threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Submission: On December 27 via api (December 27th 2019, 5:42:40 am UTC) from US

Summary HTTP 153 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 45 IPs in 9 countries across 34 domains to perform 153 HTTP transactions. The main IP is 35.173.160.135, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is threatpost.com.
TLS certificate: Issued by Thawte EV RSA CA 2018 on June 17th 2019. Valid for: a year.

This is the only time threatpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	35.173.160.135 35.173.160.135	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
5	2600:9000:205... 2600:9000:2057:4c00:2:9275:3d40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE - Google LLC)
10	2600:9000:214... 2600:9000:214f:6400:0:5c46:4f40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
9	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY - Fastly)
14	46.166.134.35 46.166.134.35	43350 (NFORCE) (NFORCE)
1	2a00:1450:400... 2a00:1450:4001:81e::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	91.228.74.217 91.228.74.217	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY - Fastly)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a05:f500:11:... 2a05:f500:11:101::b93f:9001	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1	151.101.13.140 151.101.13.140	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER - Twitter Inc.)
1 2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER - Twitter Inc.)
5	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2600:9000:205... 2600:9000:2057:c800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	143.204.213.153 143.204.213.153	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
8	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
10	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
20	194.146.24.177 194.146.24.177	210329 (CLOUDWEBM...) (CLOUDWEBMANAGE-UK-1)
1	91.228.74.232 91.228.74.232	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.57.64.247 52.57.64.247	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.33.223.203 185.33.223.203	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	52.58.144.104 52.58.144.104	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER - Twitter Inc.)
2 3	54.72.122.154 54.72.122.154	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	5.39.67.10 5.39.67.10	16276 (OVH) (OVH)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	23.37.55.184 23.37.55.184	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 3	52.59.138.183 52.59.138.183	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
1	3.122.174.9 3.122.174.9	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
153	45

18 35.173.160.135 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com

threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kasperskycontenthub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2057:4c00:2:9275:3d40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

assets.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:214f:6400:0:5c46:4f40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

media.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 46.166.134.35 (Amsterdam, Netherlands)

ASN43350 (NFORCE, NL)

live.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.217 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:11:101::b93f:9001 (Ireland)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:c800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.213.153 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-213-153.fra53.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 194.146.24.177 (None, )

ASN210329 (CLOUDWEBMANAGE-UK-1, GB)

video.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.232 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.64.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-64-247.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.203 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.144.104 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-144-104.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.95.120.147 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

teachingaids-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
primis-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.72.122.154 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-122-154.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.39.67.10 (France)

ASN16276 (OVH, FR)
PTR: s06.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 68.174.244.35.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.55.184 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-37-55-184.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.59.138.183 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-59-138-183.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.162 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.174.9 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-174-9.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	sekindo.com live.sekindo.com video.sekindo.com	4 MB
32	threatpost.com threatpost.com assets.threatpost.com media.threatpost.com	801 KB
13	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	104 KB
12	twitter.com 1 redirects platform.twitter.com syndication.twitter.com analytics.twitter.com	108 KB
9	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	376 KB
7	googletagservices.com www.googletagservices.com	201 KB
5	twimg.com cdn.syndication.twimg.com pbs.twimg.com ton.twimg.com	86 KB
5	google.com 1 redirects adservice.google.com www.google.com	867 B
4	openx.net teachingaids-d.openx.net primis-d.openx.net u.openx.net	730 B
4	advertising.com 2 redirects ads.adaptv.advertising.com pixel.advertising.com	1007 B
4	google.de www.google.de adservice.google.de	622 B
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
2	yahoo.com ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	893 B
2	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	115 B
2	rubiconproject.com prebid-server.rubiconproject.com eus.rubiconproject.com	361 B
2	googleapis.com fonts.googleapis.com	1 KB
2	amazon-adsystem.com c.amazon-adsystem.com	28 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	6 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	rlcdn.com api.rlcdn.com
1	id5-sync.com id5-sync.com	370 B
1	casalemedia.com as-sec.casalemedia.com	903 B
1	adnxs.com ib.adnxs.com	1 KB
1	gstatic.com fonts.gstatic.com	11 KB
1	quantcount.com rules.quantcount.com	356 B
1	t.co t.co	449 B
1	reddit.com www.reddit.com	2 KB
1	linkedin.com www.linkedin.com
1	facebook.com graph.facebook.com	567 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	google.be adservice.google.be	171 B
1	googletagmanager.com www.googletagmanager.com	23 KB
1	kasperskycontenthub.com kasperskycontenthub.com	368 B
0	adap.tv Failed sync.adap.tv Failed
153	34

	Domain	Requested by
20	video.sekindo.com	threatpost.com live.sekindo.com
17	threatpost.com	threatpost.com platform.twitter.com
14	live.sekindo.com	threatpost.com live.sekindo.com
10	media.threatpost.com	threatpost.com
9	platform.twitter.com	threatpost.com platform.twitter.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com threatpost.com
7	www.googletagservices.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
7	securepubads.g.doubleclick.net	threatpost.com securepubads.g.doubleclick.net
5	assets.threatpost.com	threatpost.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	pixel.advertising.com	2 redirects threatpost.com
3	match.adsrvr.org	2 redirects live.sekindo.com
3	adservice.google.de	pagead2.googlesyndication.com
2	u.openx.net	live.sekindo.com
2	ton.twimg.com	platform.twitter.com
2	pbs.twimg.com	threatpost.com
2	fonts.googleapis.com	live.sekindo.com
2	c.amazon-adsystem.com	live.sekindo.com c.amazon-adsystem.com
2	syndication.twitter.com	1 redirects threatpost.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	pr-bh.ybp.yahoo.com	threatpost.com
1	ups.analytics.yahoo.com	threatpost.com
1	cm.g.doubleclick.net	1 redirects
1	eus.rubiconproject.com	live.sekindo.com
1	ads.pubmatic.com	live.sekindo.com
1	api.rlcdn.com	live.sekindo.com
1	id5-sync.com	live.sekindo.com
1	analytics.twitter.com	static.ads-twitter.com
1	primis-d.openx.net	live.sekindo.com
1	as-sec.casalemedia.com	live.sekindo.com
1	hbopenbid.pubmatic.com	live.sekindo.com
1	teachingaids-d.openx.net	live.sekindo.com
1	ads.adaptv.advertising.com	live.sekindo.com
1	ib.adnxs.com	live.sekindo.com
1	prebid-server.rubiconproject.com	live.sekindo.com
1	fonts.gstatic.com	threatpost.com
1	pixel.quantserve.com	threatpost.com
1	rules.quantcount.com	secure.quantserve.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	t.co	threatpost.com
1	www.google.de	threatpost.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	www.reddit.com	threatpost.com
1	www.linkedin.com	threatpost.com
1	graph.facebook.com	threatpost.com
1	static.ads-twitter.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	adservice.google.be	securepubads.g.doubleclick.net
1	www.googletagmanager.com	threatpost.com
1	kasperskycontenthub.com	threatpost.com
0	sync.adap.tv Failed	threatpost.com
153	54

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
feedly.com
www.instagram.com
www.prnewswire.com
blog.searsholdings.com
news.delta.com
t.co
indd.adobe.com
spotlight.threatpost.com

Subject Issuer	Validity	Valid
threatpost.com Thawte EV RSA CA 2018	`2019-06-17` - `2020-06-17`	a year	crt.sh
assets.threatpost.com Amazon	`2019-04-02` - `2020-05-02`	a year	crt.sh
kasperskycontenthub.com Thawte RSA CA 2018	`2019-06-14` - `2020-06-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
media.threatpost.com Amazon	`2019-04-02` - `2020-05-02`	a year	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-28` - `2020-09-01`	a year	crt.sh
www.sekindo.com Go Daddy Secure Certificate Authority - G2	`2019-05-23` - `2020-06-18`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.google.be GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-12-06` - `2020-03-05`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2019-11-21` - `2020-09-01`	9 months	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2018-08-17` - `2020-09-02`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.adaptv.advertising.com DigiCert SHA2 High Assurance Server CA	`2017-09-20` - `2020-09-18`	3 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.id5-sync.com Go Daddy Secure Certificate Authority - G2	`2017-04-02` - `2020-04-02`	3 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2017-06-14` - `2020-06-18`	3 years	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-10-30` - `2020-04-27`	6 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-08-07` - `2020-02-03`	6 months	crt.sh

This page contains 18 frames:

Primary Page: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Frame ID: C5F5738E8E923BE6F708F949DCC229F8
Requests: 73 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1577425341&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=undefined
Frame ID: 39A698C311D1D7ACAEC79D6179E7F00A
Requests: 33 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.69e02060c7c44baddf1b5629549acc0c.html?origin=https%3A%2F%2Fthreatpost.com
Frame ID: 02E25B6CCE6387B2211E413C3B733C7A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.69e02060c7c44baddf1b5629549acc0c.en.html
Frame ID: 96AAFDE17CA2C7A1FFD5BCCA99B0ACE7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIPqYmI3IRUdOS9lSzDT6JTDWA30NwYbpqx-BGHauhgch5sr6knt9fYxoNfNb7xnXpA4umsIiD90PNRyLYMEZPrydSvgtFtVq0U6WfOV9C8tp1vTAPuJ872rTVny3cYMG2XY_tn_GZPfN9DmsagcUOhrh7WbFVeANxZYS8jjl1cjqZa2rpw61HtxCGqTXjaevlEdCl_7MRHAUcg6zJBVgTlS-r1-HE2W9fjkD497Y-6M1Z0tEHIoTvHz7uGfHsgpu8HEyLUlMdEw&sai=AMfl-YR3yWUJi-AzjMXEdmzRw7qLe_E-EQlGwSy4Ag3AvGc0Nv1kge2P5h_x0UK143GX89yd0FNMT-VOFIMGpg2XCdCJ7dSDHX2foq0uPj-q-A&sig=Cg0ArKJSzBFIHkUSjQQAEAE&urlfix=1&adurl=
Frame ID: 8AF52945AB0167B4059AC906389C2F22
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7x0FnZtm-iiLtLfEAwgQ4nEsU-ksG6Gvi_PhhnHkdkb70dovQOdJggB-IQeKgXXVRTOkVFPx-doCfM-EcKtkHJ0KAVJHqel5oPq7drfhxAS_KrI58uvhLPusHs3UyoATNkixH4bobILC13jkq8VMYhCpgKgzNzsRDgvmD38_OhuaH06htMGXhBJ3zqqM86YJ9th5_vdE1x0ddqimTAkMk0IzRZwfL0UthhpAwmOCCXatKaPYnNiPZLa26v41SrOrUZSxputeJJw&sai=AMfl-YTII2OzLyZy8nieAPuncabTR6sqphpOekAj-VbWzXqwCJ-9VGjAor8G_7eic2l9Neh7WDILeM-KOWBFrj87RJevZgDRiQo0_WWe3q7aHg&sig=Cg0ArKJSzMFdKRBgr6qCEAE&urlfix=1&adurl=
Frame ID: 5BA21B5381AC8F0197D6FDCB0BD84AF9
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-AigGu_zZIPA40xN_LqK6RGbk6STnhORVLNcPWT7W0WNuhAWyWiAefPY2EnDyqDZOOSc8Qlt6AHfJK5ej4UCMv98ElxrGuHvGncGjMNnmrjmc0azS6YVWLJBCGrIXF-yPyuDEHReNS1SK1EQIQ3cX1p6TyxHNMQIlhTUlSfvkdG1wLqoDrzATexIhAXS6hpR41dzYyVDjfJoR3Ho0lmqwrfSazIOZ1oYRBDqbW_88EIO5lWhK1mXtFnYaxFI77ZWVBvjYMuiBnA&sai=AMfl-YQGRvTElG_jMiKYPfnrZWKErHXrlIKlauKaua9P4v1BFRqFATyKgKWLNHkdn70Yi6KY3W_YixA-mJdluLCfOkobqep_VzXxCqYdLp68mQ&sig=Cg0ArKJSzOa-Vr13XCq9EAE&urlfix=1&adurl=
Frame ID: 256F2430D834184EB14B51620D2E3B54
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Frame ID: CDF6489701124BCA7371D691A5C97D3C
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto
Frame ID: 5014F8E33F2AE15C8EF624F2ECFE44E8
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto
Frame ID: D4F4D2C28F1E078910A38090F9221EE9
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7500593236707325&output=html&h=250&slotname=7047286166&adk=3026389540&adf=3173046726&w=970&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1577425342103&bpp=14&bdt=85&fdt=185&idt=185&shv=r20191205&cbv=r20190131&saldr=aa&correlator=8452702961503&frm=23&ife=4&pv=2&ga_vid=1429220001.1577425342&ga_sid=1577425342&ga_hid=222756624&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=0&biw=1585&bih=1200&isw=970&ish=250&ifk=3080712626&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=1411861359436653&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.i3txlh8cq9q&fsb=1&dtd=196
Frame ID: 5875B8A092922BECAEFA4822AC0FA03A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=3173046724&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1577425342121&bpp=5&bdt=90&fdt=206&idt=206&shv=r20191205&cbv=r20190131&saldr=aa&correlator=8452702961503&frm=23&ife=4&pv=1&ga_vid=1429220001.1577425342&ga_sid=1577425342&ga_hid=909832759&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1093&ady=1665&biw=1585&bih=1200&isw=300&ish=600&ifk=2636940715&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=490218936541911&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.kgznc4z48vwi&btvi=1&fsb=1&dtd=212
Frame ID: D4F368AE58189BB9832C7BCA1BF47AC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7500593236707325&output=html&h=250&slotname=7286959315&adk=2838937357&adf=3173046725&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1577425342193&bpp=17&bdt=168&fdt=173&idt=173&shv=r20191205&cbv=r20190131&saldr=aa&correlator=8452702961503&frm=23&ife=4&pv=1&ga_vid=1429220001.1577425342&ga_sid=1577425342&ga_hid=1460197263&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1093&ady=407&biw=1585&bih=1200&isw=300&ish=250&ifk=3421461788&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=1565637385767874&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.l9fgj3a2u016&fsb=1&dtd=184
Frame ID: 747807C348804B3A39D768EE6C8165F5
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 9A8BD686BCF2CD0F02770C1B511C0CDA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C93062B32A0ACCAF676F05882BB7ABDC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1B214BBF0777CE9E3A7CB5AD9474EDA7
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 1AA906F34EF34F1B107E5BC3014B9A8C
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 0D6D8D8BEAAB7873CC14D440D36504CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

