3ry3A5mHOvdNf4nBLJXcgQ2CiPbbaQnw6_yTcQTOiWthcQ_byTSECd0lmlVrUQmt3tuIiU2ejncJ3DMBhnkWeff5MCcix9kS-2bQzgkLe3VyGA533DSbhnkdYJZRlS2eWUYNteqdFDhACZbP-MT9aq-u3a1MvOBYMemh5QPilKJzw9kMyOfiVs7lIIU5T8ubgfjHuNZuB1vgeFGu0Lm-9O4loL_OJZcKbChzW9tCkctB3SsG3D3rSNa8eWpINwgf3Ym9eYX5VzDqif9X4ALXTdyTS21GbdkH_2YqrZWcYJFCXxEUiqoz_4d-zQa2USSyh0d5FL8EQj9etXcgnoiwv9aN92JK9RJdCjejCQWgz4YEicBthg-_2KODR_aDnp2-eJ-XdCS-0dS6pac72DUZcnoaCScyQIaXjbs0amhZePmDDUZKQll5rim4trT62LeTcLBL6hlvNp-iA76jElVJYJ5uHsI1LHlfo80I7uuuACtNfNS2ePtQmksmT18gQtwcMgFP2RyIQt9BnFzavsckeCZntF-S0cUaZO-flvfXf0bg6vWq8JzJo77MkdhF8P_uU_4cGancre5rTzS4Z3YHpMKc9CNmI517cZrbRytmcW2qeTKVeAjSvsFN54rlmgvvpYvwcZeSy9QnKpBvJ0avddNQMU2ImMt8SisrjNZMDqyTEc2bSSOikJ5CC5tdIKf_Mw8uGzgOkxNI7wgda6vftaFZIx8kuUI93AtvDzsjOZiD9WVr1ulQEva9IUZfIrsmIDESJNck1qKYE9UiFtzxT8myhjAnQ3GexQnxM7Qoi2J4xFqbpXB_npRah3jEAZqMdp053hvy9libVo2yREouPUaR8XED30JFZNik7tccx3FZwJqtAs0EEipZ9wlYQzwl8JxsWg0lLyWJg0bG3P_p7SQ0NZkNK8XLDD7cTfh_hr0X5DR-ELxQANT0vdhHM4OC9Dz9wdvsa5aV3bPnWU05EUBQQ9W-yEIl0-9cobtCvhdA-McCqSDrJ-L9Vx9lUTG7mMTMqR5jccLewl20FpYTMzZxehGyBFaKfPk8NmEV3ckqBvrfC1oz5qQqW2qykY_l2-7pwfBa_fMUC9JmB03AuDd2mhRRGsUQBQ4FE1HnIWStzaVU9FrQ_fRzrIcu8sVi6wqXMuNjH5OT5yNF5woZZwTdTC1PSnLrRT0vQrHiejQKYJtqPJXmp5DmYaBC_Qo5MBCcf_oR8TQT4RlH2jq951JwqN09CHkQjHGePB51FIjz443s_yqt8m3f2IuIkYMmm1PAASfdOw08r-vncb3A0toI4pLGefcXpdn1icfoSPk5bvvrZRcV1-OKAAMn5xYo7p9Tb5kcnCAIbkX530K2uLKWtlmzZWSne8MXaKI2x9kCNbs0hlgeh31-oaIKLzp2cIer9XebXf6vTiVh0sjoSKvgC6SKF3MquA9AAH5sZdsfRGeaEiRxrdN1HcVKUfjm66WnQZM5gA9s83-VDSEa6XvcpgWqgl0Qcv1QHn70TFy0ywUEkChYHbvgubcCpK2vxiEilMBd6IBcrQJzoGMSXD1TwWDslXVFLKJRY1g5KZ1PkhGLogMiRWuvT7nCIyaHkbQW1PFwtrQW7wBL335CJs9FT8&cid=CAASEuRoaeavpacG9P4vx_7wTJi2eA&sdkv=h.3.453.0&osd=2&frm=1&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=1609378964&sdk_apis=2%2C8&sid=213A7CCB-E003-4420-9C95-9B183EC52F8F&eid=44732023%2C44739826&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&dlt=1619727539073&idt=2315&dt=1619727551810&ged=ve4_td13_tt11_pd13_la13000_er974.1199.1199.1599_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f157.1e100.net

Software

cafe /

Resource Hash

1fef207295f13d829f51ca5c6ac07cbecafdf7fc09958bf871ecc1506c09051a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11389
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 53794585 Show response
unified.adsafeprotected.com/v2/682720/ Frame 6157 20 KB
4 KB 62ms
61ms XHR
text/xml 34.249.222.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unified.adsafeprotected.com/v2/682720/53794585?mon=53794586&omidPartner=-1&apiframeworks=2,8&bundleId=[BUNDLEID]&originalVast=https://ad.doubleclick.net/ddm/pfadx/N418801.3478950AMNET-DV360/B25571066.299778155%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.3.453.0%3Bdc_osd%3D2%3Bdc_frm%3D1%3Bdc_adk%3D1609378964%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/%3Bdc_vast%3D4%3Bdc_ves%3DdGltZXN0YW1wOiAxNjE5NzI3NTUxODM5Cg%3Bdc_cid%3D148474637%3Bdc_adid%3D492609044%3Bdc_vpaid%3D0%3B
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.222.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-222-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c751fd5ec8ed237a0ae94a8af71bc05e09c69161364a45865ae034abb75cd945

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 20:19:11 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 3900