153
Requests

99 %
HTTPS

43 %
IPv6

34
Domains

54
Subdomains

45
IPs

9
Countries

5758 kB
Transfer

8660 kB
Size

7
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/threatpost/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/threatpost

Search URL Search Domain Scan URL

URL: https://feedly.com/threatpost

Search URL Search Domain Scan URL

URL: https://www.instagram.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://www.prnewswire.com/news-releases/247ai-issues-statement-on-information-security-300624659.html
Title: [24]7.ai

Search URL Search Domain Scan URL

URL: https://blog.searsholdings.com/shc-updates/statement-on-data-security-incident/
Title: Sears

Search URL Search Domain Scan URL

URL: https://news.delta.com/statement-247ai-cyber-incident
Title: Delta

Search URL Search Domain Scan URL

URL: http://twitter.com/search?q=%23data
Title: #data

Search URL Search Domain Scan URL

URL: http://twitter.com/search?q=%23Facebook
Title: #Facebook

Search URL Search Domain Scan URL

URL: https://t.co/EgCcimtRJZ
Title: https://t.co/EgCcimtRJZ

Search URL Search Domain Scan URL

URL: https://indd.adobe.com/view/639c3b32-90d4-40a1-9a31-2c49c7a86075
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://spotlight.threatpost.com/
Title: HackerOne Spotlight

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=64164542&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&ul=en-us&de=UTF-8&dt=Delta%2C%20Sears%20Breaches%20Blamed%20on%20Malware%20Attack%20Against%20a%20Third-Party%20Chat%20Service%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YAhAAEAB~&jid=1119093092&gjid=846343175&cid=1429220001.1577425342&tid=UA-35676203-21&_gid=2102476134.1577425342&_r=1&gtm=2wgc61PM29HLF&z=125767437 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35676203-21&cid=1429220001.1577425342&jid=1119093092&_gid=2102476134.1577425342&gjid=846343175&_v=j79&z=125767437 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1429220001.1577425342&jid=1119093092&_v=j79&z=125767437 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1429220001.1577425342&jid=1119093092&_v=j79&z=125767437&slf_rd=1&random=626183998

Request Chain 135

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 152

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://pixel.advertising.com/ups/55953/sync?uid=a2e27a1c-4474-4549-a201-efa27ba9b529&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=a2e27a1c-4474-4549-a201-efa27ba9b529

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESELzIG6KW-5Q_wimAEo3NYUU&google_cver=1 HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESELzIG6KW-5Q_wimAEo3NYUU&google_cver=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESELzIG6KW-5Q_wimAEo3NYUU&google_cver=1&apid=UPa873bc13-286b-11ea-a670-024b028bab36

Request Chain 155

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://sync.adap.tv/sync?type=gif&key=tubemogul&uid=XgWZvgAABc-s9RyO

153 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/ 74 KB
18 KB 585ms
195ms Document
text/html 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9a933f62fa17950f1307a5853d89f7967033e664598e49aa39dae0e68e0d2fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: threatpost.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

Server: nginx
Date: Fri, 27 Dec 2019 05:42:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Link: <https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/?p=131023>; rel=shortlink
x-cache-hit: HIT
Content-Encoding: gzip

GET
H/1.1 200
OK main.css
threatpost.com/wp-content/themes/threatpost-2018/assets/css/ 228 KB
35 KB 551ms
213ms Stylesheet
text/css 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1576571290
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9776cc02d6f0af7bc9d919ab3f3cc66e399543fd65ccf995bb958745ef7e5b86

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 27 Dec 2019 05:42:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Dec 2019 08:28:10 GMT
Server: nginx
ETag: W/"5df8919a-38e4d"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 03 Jan 2020 05:42:21 GMT

GET
H2 200 /
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 65 KB
15 KB 146ms
7ms Stylesheet
text/css 2600:9000:2057:4c00:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=b8853d46

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2057:4c00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

9df0e8867ec50a03053296aee36587e9ef939215843f1d5366d234d3dca28472

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Dec 2019 09:10:01 GMT
content-encoding: gzip
age: 73940
x-cache: Hit from cloudfront
status: 200
content-length: 14986
x-cache-hit: MISS
last-modified: Tue, 17 Dec 2019 08:28:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: O6fnALch-wltnNXvw7PqRE4EGh3QaYuvq73LGR49ULM5yzkbgAp3Ig==
expires: Wed, 18 Dec 2019 08:29:06 GMT

GET
H/1.1 200
OK jquery.js Show response
threatpost.com/wp-includes/js/jquery/ 95 KB
37 KB 551ms
213ms Script
application/x-javascript 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 27 Dec 2019 05:42:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Oct 2019 20:47:26 GMT
Server: nginx
ETag: W/"5da4dede-17a69"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 03 Jan 2020 05:42:21 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 175 KB
55 KB 145ms
8ms Script
application/x-javascript 2600:9000:2057:4c00:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=b8853d46

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2057:4c00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

f89d17dc2e4ecb385243b7b4cdaf5d8d9f6d4b9829e2be80afb66d01721835e3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Dec 2019 09:10:01 GMT
content-encoding: gzip
age: 73940
x-cache: Hit from cloudfront
status: 200
content-length: 55884
x-cache-hit: MISS
last-modified: Tue, 17 Dec 2019 08:28:10 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: -jb8sNhXBqKG6E4fVLu9AwuIFUoVYwfewR60Nd5P5UwllcGNTMJK_Q==
expires: Wed, 18 Dec 2019 08:29:11 GMT

GET
H/1.1 200
OK / Show response
kasperskycontenthub.com/ 0
368 B 610ms
170ms Script
application/javascript 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=478808265&back=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Dec 2019 05:42:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
x-cache-hit: MISS
Transfer-Encoding: chunked
Connection: close
X-XSS-Protection: 1; mode=block

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 51 KB
16 KB 79ms
32ms Script
text/javascript 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

8194ff3826976ab39199703c90dca9ddec292bfe5033e69e473f76b7fb8742e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "379 / 572 of 1000 / last-modified: 1576520981"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15828
x-xss-protection: 0
expires: Fri, 27 Dec 2019 05:42:21 GMT

GET
H2 200 Travel_Airline_Jet.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/04/05184723/ 225 KB
225 KB 341ms
219ms Image
image/jpeg 2600:9000:214f:6400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/04/05184723/Travel_Airline_Jet.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9421e2dbc3b5aba9996c72bb75b3921dad845edfcd3a9fe09d668704685ca595

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
via: 1.1 b0954612f115b3d0a0db0a669e45ae8f.cloudfront.net (CloudFront), 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jul 2018 02:27:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1, FRA53-C1
etag: "7009ed01fc7421ec63bc955cd7704e40"
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 229981
x-amz-cf-id: cYNjJgb5UAGTE_Sp3zDyrz_ItRgb1BetgzAzklHmlf6uF2ITTWp3Qw==
expires: Wed, 03 Jul 2019 02:27:21 GMT

GET
H2 200 0.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2018/08/15115541/ 10 KB
11 KB 8ms
7ms Image
image/jpeg 2600:9000:214f:6400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/08/15115541/0.jpeg
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b1b3e1dbec0a6b898bf6b8f17caa692c112ba2d215a1300b1c014c75f9f5ad8

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 04:43:18 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront), 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Mon, 20 Aug 2018 15:57:19 GMT
server: AmazonS3
age: 89458
etag: "756a0525b47f4557fdfec408731afd91"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2, FRA53-C1
accept-ranges: bytes
content-length: 10662
x-amz-cf-id: GZGZXkySbdOPgYKSrQ7_xD0Nh-UzhL8qk8JRlVkD9w_sv2K5xCkARg==
expires: Tue, 20 Aug 2019 15:57:18 GMT

GET
H2 200 widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 79ms
24ms Script
application/javascript 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: ff6a67b5b4c91cf683b9168393ce7aa41d64326a40b928809cdf7e15d0b3c8b8

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:21 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 28837
x-served-by: cache-iad2121-IAD, cache-fra19130-FRA
last-modified: Tue, 10 Dec 2019 23:46:10 GMT
etag: "a41dba1e30b9426e9a69c373d2c94042+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 Data-Breach-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/12/22134902/ 24 KB
25 KB 8ms
8ms Image
image/jpeg 2600:9000:214f:6400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/12/22134902/Data-Breach-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08699d569b86c9e9ac074bbc671aea1e2fc39a255afb48757998a845629aaa69

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Dec 2019 14:00:23 GMT
via: 1.1 79503619d600dbc1c9e04a650d3d7f3f.cloudfront.net (CloudFront), 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Sun, 22 Dec 2019 18:49:05 GMT
server: AmazonS3
age: 50545
etag: "d53925ebccb6f1ae2be0bf9182c1db1b"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA54, FRA53-C1
accept-ranges: bytes
content-length: 24875
x-amz-cf-id: kvm9MGHIGtVgmBwfEGqoLpExp7pcCsWWF2wWFdFHws3zCcFmsmEE9A==
expires: Mon, 21 Dec 2020 18:49:02 GMT

GET
H2 200 Hacker-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/01/23110846/ 21 KB
21 KB 8ms
7ms Image
image/jpeg 2600:9000:214f:6400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/01/23110846/Hacker-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7fb585c3117accba53362a335a1200e2a3d43db7ac9876dd63797e987257b4df

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Dec 2019 14:02:15 GMT
via: 1.1 d12467f4c051603df707c4dfa0fee85d.cloudfront.net (CloudFront), 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Wed, 23 Jan 2019 16:08:49 GMT
server: AmazonS3
age: 227746
etag: "8f502cc31512d073f6e7a0a39b5970de"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA54, FRA53-C1
accept-ranges: bytes
content-length: 21208
x-amz-cf-id: uP2PT87Z9t3W9ME4nLmpy2Ez8rC_7POxe28pOiDt5YBDKV5kbWHYoQ==
expires: Thu, 23 Jan 2020 16:08:46 GMT

GET
H2 200 data-breach-540x270.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2019/01/03114745/ 34 KB
34 KB 7ms
7ms Image
image/jpeg 2600:9000:214f:6400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/01/03114745/data-breach-540x270.jpeg
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5c2b6220cfcf68b761ac2677872e7f1441aa9d67fefe61d526ab19a2a926933

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 12:09:02 GMT
via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront), 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Thu, 03 Jan 2019 16:47:49 GMT
server: AmazonS3
age: 313259
etag: "46e0914192d2c7a2e4f65d5fe5e231e4"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1, FRA53-C1
accept-ranges: bytes
content-length: 34774
x-amz-cf-id: EnEPwzaomAA8zCjnAWRrMx4TZXmrWGP3lsUgsSwUXgNjZJSOr_JmJQ==
expires: Fri, 03 Jan 2020 16:47:45 GMT

GET
H2 200 artificial_intelligence-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/10/01152243/ 2 KB
2 KB 7ms
5ms Image
image/jpeg 2600:9000:214f:6400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/10/01152243/artificial_intelligence-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a968b405c5b4dcd85f76e5400c41930968710351102d83a80cf114ad7549b5d0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Dec 2019 14:00:59 GMT
via: 1.1 3ef066dcf359ad5dbc339df978147194.cloudfront.net (CloudFront), 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Mon, 01 Oct 2018 19:22:48 GMT
server: AmazonS3
age: 54869
etag: "a67a437ee807847e498f42bfe1dd14fa"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA54, FRA53-C1
accept-ranges: bytes
content-length: 1834
x-amz-cf-id: 6v1cIPluj2uBq_POQb6Ziff3TTRR8gy3cYm8-2BaPRUKlFHR4cL81w==
expires: Tue, 01 Oct 2019 19:22:43 GMT

GET
H2 200 Hacker-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/01/23110846/ 1 KB
2 KB 7ms
6ms Image
image/jpeg 2600:9000:214f:6400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/01/23110846/Hacker-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3e05b274c76d548e39c6633af671d715bd1be28a929ab47a5ae8d29ff120df7

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Dec 2019 14:02:16 GMT
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront), 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Wed, 23 Jan 2019 16:08:49 GMT
server: AmazonS3
age: 226987
etag: "0c579c9f31a7fe9e5b94b47a6fd20620"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA53-C1
accept-ranges: bytes
content-length: 1393
x-amz-cf-id: lwIXOHg1Pailz41II-AixIabUgfX9qzzH_MkhmSnYs7BFEbI0VLWyg==
expires: Thu, 23 Jan 2020 16:08:46 GMT

GET
H2 200 ai-safety-featured-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/06/08121133/ 2 KB
2 KB 7ms
7ms Image
image/jpeg 2600:9000:214f:6400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/06/08121133/ai-safety-featured-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d363c974cd81869ce3fd8d76a06f12b273be51cb358a9a85c21d157eedde824

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Dec 2019 16:18:41 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront), 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jul 2018 02:40:26 GMT
server: AmazonS3
age: 566478
etag: "29cb0a26bc7f2d80110ca80691f44ecd"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1, FRA53-C1
accept-ranges: bytes
content-length: 2089
x-amz-cf-id: IAqrckhh02AHIisrrD1zPTF8zEYMQYwPbYmUlhi-moy_eJRTfv9b2Q==
expires: Wed, 03 Jul 2019 02:40:23 GMT

GET
H2 200 employees-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/11/22170324/ 2 KB
3 KB 7ms
6ms Image
image/jpeg 2600:9000:214f:6400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/11/22170324/employees-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8990b989a73f89f4a3a27ebb779ab147d5c763b8efc5434a7e73c8d5003ec09

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 22:06:36 GMT
via: 1.1 8d84df16ba20ff1d2ca3914948494e04.cloudfront.net (CloudFront), 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Fri, 22 Nov 2019 22:03:27 GMT
server: AmazonS3
age: 2964405
etag: "43c96feb841b297e1cb6fa20eff76aee"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA54, FRA53-C1
accept-ranges: bytes
content-length: 2286
x-amz-cf-id: CkD3SjsLvxgTZqrjDk3Xnt-QSJbtPKazYxGlEG5mLo4BN-Qot5FKZg==
expires: Sat, 21 Nov 2020 22:03:24 GMT

GET
H2 200 holiday_shopping-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/11/15171021/ 2 KB
3 KB 8ms
7ms Image
image/jpeg 2600:9000:214f:6400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/11/15171021/holiday_shopping-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7a572e3e636758a15d9ee955f76dc9012de0313cb0ae2fc326c509421115542

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 20:34:58 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront), 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Fri, 15 Nov 2019 22:10:25 GMT
server: AmazonS3
age: 1155640
etag: "bbfe66e5d8943ffbc24423e072fe623b"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2, FRA53-C1
accept-ranges: bytes
content-length: 2349
x-amz-cf-id: NYp-1a73M_LipzTwebajJF0kMZe-E33w1VbcoaBIuy3keyM3x7GnUA==
expires: Sat, 14 Nov 2020 22:10:21 GMT

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ 23 KB
7 KB 82ms
23ms Script
text/javascript 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.35 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.33
Resource Hash: c8837c641ded8d7f19c3ede0312f838226ef4b083d59fe39d4bc076ec0c6718c

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Dec 2019 05:42:20 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.33
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/javascript; charset=utf-8

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 2 KB
1 KB 6ms
6ms Script
application/x-javascript 2600:9000:2057:4c00:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/jquery.json.min.js&ver=b8853d46

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2057:4c00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

a9f6c03ce6f4d1654f29f2136651e883198d509cb2e26af1c24b1f87b6ccae13

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Dec 2019 09:10:01 GMT
content-encoding: gzip
age: 73940
x-cache: Hit from cloudfront
status: 200
content-length: 935
x-cache-hit: MISS
last-modified: Tue, 17 Dec 2019 08:28:07 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: iq9t_TgbKnVliXnxfI667iiSAMFZ8Ye9gej6BjDAoULKX1CVhu4dnw==
expires: Wed, 18 Dec 2019 08:29:06 GMT

GET
H/1.1 200
OK gravityforms.min.js Show response
threatpost.com/wp-content/plugins/gravityforms/js/ 26 KB
10 KB 336ms
112ms Script
application/x-javascript 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.2.6.5
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a783d2ad42c380bc896219c080fa845d1e9f2e77483558103aeb296b95b85701

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 27 Dec 2019 05:42:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Dec 2019 08:28:07 GMT
Server: nginx
ETag: W/"5df89197-6923"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 03 Jan 2020 05:42:21 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 12 KB
5 KB 7ms
6ms Script
application/x-javascript 2600:9000:2057:4c00:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/js/wp-embed.min.js,wp-content/plugins/gravityforms/js/conditional_logic.min.js,wp-content/plugins/gravityforms/js/placeholders.jquery.min.js&ver=b8853d46

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2057:4c00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

d3712f0230306eb4bbe2464ee6e0ff9777ed2fcf561db8c5dd20084edbaad88a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Dec 2019 09:56:08 GMT
content-encoding: gzip
age: 71173
x-cache: Hit from cloudfront
status: 200
content-length: 4549
x-cache-hit: MISS
last-modified: Tue, 17 Dec 2019 08:28:07 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: bUVvV9MrOytMs_AedfkBQa9BOYjHHdsKrjbOarYLa1kBN9apK4-gMQ==
expires: Wed, 18 Dec 2019 08:29:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 70 KB
23 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:81e::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14f90f011c0eaa863c9b121c6b16593b98cdbd8aa9335911e83d61416af87661

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:21 GMT
content-encoding: br
last-modified: Fri, 27 Dec 2019 03:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 23880
x-xss-protection: 0
expires: Fri, 27 Dec 2019 05:42:21 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/ 11 KB
4 KB 883ms
129ms Other
image/svg+xml 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 76ba07e059d9e2113f9c940f1a31efc95bd9d5badd68bbc3637177e892a08099

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 27 Dec 2019 05:42:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Dec 2019 08:28:09 GMT
Server: nginx
ETag: W/"5df89199-2b9f"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 03 Jan 2020 05:42:22 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=threatpost.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=threatpost.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019121002.js Show response
securepubads.g.doubleclick.net/gpt/ 163 KB
60 KB 31ms
31ms Script
text/javascript 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Dec 2019 17:29:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 60922
x-xss-protection: 0
expires: Fri, 27 Dec 2019 05:42:21 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 11 KB
4 KB 866ms
121ms Other
image/svg+xml 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 76ba07e059d9e2113f9c940f1a31efc95bd9d5badd68bbc3637177e892a08099

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 27 Dec 2019 05:42:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Dec 2019 08:28:09 GMT
Server: nginx
ETag: W/"5df89199-2b9f"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 03 Jan 2020 05:42:22 GMT

GET
H/1.1 200
OK logo.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 19 KB
19 KB 882ms
113ms Image
image/png 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo.png
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1576571290
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 27 Dec 2019 05:42:22 GMT
Last-Modified: Tue, 17 Dec 2019 08:28:09 GMT
Server: nginx
ETag: "5df89199-4a32"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 18994
Expires: Fri, 03 Jan 2020 05:42:22 GMT

GET
H/1.1 200
OK museosans-700-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 398ms
193ms Font
font/woff2 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1576571290
Origin: https://threatpost.com

Response headers

Pragma: public
Date: Fri, 27 Dec 2019 05:42:21 GMT
Last-Modified: Tue, 17 Dec 2019 08:28:09 GMT
Server: nginx
ETag: "5df89199-51a4"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20900
Expires: Sat, 26 Dec 2020 05:42:21 GMT

GET
H/1.1 200
OK museosans-100-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 430ms
209ms Font
font/woff2 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1576571290
Origin: https://threatpost.com

Response headers

Pragma: public
Date: Fri, 27 Dec 2019 05:42:21 GMT
Last-Modified: Tue, 17 Dec 2019 08:28:09 GMT
Server: nginx
ETag: "5df89199-50c8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20680
Expires: Sat, 26 Dec 2020 05:42:21 GMT

GET
H/1.1 200
OK museosans-300-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 495ms
194ms Font
font/woff2 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1576571290
Origin: https://threatpost.com

Response headers

Pragma: public
Date: Fri, 27 Dec 2019 05:42:22 GMT
Last-Modified: Tue, 17 Dec 2019 08:28:09 GMT
Server: nginx
ETag: "5df89199-51b8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20920
Expires: Sat, 26 Dec 2020 05:42:22 GMT

GET
H/1.1 200
OK museosans-500-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 500ms
193ms Font
font/woff2 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1576571290
Origin: https://threatpost.com

Response headers

Pragma: public
Date: Fri, 27 Dec 2019 05:42:22 GMT
Last-Modified: Tue, 17 Dec 2019 08:28:09 GMT
Server: nginx
ETag: "5df89199-5194"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20884
Expires: Sat, 26 Dec 2020 05:42:22 GMT

GET
H/1.1 200
OK mail-plane-light.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 828 B
722 B 400ms
111ms Image
image/svg+xml 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-light.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1576571290
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 27 Dec 2019 05:42:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Dec 2019 08:28:09 GMT
Server: nginx
ETag: W/"5df89199-33c"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 03 Jan 2020 05:42:22 GMT

GET
H/1.1 200
OK twitter-blue.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 868 B
847 B 803ms
103ms Image
image/svg+xml 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/twitter-blue.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1576571290
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 27 Dec 2019 05:42:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Dec 2019 08:28:09 GMT
Server: nginx
ETag: W/"5df89199-364"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 03 Jan 2020 05:42:22 GMT

GET
H/1.1 200
OK museosans-700italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 15 KB
16 KB 500ms
194ms Font
font/woff2 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1576571290
Origin: https://threatpost.com

Response headers

Pragma: public
Date: Fri, 27 Dec 2019 05:42:22 GMT
Last-Modified: Tue, 17 Dec 2019 08:28:09 GMT
Server: nginx
ETag: "5df89199-3dcc"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 15820
Expires: Sat, 26 Dec 2020 05:42:22 GMT

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame 39A6 1 KB
1 KB 23ms
23ms Script
text/javascript 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1577425341&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=undefined
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.35 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.33
Resource Hash: bad68415cd2eb4cd1a06a8fd0af508f4778096a952f360700140b87176f56f73

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Dec 2019 05:42:20 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.33
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK mail-plane-large-dark.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 812 B
722 B 439ms
128ms Image
image/svg+xml 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-large-dark.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1576571290
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 27 Dec 2019 05:42:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Dec 2019 08:28:09 GMT
Server: nginx
ETag: W/"5df89199-32c"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 03 Jan 2020 05:42:22 GMT