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6157 42 B
108 B 17ms
17ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6EDE 50 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 835
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Thu, 29 Apr 2021 20:20:16 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6157 42 B
108 B 17ms
16ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
pubads.g.doubleclick.net/pagead/ Frame 6157 0
0 53ms
53ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CWbvcvxSLYMHQIYXf3wP5_5mIDqHIqoxiypmY4ucNq7uK_JciEAEg0pbmOGCV-vCBjAegAfz_y_ECyAEFqAMByAMTmAQAqgTpAU_Qrgl-eZuvck2mGQObFYzBCDMfH6zDJSiLcEbaadUbHwQuR9AyE6_KJbS-sfBlXxPefrWvGqEww7nNGczs8cGwfTAw5P6rDOld0pbct1YfldQJpvOb-IYa5rTpFcuFFWOrKhyZWzcFTIBUhXuiGjCvT_Ssc0cXgrQ03jt7tCjl7iYGGzNujMmI97gkCtBoVurpOPrvS75iKruCPtfyBKIEbZoAAZ2ypkw0a23hBPYWQantSfQoC1pvVn0qAD_vj2_ODWmgXt4WVMeGv_YJKIP587x9ZJfbGDMFmmJBYWGlosZnA9a2ms1lwAShq8KZygPgBAOIBZ-hgpMvkgUGCAMQAhgBkgUGCBsQAhgBkgULCCIQAhgBSKWegAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB-z_s44BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RvYBwDyBwsQiMejARjN-9iiAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTM1NjYzMjg2MjM1NDQ4NoAKA8gLAbATpMaaC8gT-eXdCdATANgTCogUAtgUAbIXGgoYCAASFHB1Yi0xOTI5NjE1Njk0MzczMTAz&sigh=QnWkQnvehBg&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&cid=CAQSOwCNIrLM49AsljnetstNetnSK9NGpV6h03eIXB9sz22-Z-aPCQ1sFbColC5fRFZkroB-zsM4qPu-XbeE&vt=10&sdkv=h.3.453.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MTEyMzE5MjA4NzFAoAIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0OTI2MDkwNDQyCTE0ODQ3NDYzN0ArCl4IARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDkyNjA5MDQ0MgkxNDg0NzQ2MzdAQFIeJQAAoEAoAToLMTQ4NDc0NjM3LTFCBEdEQ01QAGABGAE.
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 vpaid.2021.02.11-11.02-19676e0.js Show response
static.adsafeprotected.com/ias/v1/ Frame 6EDE 176 KB
42 KB 14ms
14ms Script
application/javascript 2600:9000:20e8:e000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.02.11-11.02-19676e0.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40ca98c145bf27de21e87e43748da8e926d8986e851f3e6747cafc4da373bca2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ZsEmUm3s8P8exdmAU5RZZ00nN1LdAgYK
content-encoding: gzip
etag: W/"14bdef8489e0d98a23c89039d178011f"
age: 7715
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 11 Feb 2021 16:29:40 GMT
server: AmazonS3
date: Thu, 29 Apr 2021 18:10:37 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 2d69f677a4a0e3e7eefdf9d24bd43661.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: RR-e57_ZuPAR7diHRrFOF_zVkFc-XR3edPuZkA-xDlw6Y46eRQardw==

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/db2/video/682720/53794585/ 40 B
382 B 36ms
36ms XHR
application/javascript 52.30.14.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/db2/video/682720/53794585/skeleton.js?videoId=055fc842c274354c5ee31d99adc86139&adsafe_url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&adsafe_type=abdq&adsafe_jsinfo=br:u
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.02.11-11.02-19676e0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-27.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:12 GMT
content-encoding: gzip
x-server-name: app37.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://threatpost.com
access-control-expose-headers: X-Server-Name
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/fwjsvid/st/682720/53794585/ 222 KB
73 KB 38ms
37ms Script
application/javascript 52.30.14.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/fwjsvid/st/682720/53794585/skeleton.js?videoId=055fc842c274354c5ee31d99adc86139&apiframeworks=2,8&bundleId=[BUNDLEID]&mon=53794586&omidPartner=-1&xmapp=0&xmtp=v&xsId=b9e30b0a-ec34-4d78-bc5e-b1d07f27b7ad&adsafe_par=&logTestResults=false
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-27.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 86701d9351f9293492d58c6651de52e472f355a871cb2825051ce23c03b2cc92

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:12 GMT
content-encoding: gzip
x-server-name: app08.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1

206
Partial Content

file.mp4
r4---sn-4g5e6nl6.c.2mdn.net/videoplayback/id/0251c9288dfc3da7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634728/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m...
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/0251c9288dfc3da7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634728/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r6---sn-4g5e6nl6.c.2mdn.net/videoplayback/id/0251c9288dfc3da7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634728/sparams/acao,ctier,expire,id,ip,ipbits,i...
https://r4---sn-4g5e6nl6.c.2mdn.net/videoplayback/id/0251c9288dfc3da7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634728/sparams/acao,ctier,expire,id,ip,ipbits,i...

432 KB
432 KB

130ms
7ms

Media
video/mp4

2a00:1450:4001:56::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nl6.c.2mdn.net/videoplayback/id/0251c9288dfc3da7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634728/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/54746E280D81373DAE0BD3CEEA4DA0E8EEFF5A05.3B926142EC47E0E7974A0775A8573DC0E1BAE859/key/cms1/cms_redirect/yes/mh/Fx/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nl6/ms/onc/mt/1619727400/mv/m/mvi/6/pl/50/ir/1/rr/12/file/file.mp4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:56::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d270272c89d9e03c326e9845c2af07ff0a143b8f06a33d4b997983feb860c239

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 20:19:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 31 Mar 2021 10:32:05 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-442274/442275
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 442275
Expires: Thu, 29 Apr 2021 20:19:12 GMT

Redirect headers

Date: Thu, 29 Apr 2021 20:19:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://r4---sn-4g5e6nl6.c.2mdn.net/videoplayback/id/0251c9288dfc3da7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634728/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/54746E280D81373DAE0BD3CEEA4DA0E8EEFF5A05.3B926142EC47E0E7974A0775A8573DC0E1BAE859/key/cms1/cms_redirect/yes/mh/Fx/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nl6/ms/onc/mt/1619727400/mv/m/mvi/6/pl/50/ir/1/rr/12/file/file.mp4
Cache-Control: private, max-age=900
Connection: close
Content-Length: 0
Expires: Thu, 29 Apr 2021 20:19:12 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 6157 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 22:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595578
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 22:52:54 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6157 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CThIavxSLYMHQIYXf3wP5_5mIDqHIqoxiypmY4ucNq7uK_JciEAEg0pbmOGCV-vCBjAegAfz_y_ECyAEFqAMByAMTmAQAqgTsAU_Qrgl-eZuvck2mGQObFYzBCDMfH6zDJSiLcEbaadUbHwQuR9AyE6_KJbS-sfBlXxPefrWvGqEww7nNGczs8cGwfTAw5P6rDOld0pbct1YfldQJpvOb-IYa5rTpFcuFFWOrKhyZWzcFTIBUhXuiGjCvT_Ssc0cXgrQ03jt7tCjl7iYGGzNujMmI97gkCtBoVurpOPrvS75iKruCPtfyBKIEbZoAAZ2ypkw0a23hBPYWQantSfQoC1pvVn0qAD_vj2_ODWmgXt4WVMeGv_YJcIJzVC__VwUAkJxmFM1U_N3wNHpu4Ty0eA-dUYxAwAShq8KZygPgBAOQBgGgBk6AB-z_s44BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xMzU2NjMyODYyMzU0NDg2gAoDmAsByAsBgAwBsBOkxpoLyBP55d0J0BMA2BMKiBQC2BQB&sigh=j767ttUfLes&label=vast_creativeview&ad_mt=0&acvw=sv%3D894%26cb%3Dj%26e%3D19%26nas%3D2%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,3970%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D0%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D-1%26vmtime%3D0%26is%3D0%26cs%3D0%26c%3D0%26mc%3D-1%26nc%3D-1%26mv%3D-1%26nv%3D-1%26lte%3D-2%26ces%26femt%3D10561%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D358237495%26psm%3D0%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1619727552036%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1619727551941&sdkv=h.3.453.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MTEyMzE5MjA4NzFAoAIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0OTI2MDkwNDQyCTE0ODQ3NDYzN0ArCmIIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDkyNjA5MDQ0MgkxNDg0NzQ2MzdAQFIiEAQlAACgQCgBOgsxNDg0NzQ2MzctMUIER0RDTUhgUABgARgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/db2/video/682720/53794585/ 92 B
314 B 40ms
40ms Script
application/javascript 52.30.14.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/db2/video/682720/53794585/skeleton.js?ias_callback=__IntegralAS_fb8e9e7cb51a70f895a5998cc4570e98_4098&videoId=055fc842c274354c5ee31d99adc86139&apiframeworks=2,8&bundleId=[BUNDLEID]&mon=53794586&omidPartner=-1&xmapp=0&xmtp=v&xsId=b9e30b0a-ec34-4d78-bc5e-b1d07f27b7ad&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-v8-bug-remote-code-execution%2F165662%2F&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fthreatpost.com%2F&adsafe_type=f&adsafe_jsinfo=,id:fb8e9e7c-b51a-70f8-95a5-998cc4570e98,c:bda3Y9,sl:outOfView,em:false,fr:true,mn:app08ie,pt:2-5-15,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,br:u,abv:na,an:n,oam:0,vc:jv3,nbld:0,fm:sw0jK0a+1*.682720-53794585%7C11%7C12%7C13%7C141%7C151%7C16%7C171%7C18%7C191%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:1*,pl:,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:fwjsvid,thd:1,et:20,oid:29350a7e-a928-11eb-bb77-025e58922a4e,v:19.8.193,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-27.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 20fdc02674ae3e7cda529913b40e30a5b54590e2e5964bce9ad9b49c6462d357