GET
H/1.1 200
OK logo-white.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 10 KB
10 KB 441ms
130ms Image
image/png 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo-white.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1576571290
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 27 Dec 2019 05:42:22 GMT
Last-Modified: Tue, 17 Dec 2019 08:28:09 GMT
Server: nginx
ETag: "5df89199-260a"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 9738
Expires: Fri, 03 Jan 2020 05:42:22 GMT

GET
H2 200 fontawesome-webfont.woff2
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/ 75 KB
76 KB 25ms
9ms Font
font/woff2 2600:9000:2057:4c00:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:4c00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=b8853d46
Origin: https://threatpost.com

Response headers

date: Sun, 29 Sep 2019 03:41:07 GMT
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
age: 4603657
x-cache: Hit from cloudfront
status: 200
content-length: 77160
pragma: public
last-modified: Tue, 24 Sep 2019 11:58:41 GMT
server: nginx
etag: "5d8a04f1-12d68"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: vz1ME3ZYrBJCqvC9EL9bXdJWSIxS4rY25WE_X1_5K8vt8GQBMCJGxA==
expires: Mon, 28 Sep 2020 03:41:07 GMT

GET
H/1.1 200
OK photo-newsletter.jpg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 83 KB
83 KB 432ms
209ms Image
image/jpeg 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/photo-newsletter.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 940e0c3385928422aae38e1a74f1d84b462d8ce1a056c686fde505a0bf3162bb

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 27 Dec 2019 05:42:22 GMT
Last-Modified: Tue, 17 Dec 2019 08:28:09 GMT
Server: nginx
ETag: "5df89199-14c88"
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 85128
Expires: Fri, 03 Jan 2020 05:42:22 GMT

GET
H2 200 widget_iframe.69e02060c7c44baddf1b5629549acc0c.html
platform.twitter.com/widgets/ Frame 02E2 0
0 24ms
24ms Document
text/html 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.69e02060c7c44baddf1b5629549acc0c.html?origin=https%3A%2F%2Fthreatpost.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/widget_iframe.69e02060c7c44baddf1b5629549acc0c.html?origin=https%3A%2F%2Fthreatpost.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Response headers

status: 200
last-modified: Tue, 10 Dec 2019 23:44:55 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "4b563298f37eb3ef2a2f8897be83c714+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Fri, 27 Dec 2019 05:42:21 GMT
x-served-by: cache-iad2141-IAD, cache-fra19130-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 5825

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4124
date: Fri, 27 Dec 2019 04:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Fri, 27 Dec 2019 06:33:37 GMT

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 13 KB
6 KB 103ms
26ms Script
application/x-javascript 91.228.74.217
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.217 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Dec 2019 05:42:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27-Dec-2019 05:42:21 GMT
Server: QS
ETag: M0-56c8c653
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5651
Expires: Fri, 03 Jan 2020 05:42:21 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 69ms
20ms Script
application/javascript 151.101.112.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:21 GMT
content-encoding: gzip
age: 77340
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-hhn4075-HHN
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1577425342.860685,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 / Show response
graph.facebook.com/ 126 B
567 B 70ms
57ms XHR
application/json 2a03:2880:f01c:800e:face:b00c:0:2
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

2294b7ee15083e9fdd8a51251a176e8b066b0be2e7fa750eaa6b116482f3fd2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "ed35a42f5f2bdda7c9b78ffedf91c87a3307243d"
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
x-fb-rev: 1001569624
alt-svc: h3-24=":443"; ma=3600
content-length: 126
pragma: no-cache
x-fb-debug: fYa8tfUZzJCGevnqn5qrOt7Beo4hV6bdfsQD5eB5iTIne40pAhMHJyKs23QnujUNsAv0NDJYEeF+laWGSqF1bg==
x-fb-trace-id: BXGhFTtguwr
date: Fri, 27 Dec 2019 05:42:21 GMT
content-type: application/json
access-control-allow-origin: *
x-fb-request-id: AuKdxo2MjLuDFKcb8w303I9
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.11
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 404 share
www.linkedin.com/countserv/count/ 0
0 202ms
165ms Script
text/html 2a05:f500:11:101::b93f:9001
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linkedin.com/countserv/count/share?url=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&format=jsonp&callback=jQuery1124018672094740773826_1577425341641&_=1577425341642
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9001 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 info.json Show response
www.reddit.com/api/ 3 KB
2 KB 650ms
603ms XHR
application/json 151.101.13.140
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

snooserv /

Resource Hash

51c09a888c623c7ff32ab9cc99eabed150324f4b7cd88f4feff2043c8fada199

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
x-cache: MISS
status: 200
vary: accept-encoding
content-length: 1133
x-xss-protection: 1; mode=block
x-served-by: cache-fra19131-FRA
x-moose: majestic
expires: -1
server: snooserv
x-timer: S1577425342.871538,VS0,VE581
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
4 KB 123ms
123ms XHR
text/plain 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1772318088944334&correlator=2767007788785194&output=ldjh&impl=fifs&adsid=NT&eid=21062889%2C21064170%2C21064549&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191227&iu_parts=21707124336%2C2x2-Skin%2C970x250-ATF%2C300x250-ATF%2C300x600-ATF&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=2x2%2C970x250%7C728x90%2C300x250%2C300x600%7C300x250&cust_params=urlhost%3Dhttps%253A%252F%252Fthreatpost.com%252F%26urlpath%3D%252Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%252F131023%252F%26urlquery%3Dgoogfc%26contentid%3D131023%26category%3Dhacks%26contenttags%3Dcredit-card-breach%252Cdata-breach%252Cdelta%252Cretail-breach%252Csears%252Csecurity-breach&cookie_enabled=1&bc=31&abxe=1&lmt=1577425341&dt=1577425341831&dlt=1577425341054&idt=763&frm=20&biw=1585&bih=1200&oid=3&adxs=0%2C308%2C1093%2C1093&adys=3838%2C0%2C407%2C1717&adks=2490549053%2C2675834513%2C974937504%2C960001541&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&dssz=30&icsg=12757004&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x2%7C970x250%7C300x250%7C300x600&msz=1585x2%7C970x250%7C300x250%7C300x600&ga_vid=1429220001.1577425342&ga_sid=1577425342&ga_hid=64164542&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

f75a928d284febdd7987d57ee4cafc52663a3ea58714be568ddb69e2dea4e03a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com

Response headers

date: Fri, 27 Dec 2019 05:42:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3712
x-xss-protection: 0
google-lineitem-id: -2,5193129080,5192374023,5192770279
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138290554453,138290277593,138290162637
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019121002.js Show response
securepubads.g.doubleclick.net/gpt/ 64 KB
24 KB 32ms
32ms Script
text/javascript 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Dec 2019 17:29:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24811
x-xss-protection: 0
expires: Fri, 27 Dec 2019 05:42:21 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK liveVideo.php Show response
live.sekindo.com/live/ Frame 39A6 921 KB
298 KB 49ms
49ms Script
text/html 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1577425341&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.35 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.33
Resource Hash: 292db8e99993008fe2eafa512eef53239a226548c27b7d21b39e7d0aa1350165

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Dec 2019 05:42:20 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.1.33
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 button.550007e6cc79c00bac51111d8131d860.js Show response
platform.twitter.com/js/ 7 KB
2 KB 24ms
24ms Script
application/javascript 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.550007e6cc79c00bac51111d8131d860.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 04f4ae45c416f3cae99c9092537f549e56653297e79cea04501e0ebed1e9bd1c

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:21 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 2294
x-served-by: cache-iad2143-IAD, cache-fra19130-FRA
last-modified: Tue, 10 Dec 2019 23:44:46 GMT
etag: "0c1c703295ecdf55c72e3a108ce862e8+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 moment~timeline~tweet.a1aa0f6410f7eaada23e6b16a38824b8.js Show response
platform.twitter.com/js/ 24 KB
8 KB 24ms
24ms Script
application/javascript 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.a1aa0f6410f7eaada23e6b16a38824b8.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 636dbf4f87fa130596fdb491938e4ad2b693b397139ba7f8d2a34b738a494078

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:21 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 7937
x-served-by: cache-iad2121-IAD, cache-fra19130-FRA
last-modified: Tue, 10 Dec 2019 23:44:46 GMT
etag: "352656b32c7e3a4e623687d598b66f66+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 tweet.2d3dab8467c8e4cdce5682bb8dbbe4cd.js Show response
platform.twitter.com/js/ 17 KB
6 KB 25ms
25ms Script
application/javascript 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.2d3dab8467c8e4cdce5682bb8dbbe4cd.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 87c40d1935f1b97602939d59a8bb89f9c4453f04db5af06fad9eae9a9f73b45c

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:21 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 5738
x-served-by: cache-iad2136-IAD, cache-fra19130-FRA
last-modified: Tue, 10 Dec 2019 23:44:46 GMT
etag: "f236198db47744d3d5115002e9724381+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=64164542&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-ser...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35676203-21&cid=1429220001.1577425342&jid=1119093092&_gid=2102476134.1577425342&gjid=846343175&_v=j79&z=125767437
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1429220001.1577425342&jid=1119093092&_v=j79&z=125767437
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1429220001.1577425342&jid=1119093092&_v=j79&z=125767437&slf_rd=1&random=626183998

42 B
109 B

17ms
16ms

Image
image/gif

2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1429220001.1577425342&jid=1119093092&_v=j79&z=125767437&slf_rd=1&random=626183998

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Dec 2019 05:42:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Dec 2019 05:42:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1429220001.1577425342&jid=1119093092&_v=j79&z=125767437&slf_rd=1&random=626183998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
449 B 188ms
141ms Image
image/gif 104.244.42.69
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 0
x-response-time: 117
pragma: no-cache
last-modified: Fri, 27 Dec 2019 05:42:22 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: fd280122698a654c453e6ed54d0b0f3a
x-transaction: 004bda64001fb690
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
337 B 139ms
139ms Image
image/gif 104.244.42.136
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?dnt=1&l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1577425341901%2C%22dnt%22%3Atrue%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Fri, 27 Dec 2019 05:42:21 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 96d1dc87b8da90c874ba67c15d9dcd95
x-transaction: 008267e2003b991f
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 tweets.json Show response
cdn.syndication.twimg.com/ 10 KB
3 KB 179ms
159ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb0&ids=981657861519560705&lang=en&suppress_response_codes=true&theme=light&tz=GMT%2B0100

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

tsa_f /

Resource Hash

102bb218d68483379722eb7ca86935804325d99241c8fd3a919875304dab3e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
strict-transport-security: max-age=631138519
content-length: 2674
x-xss-protection: 0
x-response-time: 138
last-modified: Fri, 27 Dec 2019 05:42:22 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=60
x-connection-hash: 6be89686bfc03a07fd84cd093eb1ddbb
timing-allow-origin: *
x-transaction: 00418d93009f1741
expires: Fri, 27 Dec 2019 05:43:22 GMT

GET
H2 200 follow_button.69e02060c7c44baddf1b5629549acc0c.en.html
platform.twitter.com/widgets/ Frame 96AA 0
0 23ms
23ms Document
text/html 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.69e02060c7c44baddf1b5629549acc0c.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/follow_button.69e02060c7c44baddf1b5629549acc0c.en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Response headers

status: 200
last-modified: Tue, 10 Dec 2019 23:44:47 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "9b2093e7d0217523d2b68c3027b53723+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Fri, 27 Dec 2019 05:42:21 GMT
x-served-by: cache-iad2126-IAD, cache-fra19130-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 13681

GET
H2 200 rules-p-_7kVx0t9Jqj90.js Show response
rules.quantcount.com/ 3 B
356 B 400ms
400ms Script
application/x-javascript 2600:9000:2057:c800:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-_7kVx0t9Jqj90.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:c800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:38:55 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 227
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: sUxL51r0FBOJVVNflVtxVG9HWchytyZfgeQnPFfNFSYgZPXkk92WlA==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 39A6 87 KB
25 KB 77ms
35ms Script
application/javascript 143.204.213.153
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-213-153.fra53.r.cloudfront.net
Software: Server /
Resource Hash: 0f144f16507d02eabc67a131e4d54ac36266dcfe3dac263a6971265371eff7b9