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:12 GMT
content-encoding: gzip
x-server-name: app37.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: application/javascript;charset=utf-8
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 08EE 82 KB
22 KB 15ms
14ms Script
application/javascript 2600:9000:20e8:e000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/google-chrome-v8-bug-remote-code-execution/165662/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 20:48:37 GMT
content-encoding: gzip
age: 4750236
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: AmazonS3
etag: W/"793767aa29c23c195c863f01f1e83e06"
vary: Accept-Encoding
x-amz-version-id: k6_KQKgDzgGo157ZbUyztz7Xtr8SFesr
via: 1.1 2d69f677a4a0e3e7eefdf9d24bd43661.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: TXL52-C1
content-type: application/javascript
x-amz-cf-id: -spqO0AShUiNCuWRsn8tdg3PLlBLV8eA0qerbXnXxzZz43emE4GfsQ==

GET
H3-29 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 1B51 23 KB
9 KB 7ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/H0ZEmIz7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imasdk.googleapis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8727
date: Thu, 29 Apr 2021 10:49:57 GMT
expires: Fri, 29 Apr 2022 10:49:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 34155
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B51 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:50:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 16096
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:50:56 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 105ms
105ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=682720&asId=fb8e9e7c-b51a-70f8-95a5-998cc4570e98&tv=%7Bc:bda3ZJ,time:117,type:e,env:%7Bgca:false,cca:true%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:117,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B112~100%5D,as:%5B112~400.225%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:O,tt:fwjsvid,dtt:0,fm:sw0jK0a+1*.682720-53794585%7C11%7C12%7C13%7C141%7C151%7C16%7C171%7C18%7C191%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:12 GMT
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B51 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.453.0&bgai=BcsTovxSLYOC-MvPFzAbn7YeYCAAAAAA4AeAEAg&bg=!fH-lfzvNAAZLnZBaS507ACkAdvg8WtSVi72D0ernN4QVCDxu-Pbj_h5mPnos-TapO1ko4Pl71UFeHQIAAABmUgAAAA5oAQcKAQF7Y6SGQ8aETFqGJPxIKhfd_gnVUeoUj8-L_VjXoUJbnybU_niBSXoRDjJ1on-mIKiVd4-FjX6iHgoBwWn26Cvg3-OntEXtMiLrePKoNJDpQtKci8Gn3mnmiJ4XxI71CLOSUkzaByoV4SDJZLYIMq9wcil-3Gf2iowsKjlVpOx9icpW2iQfsha4iPURfEJeQYyhhn5h-P4i9iyMZ44kQhdjGe9FwtqiRcxexADaJ5-zoQZQlb3VEEZF0QincocxXIts4topn97OJFIsMBtDmp3O86WHPnq5IMnOCTaJE4O7rJmfq-LykL-dlh0bb6_H0PkH4o_n1uUu3vrfE-DSJxOaq5kCReiyg7VmbeaT_E6VYzMnt55qj_uOWZZ18XL86QrYmudn3WmbWh0x9OHO4VDfwPFZFzvuY1ws8UMxo3M_G44mUvuk3oVTLW9YlIz7LSDOCFOELVWjCKbR02tou_apthdjqLDYa2iEGFD57tb7XYX6AiNh-kJ6x8sXuvy4cF3uNEBEB-eLo6N7vIMckey25iLE-0UJs_36zaE39R_ZmYI7F5TRFOl4gLBl6zfRpeB4XVDZ9Sk6SoBIKReJy9s4DfgRIdVWp1B6DIv-JlkrENT--bq3B-__BlwXLHcz4R-Bpdc2sKjdUCb2R5dZ1Gh0ebLlcmJAuv0DXmw4bLNgoOLfyHukjpUxx5jzlR4W5SD440yOlVlQWZ-cEkIGN9XhtgGi45e-eyw33hWbBXUU_Q31tFF7rBIqw06rpE0kQiBl6JxTa4qRKiz-wDJHE1Ek-SRJJedvUsigbucVpio_EtLMnJVfwNqf0R5ZdMlTjNjoq_eIK_XEVwqHlSFqda7A3qzhyqoY5oSinBqKgie4M_ZWcGWTvAdDVzuMPCfaqeoKwPXnm4RopbgzBcGc3BaQjbvzBxyYE1YwBnhtzwezwNrQn9W2Mie9YFORyZKEj0k7LbfTuLhm7MfaifCLLQvXOb8pkRTJBiMLmgZ9VvSHEjlvZQ1qz-H_EvFHYVAGFq0SzZO3rHs7s-FVe2kwrRfxKeJ6yFV1vDbcEw1nJJt-wJsiOw3T44XDVN87XuRnaVi2y4mT2rCDZZlR8DHT1htiPWSiZIWFhde5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 6EDE 35 B
174 B 29ms
28ms Image
image/gif 34.249.222.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjozMDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vdGhyZWF0cG9zdC5jb20vZ29vZ2xlLWNocm9tZS12OC1idWctcmVtb3RlLWNvZGUtZXhlY3V0aW9uLzE2NTY2Mi8ifX0sImNiIjoxNjE5NzI3NTUyNTIxLCJpYXNfc2luZ2xldGFnIjp0cnVlLCJpYXNfc2luZ2xldGFnX291dGNvbWUiOjE5LCJoZWFkZXJzIjp7ImhlYWRlcjgiOiJpYXNvIn0sImN1c3RvbSI6eyJjdXN0b203IjoiNjgyNzIwIiwiY3VzdG9tOCI6IjUzNzk0NTg1IiwiY3VzdG9tMTEiOiIyMDIxLjAyLjExLTExLjAyLTE5Njc2ZTAiLCJ4c2lkIjoiYjllMzBiMGEtZWMzNC00ZDc4LWJjNWUtYjFkMDdmMjdiN2FkIn19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.222.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-222-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 20:19:12 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2

200

skeleton.js
static.adsafeprotected.com/
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/682720/53794585/skeleton.js?videoId=055fc842c274354c5ee31d99adc86139&apiframeworks=2,8&bundleId=[BUNDLEID]&mon=53794586&omidPartner=-1&xmapp=0&xmtp=v&xsId=b...
https://static.adsafeprotected.com/skeleton.js?videoId=055fc842c274354c5ee31d99adc86139&apiframeworks=2,8&bundleId=[BUNDLEID]&mon=53794586&omidPartner=-1&xmapp=0&xmtp=v&xsId=b9e30b0a-ec34-4d78-bc5e...

17 B
17 B

15ms
15ms

Image
application/javascript

2600:9000:20e8:e000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.js?videoId=055fc842c274354c5ee31d99adc86139&apiframeworks=2,8&bundleId=[BUNDLEID]&mon=53794586&omidPartner=-1&xmapp=0&xmtp=v&xsId=b9e30b0a-ec34-4d78-bc5e-b1d07f27b7ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 10:01:14 GMT
via: 1.1 2d69f677a4a0e3e7eefdf9d24bd43661.cloudfront.net (CloudFront)
age: 7726679
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: -X0UKGkTtQiZuYBYb8wP89of5Ih5OqztS8Z53w0e1DMDqcuCzrGq5w==

Redirect headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:12 GMT
x-server-name: app33.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?videoId=055fc842c274354c5ee31d99adc86139&apiframeworks=2,8&bundleId=[BUNDLEID]&mon=53794586&omidPartner=-1&xmapp=0&xmtp=v&xsId=b9e30b0a-ec34-4d78-bc5e-b1d07f27b7ad
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 dc_oe=ChMIoJrwqqOk8AIV8yLTCh3n9gGDEAAYACCNluZGOhkIrYTRjgEQoavCmcoDGPnl3QkgypmY4ucNQhMIgazfqqOk8AIVhe93Ch35fwbh;dc_rmcid=CAASEuRoaeavpacG9P4vx_7wTJi2eA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D894%26cb%3Dj%...
ade.googlesyndication.com/ddm/activity/ Frame 6157 42 B
107 B 46ms
46ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoJrwqqOk8AIV8yLTCh3n9gGDEAAYACCNluZGOhkIrYTRjgEQoavCmcoDGPnl3QkgypmY4ucNQhMIgazfqqOk8AIVhe93Ch35fwbh;dc_rmcid=CAASEuRoaeavpacG9P4vx_7wTJi2eA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D894%26cb%3Dj%26e%3D0%26nas%3D2%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D5930%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D10561%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D358237495%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1619727552529%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1619727551941;dc_rfl=1,https%253A%252F%252Fthreatpost.com%252Fgoogle-chrome-v8-bug-remote-code-execution%252F165662%252F%240;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6157 42 B
64 B 17ms
16ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CThIavxSLYMHQIYXf3wP5_5mIDqHIqoxiypmY4ucNq7uK_JciEAEg0pbmOGCV-vCBjAegAfz_y_ECyAEFqAMByAMTmAQAqgTsAU_Qrgl-eZuvck2mGQObFYzBCDMfH6zDJSiLcEbaadUbHwQuR9AyE6_KJbS-sfBlXxPefrWvGqEww7nNGczs8cGwfTAw5P6rDOld0pbct1YfldQJpvOb-IYa5rTpFcuFFWOrKhyZWzcFTIBUhXuiGjCvT_Ssc0cXgrQ03jt7tCjl7iYGGzNujMmI97gkCtBoVurpOPrvS75iKruCPtfyBKIEbZoAAZ2ypkw0a23hBPYWQantSfQoC1pvVn0qAD_vj2_ODWmgXt4WVMeGv_YJcIJzVC__VwUAkJxmFM1U_N3wNHpu4Ty0eA-dUYxAwAShq8KZygPgBAOQBgGgBk6AB-z_s44BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xMzU2NjMyODYyMzU0NDg2gAoDmAsByAsBgAwBsBOkxpoLyBP55d0J0BMA2BMKiBQC2BQB&sigh=j767ttUfLes&label=part2viewed&ad_mt=206&acvw=sv%3D894%26cb%3Dj%26e%3D0%26nas%3D2%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D5930%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D10561%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D358237495%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1619727552529%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1619727551941&sdkv=h.3.453.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MTEyMzE5MjA4NzFAoAIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0OTI2MDkwNDQyCTE0ODQ3NDYzN0ArCmIIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDkyNjA5MDQ0MgkxNDg0NzQ2MzdAQFIiEAQlBsi9QCgBOgsxNDg0NzQ2MzctMUIER0RDTUhgUABgARgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6157 0
20 B 41ms
39ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6157 0
61 B 53ms
50ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuTK1fvTUGHRXsKbQWqvderCVMenglvDXX2sPgTKpmq5mpn3df68dI6uPZzGTuOKia_OpdWD2_la3wyblco4IP8ZT_c9yV_pxKC6vKtksHZZm71kSQ_Z7gblRe4IRoBlzB1ihzLoWNjybKhZMqSLx29j1gqwzT7YJ1sMX1bzg4NFjNCaVF7xrCw9W9cPQn7FzkuEhokZp5jrYnhM2hm_eM3GCIMJrZC7D1F30nmGHCxpoLDInVXICJBu0hiyRAWyt_i1djFL6o8HwfSRJakP8soeIVZ_jF_hBlKsVxuRsU_XNBcfDxPvbqNlM7DTdQZKElcddh0QZ-NNXd78WVaeMgyE7f8OuP-fafpjwdKr3boTYiVM6I-u4VL4UpoWZOI9-K2p0Kca8IXS11bOlRAri7g0pPqC4s48PDh-MwQmI_E8vVFzC2mNRT3r76EuEf5ZyDZDNF5R-OhA10n54jeAfEbSWDFs1_VXjekT4UFOxN9Io-FANvS9vZ3W1Oovt12AR9_j4dZ_Oe5BI05bTrHYIYeTFBXrDH4LtYee2Dkz17cTBXxmXYmXTF-6JuJ7J1dHSRwlTD6VEjcIUQi2qz_H_PnuSXO8JnjdKK6ZwExgv-fhlDLKAx8kZmkW-s3TrOxUbwI5ZrN0zC_z1_ByfH-rLc3L6HaNo2ZHz59qA-dqmrQGDE4d9i6-VSg84v9a26Y66UhPDd3zOe1Y87ab_ZKx1L1Bl4rwlmoQICJwpG5q41KA02VayCUsUlvsHexTdHj8KWeASG_JhX3P17GjT_v4YymMs6W4ZtLUI_1NSxU0E0g_OBQy9l9kdtNiXdMONzEEobyjmyIETu37hQxNs-jGmjUdwGeo74H7w1-vSw0gFzZ5oE3uVLTc0GKgK3acr7VHkuK6cdZozlHPEoJfe4Sn2Nzu1iUoQs2GK6hctHoIzUPHpGxWcpz9rIg-PMYwx5O7MfsWFtzZvLFPw6oNSu9zmjALopwXPaySPMhvpGR_exPS1dzK0f3vfrUFl-E_y190xt43ALGXa-MkBu4y06D2P3W-OZO2daq7MHSDOtBBFhpehB9WwULla4Zc5skkxCj0GWJUG4_in4b2OK5MYRcwSN8JsRUnReJt0gnRK7sYL2yUoeMjZF-QfWJ8VVaSDjYZvVBR3yhHmAN_Jg7MIkTTSgSI6jWU4xW16xPyQpmklEy_KoF93qBZMdkBbverD6_MCxWjc9H&sai=AMfl-YSs3j9d3GxpKhU9qoqmIcXqqwKH1L3oz9_TG7RbB13NlzhznoWuBJgmouUk0eQNnRixFZwZgppBWobNpy4d7_9lBa-y2w5frGzSYlUHNhntQ9Tcpvpm8fFDfKWSAzjmLLColBFOqoa0hVOC0vER1B3ez38aOA&sig=Cg0ArKJSzGj6L6ZgsC4REAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.453.0&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 29 Apr 2021 20:19:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