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Dec 2019 16:30:19 GMT
content-encoding: gzip
server: Server
age: 47523
etag: 6bed68e25cc35021d570267b56047ef8
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: SQsdFbSK-NwSA6wlFJ7lthajyXrZOWliYYBa8nmqsGk5y9d956Wywg==
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8AF5 0
0 33ms
32ms Fetch
image/gif 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIPqYmI3IRUdOS9lSzDT6JTDWA30NwYbpqx-BGHauhgch5sr6knt9fYxoNfNb7xnXpA4umsIiD90PNRyLYMEZPrydSvgtFtVq0U6WfOV9C8tp1vTAPuJ872rTVny3cYMG2XY_tn_GZPfN9DmsagcUOhrh7WbFVeANxZYS8jjl1cjqZa2rpw61HtxCGqTXjaevlEdCl_7MRHAUcg6zJBVgTlS-r1-HE2W9fjkD497Y-6M1Z0tEHIoTvHz7uGfHsgpu8HEyLUlMdEw&sai=AMfl-YR3yWUJi-AzjMXEdmzRw7qLe_E-EQlGwSy4Ag3AvGc0Nv1kge2P5h_x0UK143GX89yd0FNMT-VOFIMGpg2XCdCJ7dSDHX2foq0uPj-q-A&sig=Cg0ArKJSzBFIHkUSjQQAEAE&urlfix=1&adurl=

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Dec 2019 05:42:22 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8AF5 104 KB
37 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

68bcdec2fdc6ce23468b97a8c39a3f9eb86233e03be5072bf3b438ac1433714d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37933
x-xss-protection: 0
server: cafe
etag: 2924851815849280674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8AF5 77 KB
29 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29272
x-xss-protection: 0
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 78 KB
29 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29463
x-xss-protection: 0
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5BA2 0
0 32ms
32ms Fetch
image/gif 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7x0FnZtm-iiLtLfEAwgQ4nEsU-ksG6Gvi_PhhnHkdkb70dovQOdJggB-IQeKgXXVRTOkVFPx-doCfM-EcKtkHJ0KAVJHqel5oPq7drfhxAS_KrI58uvhLPusHs3UyoATNkixH4bobILC13jkq8VMYhCpgKgzNzsRDgvmD38_OhuaH06htMGXhBJ3zqqM86YJ9th5_vdE1x0ddqimTAkMk0IzRZwfL0UthhpAwmOCCXatKaPYnNiPZLa26v41SrOrUZSxputeJJw&sai=AMfl-YTII2OzLyZy8nieAPuncabTR6sqphpOekAj-VbWzXqwCJ-9VGjAor8G_7eic2l9Neh7WDILeM-KOWBFrj87RJevZgDRiQo0_WWe3q7aHg&sig=Cg0ArKJSzMFdKRBgr6qCEAE&urlfix=1&adurl=

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Dec 2019 05:42:22 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5BA2 104 KB
37 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

68bcdec2fdc6ce23468b97a8c39a3f9eb86233e03be5072bf3b438ac1433714d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37933
x-xss-protection: 0
server: cafe
etag: 2924851815849280674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BA2 77 KB
29 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29272
x-xss-protection: 0
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 256F 0
0 32ms
32ms Fetch
image/gif 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-AigGu_zZIPA40xN_LqK6RGbk6STnhORVLNcPWT7W0WNuhAWyWiAefPY2EnDyqDZOOSc8Qlt6AHfJK5ej4UCMv98ElxrGuHvGncGjMNnmrjmc0azS6YVWLJBCGrIXF-yPyuDEHReNS1SK1EQIQ3cX1p6TyxHNMQIlhTUlSfvkdG1wLqoDrzATexIhAXS6hpR41dzYyVDjfJoR3Ho0lmqwrfSazIOZ1oYRBDqbW_88EIO5lWhK1mXtFnYaxFI77ZWVBvjYMuiBnA&sai=AMfl-YQGRvTElG_jMiKYPfnrZWKErHXrlIKlauKaua9P4v1BFRqFATyKgKWLNHkdn70Yi6KY3W_YixA-mJdluLCfOkobqep_VzXxCqYdLp68mQ&sig=Cg0ArKJSzOa-Vr13XCq9EAE&urlfix=1&adurl=

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Dec 2019 05:42:22 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 256F 104 KB
37 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

68bcdec2fdc6ce23468b97a8c39a3f9eb86233e03be5072bf3b438ac1433714d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37933
x-xss-protection: 0
server: cafe
etag: 2924851815849280674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 256F 77 KB
29 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29272
x-xss-protection: 0
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
DATA 200
OK truncated
/ Frame 8AF5 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b3cfcc95451254af95a4dc8a56719a8771ab5dbbc0f274f6e1492a61e5847fa

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5BA2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59f1e452d77d2608e6f00313f7c348040dedd1ad952634ac88b9e304f42e7571

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 256F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45f6cdc5ebbd79b62f5a95fe920c066ea46849a1d0d6059e903457b631339b1a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8AF5 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=threatpost.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8AF5 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=threatpost.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/ Frame 8AF5 245 KB
90 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

2424d4d0676494244257b830643c905eac8254d373e00bc0cf6a13158626921b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 91654
x-xss-protection: 0
server: cafe
etag: 2923717731764352670
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/ Frame CDF6 0
0 5ms
5ms Document
text/html 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20191205/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkG-Fid7q2g96csXJVLZfaY3R1yjZi4eHOtCEuk7D3AKXdJYtwrSpfCN4zJ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 19 Dec 2019 17:43:23 GMT
expires: Thu, 02 Jan 2020 17:43:23 GMT
content-type: text/html; charset=UTF-8
etag: 13309989325511048345
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6574
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 647939
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 256F 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=threatpost.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 256F 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=threatpost.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/ Frame 256F 245 KB
90 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

2424d4d0676494244257b830643c905eac8254d373e00bc0cf6a13158626921b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 91654
x-xss-protection: 0
server: cafe
etag: 2923717731764352670
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5014 2 KB
581 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 27 Dec 2019 05:42:22 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 27 Dec 2019 05:42:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D4F4 2 KB
535 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 27 Dec 2019 05:42:22 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 27 Dec 2019 05:42:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame 39A6 73 KB
3 KB 250ms
250ms XHR
application/json 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.0.0&vid_viewabilityState=1&vid_playbackMethod=auto&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn10%2Fvideo%2Fusers%2Fconverted%2F28530%2Fvideo_5d5baf9fe4c32389620327%2Fvid5dfd120ae9fe3449709015.mp4&vid_content_id=609979&vid_content_desc=Twitter+trolls+target+people+with+epilepsy&vid_content_title=Twitter+trolls+target+people+with+epilepsy&vid_content_duration=50&debugInformation=&x=320&y=180&fpl=0&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&geoLati=50.884700775146484&geoLong=4.504899978637695&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&gdpr=1&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&cbuster=1577425342184&gdprConsent=&isWePassGdpr=0
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.35 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.33
Resource Hash: c7957886eaf7b92e9a3e1554ac5cdcdd4a676e7cd48b5cf547be45ee978160da

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com

Response headers

Pragma: no-cache
Date: Fri, 27 Dec 2019 05:42:21 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.33
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 3079

GET
H/1.1 200
OK placeHolder.png
live.sekindo.com/content/video/splayer/assets/ 23 KB
24 KB 55ms
19ms Image
image/png 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/content/video/splayer/assets/placeHolder.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.35 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx /
Resource Hash: 76102878c1198de858725194952ba1c6b35bdee0f870cc6a124e93d17385e64e

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Dec 2019 05:42:22 GMT
Last-Modified: Sun, 11 Jun 2017 08:03:58 GMT
Server: nginx
ETag: "593cf96e-5dbf"
Content-Type: image/png
Cache-Control: no-cache, private
Accept-Ranges: bytes
Content-Length: 23999
Expires: Fri, 27 Dec 2019 05:42:21 GMT

GET
H/1.1 200
OK vid5dfd120ae9fe3449709015.jpg
video.sekindo.com/uploads/cn10/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame D4F4 3 KB
4 KB 101ms
20ms Image
image/jpeg 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn10/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.jpg?cbuster=1576866322

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

b7acec0bbac2b232d70ccd27a64201f3ec2789538c96a524f9f48e4a4a8a74f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Dec 2019 05:42:26 GMT
Last-Modified: Fri, 20 Dec 2019 18:26:05 GMT
Server: Tengine
ETag: "5dfd123d-cb6"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 3254
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5dfbdccdd42f1591065679.jpg
video.sekindo.com/uploads/cn9/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame D4F4 4 KB
5 KB 103ms
21ms Image
image/jpeg 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn9/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5dfbdccdd42f1591065679.jpg?cbuster=1576787159

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

d2a953a03ff9038e93d2a3b6b85a73eb2d6fdd185b2f4472ba592b802867078b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Dec 2019 05:42:26 GMT
Last-Modified: Thu, 19 Dec 2019 20:26:26 GMT
Server: Tengine
ETag: "5dfbdcf2-11a2"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 4514
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5dfae3141e7e5817332257.jpg
video.sekindo.com/uploads/cn9/video/users/converted/24485/video1523972806/ Frame D4F4 19 KB
20 KB 114ms
30ms Image
image/jpeg 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn9/video/users/converted/24485/video1523972806/vid5dfae3141e7e5817332257.jpg?cbuster=1576723221

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

27d6c435e0a1ef9df8c737529ea88cff14a17149d1ef1a18188095d84754e9c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Dec 2019 05:42:26 GMT
Last-Modified: Thu, 19 Dec 2019 02:41:54 GMT
Server: Tengine
ETag: "5dfae372-4cd6"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 19670
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5dfc2dbeb872a334206364.jpg
video.sekindo.com/uploads/cn9/video/users/converted/24485/video1523972806/ Frame D4F4 21 KB
21 KB 119ms
34ms Image
image/jpeg 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn9/video/users/converted/24485/video1523972806/vid5dfc2dbeb872a334206364.jpg?cbuster=1576807873

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

b50aa19f6c5e1926ff1930f8db327a94b8c280face6cf4659b974c48533593cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Dec 2019 05:42:26 GMT
Last-Modified: Fri, 20 Dec 2019 02:12:55 GMT
Server: Tengine
ETag: "5dfc2e27-53b0"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 21424
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5dfc2dc3b3964226212309.jpg
video.sekindo.com/uploads/cn9/video/users/converted/24485/video1523972806/ Frame D4F4 22 KB
23 KB 115ms
28ms Image
image/jpeg 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn9/video/users/converted/24485/video1523972806/vid5dfc2dc3b3964226212309.jpg?cbuster=1576807876

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

621cb112b261651aa6d840b2437dab4fc9df4085d5caad3a5b7da7dd17aa9be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Dec 2019 05:42:26 GMT
Last-Modified: Fri, 20 Dec 2019 02:13:14 GMT
Server: Tengine
ETag: "5dfc2e3a-59cf"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 22991
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5dfdca90b5dfb571273788.jpg
video.sekindo.com/uploads/cn9/video/users/converted/24485/video1523972806/ Frame D4F4 12 KB
12 KB 121ms
23ms Image
image/jpeg 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn9/video/users/converted/24485/video1523972806/vid5dfdca90b5dfb571273788.jpg?cbuster=1576913553

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

fd3a1c103ab6039e3326e50449a731164eea494368e52483b32f386d97547ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Dec 2019 05:42:26 GMT
Last-Modified: Sat, 21 Dec 2019 07:33:26 GMT
Server: Tengine
ETag: "5dfdcac6-2e40"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 11840
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5dfcebbead407327564704.jpg
video.sekindo.com/uploads/cn10/video/users/converted/24485/video1523972806/ Frame D4F4 23 KB
23 KB 29ms
29ms Image
image/jpeg 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn10/video/users/converted/24485/video1523972806/vid5dfcebbead407327564704.jpg?cbuster=1576856511

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

f86cc9b93d6a8073783d55d575b6a42a3678d397ae739364e386dccc31802cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Dec 2019 05:42:26 GMT
Last-Modified: Fri, 20 Dec 2019 15:42:06 GMT
Server: Tengine
ETag: "5dfcebce-5b26"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 23334
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5e0184f31ec9e477013348.jpg
video.sekindo.com/uploads/cn9/video/users/converted/24485/video1523972806/ Frame D4F4 13 KB
13 KB 24ms
24ms Image
image/jpeg 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn9/video/users/converted/24485/video1523972806/vid5e0184f31ec9e477013348.jpg?cbuster=1577157876