firstevent
intelcorp.demdex.net/ Frame 6157
Redirect Chain

https://intelcorp.demdex.net/event?event=imp&d_campaign=25571066&d_site=5134578&d_placement=299778155&d_ad=492609044&d_creative=148474637
https://intelcorp.demdex.net/firstevent?event=imp&d_campaign=25571066&d_site=5134578&d_placement=299778155&d_ad=492609044&d_creative=148474637

42 B
987 B

42ms
42ms

Image
image/gif

34.252.115.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intelcorp.demdex.net/firstevent?event=imp&d_campaign=25571066&d_site=5134578&d_placement=299778155&d_ad=492609044&d_creative=148474637

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-115-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-07d1da54e.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: uCV6joL7QAU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v005-08a1d9f96.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: qs9LwIIeRt8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://intelcorp.demdex.net/firstevent?event=imp&d_campaign=25571066&d_site=5134578&d_placement=299778155&d_ad=492609044&d_creative=148474637
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3-29 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 6157 0
0 19ms
17ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIXULRDioeABGM372KIBIAEwAQ&v=APEucNVa1iufXzmuzT0YYxBFAiaGPggRCjfprB4fiphiUxSxRE61UVWfKpRfpb1Lr87G8y7R-kiZ57Cl0XpvL4XBs85y4frzgQ
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 6157 43 B
105 B 8ms
5ms Image
image/gif 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
age: 66940
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:43:32 GMT

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 6157 35 B
174 B 44ms
29ms Image
image/gif 34.249.222.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vaW1hc2RrLmdvb2dsZWFwaXMuY29tLyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiNC4wIiwiY3VzdG9tMyI6IjQuMCIsImN1c3RvbTciOiI2ODI3MjAiLCJjdXN0b204IjoiNTM3OTQ1ODUiLCJ4c2lkIjoiYjllMzBiMGEtZWMzNC00ZDc4LWJjNWUtYjFkMDdmMjdiN2FkIn0sImhlYWRlcnMiOnsiaGVhZGVyMTEiOiJEQ00iLCJoZWFkZXIzIjoiLTEiLCJoZWFkZXI0IjoiMiw4IiwiaGVhZGVyNSI6IltCVU5ETEVJRF0iLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY2IiOiIxNjE5NzI3NTUxOTA0NzIzMzA3IiwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WUEFJRF9fV0VCX1BYTCJ9&key1=ROKU_ADS_APP_ID&key2=$APP_STOREURL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.222.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-222-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 20:19:12 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 6157
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/682720/53794586/skeleton.gif?xmtp=v&xmapp=0&xsId=b9e30b0a-ec34-4d78-bc5e-b1d07f27b7ad
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=b9e30b0a-ec34-4d78-bc5e-b1d07f27b7ad

43 B
482 B

16ms
16ms

Image
image/gif

2600:9000:20e8:e000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=b9e30b0a-ec34-4d78-bc5e-b1d07f27b7ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 03:05:18 GMT
via: 1.1 2d69f677a4a0e3e7eefdf9d24bd43661.cloudfront.net (CloudFront)
age: 7146834
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: 29TpRYyyxubykudyi4sBjYsz0hgHqOVuTMJU6z90b3Y654RQ_JNQQA==

Redirect headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:12 GMT
x-server-name: app36.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=b9e30b0a-ec34-4d78-bc5e-b1d07f27b7ad
cache-control: no-cache
content-length: 0
server: nginx

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoJrwqqOk8AIV8yLTCh3n9gGDEAAYACCNluZGOhkIrYTRjgEQoavCmcoDGPnl3QkgypmY4ucNQhMIgazfqqOk8AIVhe93Ch35fwbh;dc_rmcid=CAASEuRoaeavpacG9P4vx_7wTJi2eA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D894%26cb%3Dj%26e%3D15%26nas%3D2%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D5930%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D10561%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D358237495%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1619727552526%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1619727551941;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6157 42 B
64 B 43ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9hSjGQxnlayp3QXozPq4_Yx4l1AGQTWn_AyKTP4xpQmWODOUwT291DOBOsLs-1C7E0iQnji5yE6JfJJ6zK2kUp6JKpCfUjZjgyGBD6ypmRT5nNv6ZPyU8qwo85w&sai=AMfl-YT5RUHWZWbyqyPWQc_Rx_UIa0bUtDL8LXA8CjvWeOipZhfIPb5K7kLg-ctPH84CQ-3_UGHEiGvguNOvcJzwiPbLOHt0iLrgtC2n8Vr_z4HYERq9ubE_hfIM77s&sig=Cg0ArKJSzBqu1VI2GEM-EAE&cid=CAASEuRoaeavpacG9P4vx_7wTJi2eA&id=lidarv&acvw=sv%3D894%26cb%3Dj%26e%3D15%26nas%3D2%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D5930%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D10561%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D358237495%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1619727552526%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1619727551941&avm=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK ai Show response
capi.connatix.com/tr/ Frame BA28 0
295 B 120ms
120ms XHR
multipart/form-data 3.20.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ai?v=115548
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-220-113.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 29 Apr 2021 20:19:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 1_th.jpg
img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/ 8 KB
8 KB 7ms
7ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/47b7c5df-6fb8-4641-b573-9c92a7c88c0d/1_th.jpg?crop=400:225,smart&width=400&height=225&format=jpeg&quality=60&fit=crop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ae63b86b57288bbfe0165058fb76ff8836aac5a749713428a95225a28265122b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:19:12 GMT
age: 53691
etag: "m03uoFKbyxNeiBJVHm5eHzI6CToGrLfDVxXRgtG6MTA"
access-control-max-age: 86400
fastly-io-info: ifsz=90487 idim=2560x1440 ifmt=jpeg ofsz=8597 odim=400x225 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=31557600
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 8597