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

a765545861b392a5cd7379aaf63eafcf3d54098506ca7ff1588524bd9112263d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Dec 2019 05:42:26 GMT
Last-Modified: Tue, 24 Dec 2019 03:25:29 GMT
Server: Tengine
ETag: "5e018529-33fd"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 13309
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5dfb3e2b5b8f1428841419.jpg
video.sekindo.com/uploads/cn10/video/users/converted/24485/video1523972806/ Frame D4F4 26 KB
27 KB 23ms
23ms Image
image/jpeg 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn10/video/users/converted/24485/video1523972806/vid5dfb3e2b5b8f1428841419.jpg?cbuster=1576746540

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

882df6e992f249b28efae600befaf756d3034f5f493b84c0fbe87aa55e3b42e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Dec 2019 05:42:26 GMT
Last-Modified: Thu, 19 Dec 2019 09:09:19 GMT
Server: Tengine
ETag: "5dfb3e3f-69b2"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 27058
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5e0569af4d04a015950435.jpg
video.sekindo.com/uploads/cn8/video/users/converted/24485/video1523972806/ Frame D4F4 10 KB
11 KB 25ms
24ms Image
image/jpeg 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn8/video/users/converted/24485/video1523972806/vid5e0569af4d04a015950435.jpg?cbuster=1577413040

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

3b2c7b07daeb757f94d4730b0a0e4f50bc886883d7ef19b0fe140a769df063b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Dec 2019 05:42:26 GMT
Last-Modified: Fri, 27 Dec 2019 02:18:10 GMT
Server: Tengine
ETag: "5e0569e2-29ff"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 10751
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5BA2 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=threatpost.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5BA2 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=threatpost.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/ Frame 5BA2 225 KB
85 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

20cdda5f0e51f5dac5693ffe15fb394528dd838e9887a785de1d02e3bb2a418f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 86385
x-xss-protection: 0
server: cafe
etag: 4513681422076315165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H/1.1 200
OK vid5dfd120ae9fe3449709015.jpg
video.sekindo.com/uploads/cn10/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame 5014 3 KB
4 KB 69ms
21ms Image
image/jpeg 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn10/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.jpg?cbuster=1576866322

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

b7acec0bbac2b232d70ccd27a64201f3ec2789538c96a524f9f48e4a4a8a74f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://amli.sekindo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Dec 2019 05:42:26 GMT
Last-Modified: Fri, 20 Dec 2019 18:26:05 GMT
Server: Tengine
ETag: "5dfd123d-cb6"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 3254
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 5014 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5014 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 _BFcBBG4
pbs.twimg.com/card_img/1208188831343808512/ 26 KB
26 KB 177ms
176ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1208188831343808512/_BFcBBG4?format=jpg&name=600x314

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AC) /

Resource Hash

458cbb30f2353b6b6c54a1ea5a1b8ad9f0ecb35e5fdc68af15ded40391b26104

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
content-length: 26911
x-response-time: 148
surrogate-key: card_img card_img/bucket/4 card_img/1208188831343808512
last-modified: Sat, 21 Dec 2019 00:51:59 GMT
server: ECS (fcn/41AC)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 057188323b58fd16b55a885ae55ea70a
accept-ranges: bytes

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 39A6 6 KB
3 KB 64ms
21ms XHR
application/javascript 143.204.213.153
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-213-153.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com

Response headers

date: Sat, 30 Nov 2019 20:08:59 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 24151
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Fri, 01 Nov 2019 13:46:13 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 d7524ff4a82155dd51a24800cf39deec.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: _RV03RkjzDOlUhDJjjd9lPca3dtbKbpeNWpDgNhmzFZDW1zheizpIg==

GET
H2 200 tweet.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
platform.twitter.com/css/ 52 KB
11 KB 23ms
23ms Stylesheet
text/css 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 5a9b0bcc0e7274386f0f560595519d66ee86bfccf57e76f2e59a6985091fa3a2

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 11516
x-served-by: cache-iad2131-IAD, cache-fra19130-FRA
last-modified: Tue, 10 Dec 2019 23:44:43 GMT
etag: "7a92a961c027712f349e184a0eafdd76+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 tweet.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
platform.twitter.com/css/ 52 KB
52 KB 27ms
27ms Image
text/css 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 11516
x-served-by: cache-iad2131-IAD, cache-fra19130-FRA
last-modified: Tue, 10 Dec 2019 23:44:43 GMT
etag: "7a92a961c027712f349e184a0eafdd76+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame 39A6 73 KB
3 KB 173ms
172ms XHR
application/json 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.0.0&vid_viewabilityState=1&vid_playbackMethod=auto&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn10%2Fvideo%2Fusers%2Fconverted%2F28530%2Fvideo_5d5baf9fe4c32389620327%2Fvid5dfd120ae9fe3449709015.mp4&vid_content_id=609979&vid_content_desc=Twitter+trolls+target+people+with+epilepsy&vid_content_title=Twitter+trolls+target+people+with+epilepsy&vid_content_duration=50&debugInformation=&x=400&y=225&fpl=0&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&geoLati=50.884700775146484&geoLong=4.504899978637695&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&gdpr=1&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&cbuster=1577425342275&gdprConsent=&isWePassGdpr=0
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.35 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.33
Resource Hash: f8035307272fb0b70f9acb0b65ee7859b12ecaba04473f9e02d3eaff90217027

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com

Response headers

Pragma: no-cache
Date: Fri, 27 Dec 2019 05:42:22 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.33
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 3160

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame 39A6 29 KB
2 KB 142ms
107ms XHR
application/json 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.0.0&vid_viewabilityState=0&vid_playbackMethod=auto&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn10%2Fvideo%2Fusers%2Fconverted%2F28530%2Fvideo_5d5baf9fe4c32389620327%2Fvid5dfd120ae9fe3449709015.mp4&vid_content_id=609979&vid_content_desc=Twitter+trolls+target+people+with+epilepsy&vid_content_title=Twitter+trolls+target+people+with+epilepsy&vid_content_duration=50&debugInformation=&x=400&y=225&fpl=0&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&geoLati=50.884700775146484&geoLong=4.504899978637695&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&gdpr=1&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&cbuster=1577425342276&gdprConsent=&isWePassGdpr=0
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.35 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.33
Resource Hash: 043b3fefd63d27836a15a7d61ed9c4f569d23e96c23a61a5ebb6bdc081ccc650

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com

Response headers

Pragma: no-cache
Date: Fri, 27 Dec 2019 05:42:22 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.33
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 1899

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5875 0
0 152ms
152ms Document
text/html 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7500593236707325&output=html&h=250&slotname=7047286166&adk=3026389540&adf=3173046726&w=970&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1577425342103&bpp=14&bdt=85&fdt=185&idt=185&shv=r20191205&cbv=r20190131&saldr=aa&correlator=8452702961503&frm=23&ife=4&pv=2&ga_vid=1429220001.1577425342&ga_sid=1577425342&ga_hid=222756624&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=0&biw=1585&bih=1200&isw=970&ish=250&ifk=3080712626&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=1411861359436653&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.i3txlh8cq9q&fsb=1&dtd=196

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7500593236707325&output=html&h=250&slotname=7047286166&adk=3026389540&adf=3173046726&w=970&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1577425342103&bpp=14&bdt=85&fdt=185&idt=185&shv=r20191205&cbv=r20190131&saldr=aa&correlator=8452702961503&frm=23&ife=4&pv=2&ga_vid=1429220001.1577425342&ga_sid=1577425342&ga_hid=222756624&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=0&biw=1585&bih=1200&isw=970&ish=250&ifk=3080712626&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=1411861359436653&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.i3txlh8cq9q&fsb=1&dtd=196
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkG-Fid7q2g96csXJVLZfaY3R1yjZi4eHOtCEuk7D3AKXdJYtwrSpfCN4zJ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 27 Dec 2019 05:42:22 GMT
server: cafe
content-length: 26429
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8AF5 78 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29463
x-xss-protection: 0
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame D4F3 0
0 128ms
128ms Document
text/html 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=3173046724&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1577425342121&bpp=5&bdt=90&fdt=206&idt=206&shv=r20191205&cbv=r20190131&saldr=aa&correlator=8452702961503&frm=23&ife=4&pv=1&ga_vid=1429220001.1577425342&ga_sid=1577425342&ga_hid=909832759&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1093&ady=1665&biw=1585&bih=1200&isw=300&ish=600&ifk=2636940715&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=490218936541911&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.kgznc4z48vwi&btvi=1&fsb=1&dtd=212

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=3173046724&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1577425342121&bpp=5&bdt=90&fdt=206&idt=206&shv=r20191205&cbv=r20190131&saldr=aa&correlator=8452702961503&frm=23&ife=4&pv=1&ga_vid=1429220001.1577425342&ga_sid=1577425342&ga_hid=909832759&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1093&ady=1665&biw=1585&bih=1200&isw=300&ish=600&ifk=2636940715&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=490218936541911&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.kgznc4z48vwi&btvi=1&fsb=1&dtd=212
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkG-Fid7q2g96csXJVLZfaY3R1yjZi4eHOtCEuk7D3AKXdJYtwrSpfCN4zJ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 27 Dec 2019 05:42:22 GMT
server: cafe
content-length: 204
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 256F 78 KB
29 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29463
x-xss-protection: 0
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H/1.1 200
OK pixel;r=1038770997;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F;fpan=1;fpa=P0-43549770-1577...
pixel.quantserve.com/ 35 B
494 B 102ms
25ms Image
image/gif 91.228.74.232
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=1038770997;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F;fpan=1;fpa=P0-43549770-1577425342362;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1577425342362;tzo=-60;ogl=image.https%3A%2F%2Fmedia%252Ethreatpost%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F103%2F2018%2F04%2F05184723%2FTrave%2Ctype.article%2Ctitle.Delta%252C%20Sears%20Breaches%20Blamed%20on%20Malware%20Attack%20Against%20a%20Third-Party%20Chat%20Servic%2Cdescription.Security%20experts%20say%20breaches%20impacting%20Delta%20Air%20Lines%20and%20Sears%20customers%20is%20t%2Curl.https%3A%2F%2Fthreatpost%252Ecom%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-t
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.232 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Dec 2019 05:42:22 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7478 0
0 126ms
126ms Document
text/html 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7500593236707325&output=html&h=250&slotname=7286959315&adk=2838937357&adf=3173046725&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1577425342193&bpp=17&bdt=168&fdt=173&idt=173&shv=r20191205&cbv=r20190131&saldr=aa&correlator=8452702961503&frm=23&ife=4&pv=1&ga_vid=1429220001.1577425342&ga_sid=1577425342&ga_hid=1460197263&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1093&ady=407&biw=1585&bih=1200&isw=300&ish=250&ifk=3421461788&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=1565637385767874&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.l9fgj3a2u016&fsb=1&dtd=184

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7500593236707325&output=html&h=250&slotname=7286959315&adk=2838937357&adf=3173046725&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1577425342193&bpp=17&bdt=168&fdt=173&idt=173&shv=r20191205&cbv=r20190131&saldr=aa&correlator=8452702961503&frm=23&ife=4&pv=1&ga_vid=1429220001.1577425342&ga_sid=1577425342&ga_hid=1460197263&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1093&ady=407&biw=1585&bih=1200&isw=300&ish=250&ifk=3421461788&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=1565637385767874&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.l9fgj3a2u016&fsb=1&dtd=184
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkG-Fid7q2g96csXJVLZfaY3R1yjZi4eHOtCEuk7D3AKXdJYtwrSpfCN4zJ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 27 Dec 2019 05:42:22 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BA2 78 KB
29 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29463
x-xss-protection: 0
expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame 39A6 29 KB
2 KB 123ms
116ms XHR
application/json 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.0.0&vid_viewabilityState=0&vid_playbackMethod=auto&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn10%2Fvideo%2Fusers%2Fconverted%2F28530%2Fvideo_5d5baf9fe4c32389620327%2Fvid5dfd120ae9fe3449709015.mp4&vid_content_id=609979&vid_content_desc=Twitter+trolls+target+people+with+epilepsy&vid_content_title=Twitter+trolls+target+people+with+epilepsy&vid_content_duration=50&debugInformation=&x=320&y=180&fpl=0&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&geoLati=50.884700775146484&geoLong=4.504899978637695&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&gdpr=1&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&cbuster=1577425342411&gdprConsent=&isWePassGdpr=0
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.35 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.33
Resource Hash: aa7e1a04b2a9281c686970ac30a58a4893052f35710643503f8000f021454e19