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 6EDE 35 B
174 B 32ms
31ms Image
image/gif 34.249.222.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjo0MDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vdGhyZWF0cG9zdC5jb20vZ29vZ2xlLWNocm9tZS12OC1idWctcmVtb3RlLWNvZGUtZXhlY3V0aW9uLzE2NTY2Mi8ifX0sImNiIjoxNjE5NzI3NTU0MDIxLCJpYXNfc2luZ2xldGFnIjp0cnVlLCJpYXNfc2luZ2xldGFnX291dGNvbWUiOjE5LCJoZWFkZXJzIjp7ImhlYWRlcjgiOiJpYXNvIn0sImN1c3RvbSI6eyJjdXN0b203IjoiNjgyNzIwIiwiY3VzdG9tOCI6IjUzNzk0NTg1IiwiY3VzdG9tMTEiOiIyMDIxLjAyLjExLTExLjAyLTE5Njc2ZTAiLCJ4c2lkIjoiYjllMzBiMGEtZWMzNC00ZDc4LWJjNWUtYjFkMDdmMjdiN2FkIn19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.222.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-222-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 20:19:14 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 105ms
105ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=682720&asId=fb8e9e7c-b51a-70f8-95a5-998cc4570e98&tv=%7Bc:bda4tM,pingTime:-4,time:1980,type:m,clog:%5B%7Bpiv:100,vs:o,r:v,w:400,h:225,t:19%7D,%7Bvs:i,r:,t:655%7D%5D,ve:%7BvEventCount:8,vEvents:%5B%7Bt:-15,tp:adLoaded,sl:o,ad_duration:5,width:400,height:225,volume:0%7D,%7Bt:-12,tp:adStarted,sl:o,ad_duration:5,width:400,height:225,volume:0%7D,%7Bt:229,tp:adDurationChange,sl:o,ad_duration:5.930667,width:400,height:225,volume:0%7D,%7Bt:479,tp:adImpression,sl:o,ad_duration:5.930667,width:400,height:225,volume:0,integral_timeToDecision:38,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:479,tp:adVideoStart,sl:o,ad_duration:5.930667,width:400,height:225,volume:0%7D,%7Bt:480,tp:adRemainingTimeChange,sl:o,ad_duration:5.930667,width:400,height:225,volume:0%7D,%7Bt:1729,tp:adRemainingTimeChange,sl:i,ad_duration:5.930667,width:400,height:225,volume:0%7D,%7Bt:1979,tp:adVideoFirstQuartile,sl:i,ad_duration:5.930667,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1325,o:655,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B650~100%5D,as:%5B650~400.225%5D%7D%7D,%7Bsl:i,t:655,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1325~100%5D,as:%5B1325~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:O,tt:fwjsvid,dtt:108,fm:sw0jK0a+1*.682720-53794585%7C11%7C12%7C13%7C141%7C151%7C16%7C171%7C18%7C191%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:14 GMT
x-server-name: dt52.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoJrwqqOk8AIV8yLTCh3n9gGDEAAYACCNluZGOhkIrYTRjgEQoavCmcoDGPnl3QkgypmY4ucNQhMIgazfqqOk8AIVhe93Ch35fwbh;dc_rmcid=CAASEuRoaeavpacG9P4vx_7wTJi2eA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D894%26cb%3Dj%26e%3D1%26nas%3D2%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D1498,0,0,0,0%26mtos%3D1498,1498,1498,1498,1498%26amtos%3D0,0,0,0,0%26mcvt%3D1498%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1498%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1098%26pst%3D200%26vpaid%26dur%3D5930%26vmtime%3D1460%26dvs%3D1498%26dfvs%3D1498%26dvpt%3D1498%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1498,1498,1498,1498,1498%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D10561%26femvt%3D0%26emc%3D11%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D358237495%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1619727554025%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1498;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1619727551941;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6157 42 B
210 B 19ms
19ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CThIavxSLYMHQIYXf3wP5_5mIDqHIqoxiypmY4ucNq7uK_JciEAEg0pbmOGCV-vCBjAegAfz_y_ECyAEFqAMByAMTmAQAqgTsAU_Qrgl-eZuvck2mGQObFYzBCDMfH6zDJSiLcEbaadUbHwQuR9AyE6_KJbS-sfBlXxPefrWvGqEww7nNGczs8cGwfTAw5P6rDOld0pbct1YfldQJpvOb-IYa5rTpFcuFFWOrKhyZWzcFTIBUhXuiGjCvT_Ssc0cXgrQ03jt7tCjl7iYGGzNujMmI97gkCtBoVurpOPrvS75iKruCPtfyBKIEbZoAAZ2ypkw0a23hBPYWQantSfQoC1pvVn0qAD_vj2_ODWmgXt4WVMeGv_YJcIJzVC__VwUAkJxmFM1U_N3wNHpu4Ty0eA-dUYxAwAShq8KZygPgBAOQBgGgBk6AB-z_s44BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xMzU2NjMyODYyMzU0NDg2gAoDmAsByAsBgAwBsBOkxpoLyBP55d0J0BMA2BMKiBQC2BQB&sigh=j767ttUfLes&label=videoplaytime25&ad_mt=1706&acvw=sv%3D894%26cb%3Dj%26e%3D1%26nas%3D2%26sdk%3Dh%26p%3D974,1199,1199,1599%26tos%3D1498,0,0,0,0%26mtos%3D1498,1498,1498,1498,1498%26amtos%3D0,0,0,0,0%26mcvt%3D1498%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1498%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1098%26pst%3D200%26vpaid%26dur%3D5930%26vmtime%3D1460%26dvs%3D1498%26dfvs%3D1498%26dvpt%3D1498%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1498,1498,1498,1498,1498%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D10561%26femvt%3D0%26emc%3D11%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D358237495%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1619727554025%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1498&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1619727551941&sdkv=h.3.453.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MTEyMzE5MjA4NzFAoAIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0OTI2MDkwNDQyCTE0ODQ3NDYzN0ArCmIIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDkyNjA5MDQ0MgkxNDg0NzQ2MzdAQFIiEAQlBsi9QCgBOgsxNDg0NzQ2MzctMUIER0RDTUhgUABgARgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 20:19:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST aq
capi.connatix.com/tr/ Frame BA28 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: quantcount.com
URL: https://quantcount.com/log/error?msg=%5BUSPAPI%5D%20unsuccessful:%20TypeError:%20Cannot%20read%20property%20%27getItem%27%20of%20null

Domain: r4---sn-4g5e6nzl.c.2mdn.net
URL: https://r4---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/a6c8652727d81f2f/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3761634454/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/814E11D66E45926EE8BC5BFC907C747BD56A995C.706EE2222F22DEB398BDC4E492942A333ECF721F/key/cms1/cms_redirect/yes/mh/Xx/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1619726909/mv/m/mvi/4/pl/50/file/file.mp4

Domain: unified.adsafeprotected.com
URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjo0MDYsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vdGhyZWF0cG9zdC5jb20vZ29vZ2xlLWNocm9tZS12OC1idWctcmVtb3RlLWNvZGUtZXhlY3V0aW9uLzE2NTY2Mi8ifX0sImNiIjoxNjE5NzI3NTQ5NDcwLCJpYXNfc2luZ2xldGFnIjp0cnVlLCJpYXNfc2luZ2xldGFnX291dGNvbWUiOjE5LCJoZWFkZXJzIjp7ImhlYWRlcjgiOiJpYXNvIn0sImN1c3RvbSI6eyJjdXN0b203IjoiNjgyNzIwIiwiY3VzdG9tOCI6IjUzNzk0NTk1IiwiY3VzdG9tMTEiOiIyMDIxLjAyLjExLTExLjAyLTE5Njc2ZTAiLCJ4c2lkIjoiODE0ZmY5MWQtOGUxNy00MjRmLWI3MWUtODg5YmZlNTU4YzM2In19

Domain: capi.connatix.com
URL: https://capi.connatix.com/tr/aq?v=115548

Verdicts & Comments Add Verdict or Comment

298 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.threatpost.com/	1970-01-19 17:55:27	Name: _gat_UA-35676203-21 Value: 1
.threatpost.com/	1970-01-19 17:56:53	Name: _gid Value: GA1.2.845551282.1619727540
.threatpost.com/	1970-01-20 11:26:39	Name: _ga Value: GA1.2.964722461.1619727540

563 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 399) Message: gBrowserWidth =1600
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 424) Message: OpenX Slot defined for /21707124336/ThreatPost-970x250-ATF div-gpt-ad-6794670-2
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 424) Message: OpenX Slot defined for /21707124336/ThreatPost-300x250-ATF div-gpt-ad-6794670-3
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 424) Message: OpenX Slot defined for /21707124336/ThreatPost-300x600-ATF div-gpt-ad-6794670-5
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 424) Message: OpenX Slot defined for /21707124336/ThreatPost-2x2-Skin div-gpt-ad-6794670-1
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 27) Message: %cCMP: Startup v270 color: #555599
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 8) Message: uspapi: uspapi_init() - v0.105
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 8) Message: USP: Locale=en-us gdpr= false
console-api	warning	URL: https://qd.admetricspro.com/js/threatpost/prebid.js(Line 4) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: ENGINE: gAMPidentityLinkID not present, prebid configured without identyLink
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: ENGINE: gSChainNodes found, prebid configured with 1 supply chain object(s)
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: ENGINE: final pbjs config
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: [object Object]
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: ENGINE: gAMPidentityLinkID not present, prebid configured without ATS Analytics
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: Initial Ad Load
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js?31060939(Line 6) Message: [GPT] Error in googletag.display: could not find div with id "div-gpt-ad-6794670-2" in DOM for slot: /21707124336/ThreatPost-970x250-ATF.
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 27) Message: %cCMP: GVL version is 45 color: #555599
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 27) Message: __uspLaunch begin
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://secure.quantserve.com/quant.js(Line 2) Message: ERROR Thu Apr 29 2021 22:18:59 GMT+0200 (Central European Summer Time) [USPAPI] unsuccessful: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32) Message: a: 0.002197265625 ms
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	(Line 7) Message: CNX-ad-imp
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	(Line 28) Message: CNX-ad-complete
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	(Line 7) Message: CNX-ad-imp
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: sendBidRequests(): LOOP gGDPRTCData.cmpStatus=undefined
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/engine.js(Line 5) Message: CMP not ready, rescheduling sendBidRequests(): gGDPRTCData.cmpStatus=loading