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com

Response headers

Pragma: no-cache
Date: Fri, 27 Dec 2019 05:42:22 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.33
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 1897

GET
H/1.1 200
OK chunklist_640.m3u8 Show response
video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/ Frame 39A6 392 B
792 B 87ms
21ms XHR
application/vnd.apple.mpegurl 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/chunklist_640.m3u8
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 98f18450e0413eef1feb21e263c266dec9dd572c44293b078899f230d033b37c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com

Response headers

Date: Fri, 27 Dec 2019 05:42:26 GMT
Last-Modified: Fri, 20 Dec 2019 18:26:19 GMT
Server: Tengine
ETag: "5dfd124b-188"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Fri, 03 Jan 2020 05:42:26 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 392
X-Proxy-Cache: HIT

GET
H2 200 vK2q0IV2_normal.png
pbs.twimg.com/profile_images/514861596489699328/ 6 KB
6 KB 7ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/514861596489699328/vK2q0IV2_normal.png

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4189) /

Resource Hash

78e251d71e85246da773213abe7f08772e99238a350f8f9e993b4916a728844f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 6063
x-response-time: 200
surrogate-key: profile_images profile_images/bucket/1 profile_images/514861596489699328
last-modified: Wed, 24 Sep 2014 19:37:04 GMT
server: ECS (fcn/4189)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b587f984d14294575bc492ada265e320
accept-ranges: bytes

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
7 KB 8ms
6ms Stylesheet
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 45170
x-cache: HIT
status: 200
strict-transport-security: max-age=631138519
content-length: 6839
x-response-time: 9
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 96c13d1a09a644a54bd8dbb9ef985f6a
accept-ranges: bytes
expires: Fri, 03 Jan 2020 05:42:22 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 8ms
7ms Image
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 45170
x-cache: HIT
status: 200
strict-transport-security: max-age=631138519
content-length: 6839
x-response-time: 9
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 96c13d1a09a644a54bd8dbb9ef985f6a
accept-ranges: bytes
expires: Fri, 03 Jan 2020 05:42:22 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49c2a3cf0f363bf387c06a35a4a4e6c7255799b3776bed55914862136d783028

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 600 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c50a17e8272b9359e4b62e0f305e201f359cb5bd2245671c115d031f2b7f68d0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 323 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 5014 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto
Origin: https://threatpost.com

Response headers

date: Wed, 20 Nov 2019 05:05:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 3198998
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Thu, 19 Nov 2020 05:05:44 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 39A6 141 B
361 B 106ms
59ms XHR
application/json 52.57.64.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.64.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-64-247.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c1db7fa09e3fd8dcf852dcbb8656334adf41ea57a1aeef247253de8cf0f01785

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Dec 2019 05:42:22 GMT
content-encoding: gzip
status: 200
content-type: application/json
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 148
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 39A6 143 B
1 KB 61ms
24ms XHR
application/json 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

96237329e6e6c535359e45defff4ea4026bbcf4bf2a00c28c8a115b1a8974b99

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Dec 2019 05:42:24 GMT
X-Proxy-Origin: 82.102.19.133; 82.102.19.133; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.167:80
AN-X-Request-Uuid: 6100a930-83bf-4fb4-a806-9b55af1b1e24
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 39A6 0
215 B 278ms
34ms XHR
application/json 52.58.144.104
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.144.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-144-104.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Server: adaptv/1.0
Connection: keep-alive
Content-Length: 0
Content-Type: application/json

GET
H2 200 avjp Show response
teachingaids-d.openx.net/v/1.0/ Frame 39A6 92 B
455 B 176ms
119ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=7662c141-5fb3-4292-b90d-4720db09c3c7&nocache=1577425342474&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C!primis.tech%2C19668%2C1%2C%2C%2C&auid=540882778&vwd=320&vht=180&
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.173.0 /
Resource Hash: 004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Dec 2019 05:42:22 GMT
via: 1.1 google
server: OXGW/16.173.0
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 92
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 39A6 0
115 B 79ms
41ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 27 Dec 2019 05:42:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://threatpost.com

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 39A6 25 B
903 B 122ms
71ms XHR
application/json 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=435871&v=8.1&r=%7B%22id%22%3A%22112f26e6238f39e%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212f82f85f29b03d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435871%22%2C%22sid%22%3A%22320x180%22%7D%2C%22bidfloor%22%3A1.6%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22api%22%3A%5B1%2C2%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22w%22%3A320%2C%22h%22%3A180%2C%22placement%22%3A1%7D%7D%2C%7B%22id%22%3A%221342513f2ab06e8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435870%22%2C%22sid%22%3A%22320x180%22%7D%2C%22bidfloor%22%3A1.6%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22api%22%3A%5B1%2C2%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22w%22%3A320%2C%22h%22%3A180%2C%22placement%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&nf=1&
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b52cf905e81a7910d32943bebecb675896d381817e12ad17dc6001b43bda6a69

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Dec 2019 05:42:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Fri, 27 Dec 2019 05:42:22 GMT

GET
H/1.1 200
OK w_640_000.ts Show response
video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/ Frame 39A6 168 KB
168 KB 40ms
40ms XHR
video/mp2t 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/w_640_000.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 7a554037eb44625bdb80dc76af7d4b57f2bcc897c9b355634ec67054e6743185

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com

Response headers

Date: Fri, 27 Dec 2019 05:42:26 GMT
Last-Modified: Fri, 20 Dec 2019 18:26:16 GMT
Server: Tengine
ETag: "5dfd1248-29ff4"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 03 Jan 2020 05:42:26 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 172020
X-Proxy-Cache: HIT

GET
BLOB 200
OK 5f0a41aa-d050-4b61-b12c-354b29be4614
https://threatpost.com/ Frame 39A6 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://threatpost.com/5f0a41aa-d050-4b61-b12c-354b29be4614
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H/1.1 200
OK w_640_001.ts Show response
video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/ Frame 39A6 448 KB
449 KB 23ms
22ms XHR
video/mp2t 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/w_640_001.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 92989c2488ba8ccffeafa884ca43826cd5ac8bcfeeb248470c3908f4995554b9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com

Response headers

Date: Fri, 27 Dec 2019 05:42:26 GMT
Last-Modified: Fri, 20 Dec 2019 18:26:16 GMT
Server: Tengine
ETag: "5dfd1248-70158"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 03 Jan 2020 05:42:26 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 459096
X-Proxy-Cache: HIT

GET
H2

200

jot.html
platform.twitter.com/ Frame 9A8B
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

24ms
23ms

Document
text/html

151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /jot.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://threatpost.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
last-modified: Tue, 10 Dec 2019 23:46:10 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "d9592a6c704736fa4da218d4357976dd+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Fri, 27 Dec 2019 05:42:22 GMT
x-served-by: cache-iad2151-IAD, cache-fra19130-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 95

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Fri, 27 Dec 2019 05:42:22 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Fri, 27 Dec 2019 05:42:22 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 96d1dc87b8da90c874ba67c15d9dcd95
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 118
x-transaction: 00d8d3720013da55
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame D4F4 0
379 B 23ms
23ms Image
text/html 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=16&serverTime=1577425341&s=0&sta=12348808&x=320&y=180&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&gdpr=1&gdprConsent=&isWePassGdpr=0&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&csuuid=5e0599bdb4f1a&contentFileId=609979&mediaPlayListId=5946&playerVer=3.0.0&contentMatchType=&isExcludeFromOpt=0&cbuster=1577425342725
Requested by: Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.35 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Dec 2019 05:42:21 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.33
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

GET
H2 200 avjp Show response
primis-d.openx.net/v/1.0/ Frame 39A6 92 B
275 B 88ms
81ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=dbcf3188-d73f-424f-9f45-bddce1d4a907&nocache=1577425342753&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C!primis.tech%2C19668%2C1%2C%2C%2C&auid=540392761&vwd=320&vht=180&
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.173.0 /
Resource Hash: 004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Dec 2019 05:42:22 GMT
via: 1.1 google
server: OXGW/16.173.0
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 92
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK w_640_002.ts Show response
video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/ Frame 39A6 477 KB
477 KB 22ms
22ms XHR
video/mp2t 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/w_640_002.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: ee4125edee988177e9e607a1753b3352121106960f24dda937b03d3a678fa3ff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com

Response headers

Date: Fri, 27 Dec 2019 05:42:26 GMT
Last-Modified: Fri, 20 Dec 2019 18:26:17 GMT
Server: Tengine
ETag: "5dfd1249-77270"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 03 Jan 2020 05:42:26 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 488048
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_640_003.ts Show response
video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/ Frame 39A6 458 KB
458 KB 22ms
22ms XHR
video/mp2t 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/w_640_003.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 6eb101ed78f10b215f951721047f611e644f44be968e58d4a5846d47e67e98fb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com

Response headers

Date: Fri, 27 Dec 2019 05:42:27 GMT
Last-Modified: Fri, 20 Dec 2019 18:26:17 GMT
Server: Tengine
ETag: "5dfd1249-72844"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 03 Jan 2020 05:42:27 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 469060
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_640_004.ts Show response
video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/ Frame 39A6 448 KB
448 KB 21ms
21ms XHR
video/mp2t 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/w_640_004.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 403ae73e1aefe419a62f91a6446d6ee691cf8231514dc9564885d2684e24896b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com

Response headers

Date: Fri, 27 Dec 2019 05:42:27 GMT
Last-Modified: Fri, 20 Dec 2019 18:26:18 GMT
Server: Tengine
ETag: "5dfd124a-6ffe0"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 03 Jan 2020 05:42:27 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 458720
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_640_005.ts Show response
video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/ Frame 39A6 491 KB
492 KB 23ms
23ms XHR
video/mp2t 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/w_640_005.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 1301cc6eed7cee83f0ea8fad888715458882113b8f655d75194e3b4120d06132

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com

Response headers

Date: Fri, 27 Dec 2019 05:42:27 GMT
Last-Modified: Fri, 20 Dec 2019 18:26:18 GMT
Server: Tengine
ETag: "5dfd124a-7adec"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 03 Jan 2020 05:42:27 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 503276
X-Proxy-Cache: HIT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8AF5 42 B
110 B 14ms
14ms Image
image/gif 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1UfSPdqo6sbFLR9yNJvYeN-kYiLkk9a6ovMfQ0U_qy_r9IKn5jZtp7vPqpLdWAQW3oTJpSZ1LTl_DihSkVWJrv20m9cIOs6s4te0nKik&sig=Cg0ArKJSzAjbE6e8ke8YEAE&adk=2675834513&tt=-1&bs=1585%2C1200&mtos=1061,1061,1061,1061,1061&tos=1061,0,0,0,0&p=0,308,250,1278&mcvt=1061&rs=0&ht=0&tfs=301&tls=1362&mc=1&lte=1&bas=0&bac=0&met=ie&la=1&avms=nio&exg=1&md=2&lm=2&rst=1577425342022&dlt&rpt=213&isd=0&msd=0&ext&imams=1&xdi=0&ps=1585%2C4308&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-5-13-5-12-12-0-0-0&tvt=1359&is=970%2C250&iframe_loc=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&r=v&id=osdim&vs=4&uc=13&upc=0&tgt=DIV&cl=1&cec=1&clc=1&wf=0&cac=1&cd=0x0&itpl=19&v=20191206

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Dec 2019 05:42:23 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5BA2 42 B
110 B 14ms
14ms Image
image/gif 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQbVup9rxfi7J7388L2YwVp_99TBldQnIQwOdMrONSx3TzyftycAQT9oEpjFAFz5DDBhw1rOdH5hvim_mVjLAo5yInqm29ZGT-LdGC73k&sig=Cg0ArKJSzFMZntFpS0k0EAE&adk=974937504&tt=-1&bs=1585%2C1200&mtos=1071,1071,1071,1071,1071&tos=1071,0,0,0,0&p=407,1093,657,1393&mcvt=1071&rs=0&ht=0&tfs=272&tls=1343&mc=1&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&lm=2&rst=1577425342028&dlt&rpt=68&isd=0&msd=0&ext&imams=1&xdi=0&ps=1585%2C4308&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-3-13-2-12-12-0-0-0&tvt=1342&is=300%2C250&iframe_loc=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&clc=1&wf=0&cac=1&cd=0x0&itpl=19&v=20191206