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.com
analytics.twitter.com
assets.threatpost.com
bid.g.doubleclick.net
c.amazon-adsystem.com
capi.connatix.com
cd.connatix.com
cds.connatix.com
csi.gstatic.com
dt.adsafeprotected.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
i0.wp.com
imasdk.googleapis.com
img.connatix.com
intelcorp.demdex.net
kasperskycontenthub.com
lit.connatix.com
media.threatpost.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pubads.g.doubleclick.net
qd.admetricspro.com
quantcount.com
r4---sn-4g5e6nl6.c.2mdn.net
r4---sn-4g5e6nzl.c.2mdn.net
r6---sn-4g5e6nl6.c.2mdn.net
rules.quantcount.com
s0.2mdn.net
secure.gravatar.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.ads-twitter.com
static.adsafeprotected.com
stats.g.doubleclick.net
t.co
tagan.adlightning.com
threatpost.com
tpc.googlesyndication.com
unified.adsafeprotected.com
vid.connatix.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.reddit.com
capi.connatix.com
quantcount.com
r4---sn-4g5e6nzl.c.2mdn.net
unified.adsafeprotected.com
104.244.42.67
104.244.42.69
13.224.105.229
13.224.106.23
142.250.185.66
142.250.185.98
142.250.218.227
151.101.113.140
151.101.114.137
151.101.194.137
172.217.23.98
192.0.77.2
199.232.136.157
2600:9000:206f:6a00:0:5c46:4f40:93a1
2600:9000:20c8:6000:2:9275:3d40:93a1
2600:9000:20c8:b600:6:44e3:f8c0:93a1
2600:9000:20e8:e000:8:48e:53c0:93a1
2606:4700:3031::6815:4184
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:21::14
2a00:1450:4001:3c::9
2a00:1450:4001:56::a
2a00:1450:4001:56::c
2a00:1450:4001:801::2003
2a00:1450:4001:801::2004
2a00:1450:4001:802::2006
2a00:1450:4001:803::2001
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9d
2a03:2880:f01c:800e:face:b00c:0:2
2a04:fa87:fffe::c000:4902
3.20.220.113
34.206.10.182
34.249.222.42
34.252.115.248
35.173.160.135
52.30.14.27
74.125.140.157
01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7
071a4fa383985360c3b0827c1e4df48a70e13d3cdf5e96e7e7835cc634001132
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0cc2442ed61a92fdfec0965866243b736e2e3b402d94a35c35000a2d5e19377b
104c7c46433b619342889e252384598a1e747d2d70c96c9ee31d1620573619cc
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
178f058426830d14a05750625b5f6750efc3cb905e25899209cde01fcd4877af
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bf36f722320de68e1ee53c54f807863e99a9ef5b7059d999dce985c01cdc23c
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
1d298e0ae7130be068b724bc98b010406f7eb21467d0c8ba023ee176c15c41fa
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fae2fa71985777563e10e045cfe8fdce2e2fb76702df565b713cac43b684e73
1fef207295f13d829f51ca5c6ac07cbecafdf7fc09958bf871ecc1506c09051a
20fdc02674ae3e7cda529913b40e30a5b54590e2e5964bce9ad9b49c6462d357
21be1fd4130a8faa9372238549023577f886b4fe7ad0a445b8811e60aa8ebb04
278ea4e8f45e81f8da7d31ba5a63f297379f46265d5ce979712b1d1f86c3497f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d
3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838
3143145c4a165c8481f6c7c3b7488069c45fead97d7b6cc8f2f5187d9ff0dc38
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a
3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d
3af36df6ac4cd29af5a06e8a7e477bd0328c128565cb1d1e7d84e0b7118e4218
3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f8a0180f1faf6374a1d4fa3cb72d63d223fa6e139d1d854eb0b250be56dbfe7
40ca98c145bf27de21e87e43748da8e926d8986e851f3e6747cafc4da373bca2
41f3222c29889fb48f5dca1d481858e5339a759655510c256ef4edf56c80f7f5
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d7bd0f1bb4e97d2514eb040d79dda8f9a0c3a53b0e3914dd7f82ef14abfb912
4e5ea4214b4900c4c114a5d5370fdf6a22bd14a1b1b49328be823e523ece3839
4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70
57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
5d77edb71e1031ff06541a7a2bd05cd3dbc3bfd5434711bae081fc06f8791558
5fe6aaba935aa93fd5d6d3ea3c6b7e5f1e5facd747c070b9fe6f59cba4dc7cbd
63d4f8893d25b8bfc6802691a12cab78c44b2a1fa4fa883e6be58a5e66d8d496
68d672ba14063f922d7b4b0e6f90d68a45636e5f40f703e7a30285837c5b8778
6c21cc5fe3c538e5c86a26b637528ec741229d66978f590cddf7ec8a186028b5
6cdc57f82f4b0d09e5b4e584ca4736cd3871f20563d4ce25120b057d8ffb4eb2
6e4880a5fa66ebe5c6344ba5ae5668ab8f898db1e5e0f1c24e22bfda79933356
72eaaf36ecf9e2e0757d5154ce285d44296ee79b32ea122953df2a1133c6f2fb
73339d824e344121a3039b2e0e9c9353fb8132e005bb6d53249814c213520d5d
733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75e108ea8e2a6431a6829c3ee869a2c7c606a6f2c6eed89792a11bf31a3828a2
7880f744e9731026f8df737f70ca5a50c257c0ee866cf15291b64d132c3650f2
79dbcaf65fbd773a5e27bf42f2c36e6c91758bd3932ef3f322761dcdc164ba69
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
814221921d936293a6dcceebe84bea01d2a40a18be1072d4b216914014532e2a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c6bdb6c54b2fb90a204cf0279e2d868513572d0963ec534083902c1307844b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb
86701d9351f9293492d58c6651de52e472f355a871cb2825051ce23c03b2cc92
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89ce08431545cd3c6d42419d99ee0152027a68c1d0c7c82838cc9a51d9d52451
8bb2bc71eddbb5647482329a474d058da4688d3913476676d31600a1f9bcedfa
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8ec1a7f08fd6c787bcf44cf12976ba89759d0138cdec2209842c37929d226e1c
9645c27b5228acc34427d33f05597bb3046cb97b66d045fc5d30e50613779b71
a0487787d0ea9f0db45895112d87f846589c8fdc5a56c0150a64c26c8e53943a
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22
aabef6fdf6754720952bba161391163f9b54dcd8302f64c85746a92c5aa8bae7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be
ae63b86b57288bbfe0165058fb76ff8836aac5a749713428a95225a28265122b
aefed2e2f730bc16ac245fe5a74dbd7cce0bd1b0a45eae47fb8d55244cb349f8
af65dbdaee4d0a826e68202477ea4bcc32577f7bcd6c6ac79be55dc9311df1d0
b0209d39595432d762f6ba2a81dc0bffa6a6e1ed9021ba24ffa06c3c7e4bcb02
b0c6e728aedbbdacc810656b61589c89e562b08543e5d2528a012243a75a4064
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b171ad7708dc76541c3fe7adc60166c466ab97a57f458b6f6ba5b52b7a30cb29
b5d0d2962dc3bdfce6195ca4b0545c324a09ffccf7b4f3801cfb70538ecaff1e
b6ca5e7ce5a8b75bcf39f2b53c7f3f987cfa47d458dcf4438501d8f53c5bcdf5
b97ff1109b709bf33a4a7593782b6f5f0fe56b3b46ef504dba244a9026c3fdbe
bbc688ea0af0051ff5a2e638a07cc36980f10deef3e1d0bdd069811768c6fe30
bc66122a84b587e9985de2bc9ed2321f76dbe0b40040ec6a22ed4dbc8bb736c5
bf03f141aea69052f28b247a7fe480fcaf754fcb8284ac79abf6926d52fc43f3
c5dec046e34be07896b049576ab815e325858284addd14fb16f61f7b1c119378
c751fd5ec8ed237a0ae94a8af71bc05e09c69161364a45865ae034abb75cd945
c92fded78b78e33ed04f2afa01045ef08f5b7bee1d4e22420faf621b1111a5b3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d270272c89d9e03c326e9845c2af07ff0a143b8f06a33d4b997983feb860c239
d36998265578b1657d38d960ab7940b23e0e4c79ecb4709132768f1e14f61e73
d54c0c98ed5e002c65c921660fb38e112df05729e921a539a48d7563bd4d0cf1
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d6cdc35b3c8b842725fabc25a2f5f3aa619f9f28cdc04f898a7f4a41aa401338
d85598d9bc33f7f030e8b50255a61a2a1c484c1865375a4003e4035a2af13a59
d9e6f27de18c7a916305db8af634996fd04e5535c12e2c97405c7af9cb406987
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3312d0c97a3d206cc02da170c4a412fe957e3fc33027533cadaf852293a83e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
e687e03f4e42f5196a8f812676c2b264833833560d96e18a743099a29832dd13
ec95a631650981cd2ff2eecd07118042dee23fc0a3fd6ed70926fa3d94e4e5d3
ed966e2ee7710ca70eece0f61e4c0705fa46a7d41b9408c01cddd3cbc82d8ef8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c022aff023cba27a95c593e440595dfb6f16413a18483866e74a56e2563db5
f4f2c0a4763f01ee2b13b4f8189e6fd5f32bd704d71fed8d0f11883de9724198
f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189
ffdbea2a5a9959ea5f9809139a0178c725fa9474a88f1cfe10f702bdb35c3cc0

threatpost.com Open in urlscan Pro 35.173.160.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

244 Requests

98 %HTTPS

59 %IPv6

28 Domains

53 Subdomains

47 IPs

4 Countries

7082 kBTransfer

12780 kBSize

3 Cookies

16 Outgoing links

Redirected requests

244 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Screenshot
Live screenshot

Full Image

244
Requests

98 %
HTTPS

59 %
IPv6

28
Domains

53
Subdomains

47
IPs

4
Countries

7082 kB
Transfer

12780 kB
Size

3
Cookies

244 HTTP transactions
2 data transactions