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Dec 2019 05:42:23 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
634 B 191ms
141ms Script
application/javascript 104.244.42.3
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 119
pragma: no-cache
last-modified: Fri, 27 Dec 2019 05:42:23 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: cc1eb172c9b73569e7da8d3b047663d7
x-transaction: 001bbc8c00e7b6d1
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 39A6 109 B
536 B 118ms
38ms XHR
application/json 54.72.122.154
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.122.154 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-122-154.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 85c062bb81d2e94fc73b18ae94a277e59dc15cd48d545677ee4ace0da97caaec

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 27 Dec 2019 05:42:23 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://threatpost.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sun, 26 Jan 2020 05:42:23 GMT

GET
H/1.1 200 212.json Show response
id5-sync.com/g/v1/ Frame 39A6 131 B
370 B 129ms
32ms XHR
text/json 5.39.67.10
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://id5-sync.com/g/v1/212.json?1puid=&gdpr=0&gdpr_consent=
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.39.67.10 , France, ASN16276 (OVH, FR),
Reverse DNS: s06.id5-sync.com
Software: /
Resource Hash: 8626ecec544114d031c16540694ef6489e18df730f162023b1b39c65735b432f

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://threatpost.com
Date: Fri, 27 Dec 2019 05:42:23 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Content-Type: text/json;charset=utf-8

GET
H2 400 envelope
api.rlcdn.com/api/identity/ Frame 39A6 0
0 65ms
25ms XHR
text/plain 35.244.174.68
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=34
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame C930 0
0 79ms
26ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=0429B25B-871A-4242-9CA3-47B6EF7282E2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Response headers

Last-Modified: Tue, 12 Nov 2019 06:59:02 GMT
ETag: "13006b6-97cd-59720c88c16d1"
Server: Apache/2.2.15 (CentOS)
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14515
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=20768
Expires: Fri, 27 Dec 2019 11:28:31 GMT
Date: Fri, 27 Dec 2019 05:42:23 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 1B21 0
0 74ms
25ms Document
text/html 23.37.55.184
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-37-55-184.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 12 Dec 2019 00:18:57 GMT
Content-Encoding: gzip
Content-Length: 7753
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=79267
Expires: Sat, 28 Dec 2019 03:43:30 GMT
Date: Fri, 27 Dec 2019 05:42:23 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd
u.openx.net/w/1.0/ Frame 1AA9 0
0 28ms
27ms Document
text/html 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.173.0 /
Resource Hash

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
accept-encoding: gzip, deflate, br
cookie: i=9bd36bf8-3ffa-0636-13a1-f15f0adfc627|1577425342
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=9bd36bf8-3ffa-0636-13a1-f15f0adfc627|1577425342; Version=1; Expires=Sat, 26-Dec-2020 05:42:23 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1577425343|mOgikimWiygu; Version=1; Expires=Sat, 11-Jan-2020 05:42:23 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.173.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 27 Dec 2019 05:42:23 GMT
content-type: text/html
content-length: 374
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pd
u.openx.net/w/1.0/ Frame 0D6D 0
0 29ms
29ms Document
text/html 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.173.0 /
Resource Hash

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
accept-encoding: gzip, deflate, br
cookie: i=9bd36bf8-3ffa-0636-13a1-f15f0adfc627|1577425342
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=9bd36bf8-3ffa-0636-13a1-f15f0adfc627|1577425342; Version=1; Expires=Sat, 26-Dec-2020 05:42:23 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1577425343|mOgikimWiygu; Version=1; Expires=Sat, 11-Jan-2020 05:42:23 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.173.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 27 Dec 2019 05:42:23 GMT
content-type: text/html
content-length: 374
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2

204

sync
pixel.advertising.com/ups/55953/ Frame 39A6
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
https://pixel.advertising.com/ups/55953/sync?uid=a2e27a1c-4474-4549-a201-efa27ba9b529&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=a2e27a1c-4474-4549-a201-efa27ba9b529

0
124 B

201ms
22ms

Image
text/plain

52.59.138.183
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55953/sync?uid=a2e27a1c-4474-4549-a201-efa27ba9b529&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=a2e27a1c-4474-4549-a201-efa27ba9b529

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.138.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-59-138-183.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Fri, 27 Dec 2019 05:42:24 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 27 Dec 2019 05:42:23 GMT
x-aspnet-version: 4.0.30319
location: https://pixel.advertising.com/ups/55953/sync?uid=a2e27a1c-4474-4549-a201-efa27ba9b529&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=a2e27a1c-4474-4549-a201-efa27ba9b529
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 369

GET
H2

204

sync
ups.analytics.yahoo.com/ups/57304/ Frame 39A6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc
https://pixel.advertising.com/ups/57304/sync?uid=CAESELzIG6KW-5Q_wimAEo3NYUU&google_cver=1
https://pixel.advertising.com/ups/57304/sync?uid=CAESELzIG6KW-5Q_wimAEo3NYUU&google_cver=1&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESELzIG6KW-5Q_wimAEo3NYUU&google_cver=1&apid=UPa873bc13-286b-11ea-a670-024b028bab36

0
512 B

325ms
25ms

Image
text/plain

3.122.174.9
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESELzIG6KW-5Q_wimAEo3NYUU&google_cver=1&apid=UPa873bc13-286b-11ea-a670-024b028bab36

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.122.174.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-3-122-174-9.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Fri, 27 Dec 2019 05:42:24 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 27 Dec 2019 05:42:24 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESELzIG6KW-5Q_wimAEo3NYUU&google_cver=1&apid=UPa873bc13-286b-11ea-a670-024b028bab36
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 %7Bcombo_uid%7D
pr-bh.ybp.yahoo.com/sync/adaptv_ortb/ Frame 39A6 43 B
381 B 128ms
42ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/adaptv_ortb/%7Bcombo_uid%7D

Requested by

Host: threatpost.com
URL: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 05:42:23 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
x-content-type-options: nosniff
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

sync
sync.adap.tv/ Frame 39A6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D
https://sync.adap.tv/sync?type=gif&key=tubemogul&uid=XgWZvgAABc-s9RyO

0
0

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame D4F4 0
379 B 23ms
21ms Image
text/html 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=36&serverTime=1577425341&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&gdpr=1&gdprConsent=&isWePassGdpr=0&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&csuuid=5e0599bdb4f1a&contentFileId=0&mediaPlayListId=0&cbuster=1577425344426
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.35 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Dec 2019 05:42:23 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.33
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK liveKeywordsForUrl.php Show response
live.sekindo.com/live/ Frame 39A6 0
445 B 135ms
77ms XHR
text/html 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveKeywordsForUrl.php
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.35 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 27 Dec 2019 05:42:26 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.33
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame D4F4 0
379 B 23ms
23ms Image
text/html 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1577425341&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&gdpr=1&gdprConsent=&isWePassGdpr=0&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&csuuid=5e0599bdb4f1a&contentFileId=0&mediaPlayListId=0&dur=500&cbuster=1577425347426
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.35 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Dec 2019 05:42:26 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.33
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK w_640_006.ts Show response
video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/ Frame 39A6 512 KB
512 KB 30ms
30ms XHR
video/mp2t 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/w_640_006.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: fb2f8c768aa1847bd7627d86df27cb92dac7322afc55e5635544e19659787518

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com

Response headers

Date: Fri, 27 Dec 2019 05:42:33 GMT
Last-Modified: Fri, 20 Dec 2019 18:26:19 GMT
Server: Tengine
ETag: "5dfd124b-7ff70"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 03 Jan 2020 05:42:33 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 524144
X-Proxy-Cache: HIT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame D4F4 0
379 B 99ms
99ms Image
text/html 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=25&serverTime=1577425341&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&gdpr=1&gdprConsent=&isWePassGdpr=0&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&csuuid=5e0599bdb4f1a&contentFileId=0&mediaPlayListId=0&dur=1000&cbuster=1577425352185
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.35 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Dec 2019 05:42:31 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.33
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame D4F4 0
379 B 22ms
21ms Image
text/html 46.166.134.35
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1577425341&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&gdpr=1&gdprConsent=&isWePassGdpr=0&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&csuuid=5e0599bdb4f1a&contentFileId=0&mediaPlayListId=0&dur=500&cbuster=1577425352426
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.35 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Dec 2019 05:42:31 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.33
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK w_640_007.ts Show response
video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/ Frame 39A6 469 KB
469 KB 30ms
29ms XHR
video/mp2t 194.146.24.177
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dfd120ae9fe3449709015.mp4/w_640_007.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31322D32375F30377D7B7331323334383830387D7B4338357D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=82.102.19.133&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e0599bdb4f1a&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fdelta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service%2F131023%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.884700775146484&geoLong=4.504899978637695&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.146.24.177 -, , ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 15c655f8cad7da4039c25091ce3def2ec863b19308952ecfce118a567aa24671

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/delta-sears-breaches-blamed-on-malware-attack-against-a-third-party-chat-service/131023/
Origin: https://threatpost.com

Response headers

Date: Fri, 27 Dec 2019 05:42:39 GMT
Last-Modified: Fri, 20 Dec 2019 18:26:19 GMT
Server: Tengine
ETag: "5dfd124b-75398"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 03 Jan 2020 05:42:39 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 480152
X-Proxy-Cache: HIT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.adap.tv
URL: https://sync.adap.tv/sync?type=gif&key=tubemogul&uid=XgWZvgAABc-s9RyO

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 06:10:28	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 15:32:01	Name: IDE Value: AHWqTUkG-Fid7q2g96csXJVLZfaY3R1yjZi4eHOtCEuk7D3AKXdJYtwrSpfCN4zJ
.threatpost.com/	1970-01-19 15:34:54	Name: __qca Value: P0-43549770-1577425342362
.threatpost.com/	1970-01-19 23:41:37	Name: _ga Value: GA1.2.1429220001.1577425342
.threatpost.com/	1970-01-19 06:11:51	Name: _gid Value: GA1.2.2102476134.1577425342
.threatpost.com/	1970-01-19 06:10:25	Name: _gat_UA-35676203-21 Value: 1
.threatpost.com/	1970-01-19 23:41:37	Name: __gads Value: ID=adbb7619b2d610c3:T=1577425341:S=ALNI_Maxmcuy_E4SX8BNJgE24au2PLoogw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adaptv.advertising.com
ads.pubmatic.com
adservice.google.be
adservice.google.com
adservice.google.de
analytics.twitter.com
api.rlcdn.com
as-sec.casalemedia.com
assets.threatpost.com
c.amazon-adsystem.com
cdn.syndication.twimg.com
cm.g.doubleclick.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
kasperskycontenthub.com
live.sekindo.com
match.adsrvr.org
media.threatpost.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel.advertising.com
pixel.quantserve.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
primis-d.openx.net
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.ads-twitter.com
stats.g.doubleclick.net
sync.adap.tv
syndication.twitter.com
t.co
teachingaids-d.openx.net
threatpost.com
ton.twimg.com
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
video.sekindo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.reddit.com
sync.adap.tv
104.244.42.136
104.244.42.3
104.244.42.69
143.204.213.153
151.101.112.157
151.101.12.157
151.101.13.140
172.217.16.162
185.33.223.203
185.64.189.112
194.146.24.177
2.18.233.180
2.18.234.21
216.58.207.66
23.37.55.184
2600:9000:2057:4c00:2:9275:3d40:93a1
2600:9000:2057:c800:6:44e3:f8c0:93a1
2600:9000:214f:6400:0:5c46:4f40:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2a00:1288:110:c305::8000
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2001
2a00:1450:4001:814::2002
2a00:1450:4001:814::2003
2a00:1450:4001:817::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:81e::2008
2a00:1450:4001:820::2002
2a00:1450:4001:824::200a
2a00:1450:400c:c04::9a
2a03:2880:f01c:800e:face:b00c:0:2
2a05:f500:11:101::b93f:9001
3.122.174.9
34.95.120.147
35.173.160.135
35.244.174.68
46.166.134.35
5.39.67.10
52.57.64.247
52.58.144.104
52.59.138.183
54.72.122.154
91.228.74.217
91.228.74.232
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14
0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0
043b3fefd63d27836a15a7d61ed9c4f569d23e96c23a61a5ebb6bdc081ccc650
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04f4ae45c416f3cae99c9092537f549e56653297e79cea04501e0ebed1e9bd1c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7
08699d569b86c9e9ac074bbc671aea1e2fc39a255afb48757998a845629aaa69
0f144f16507d02eabc67a131e4d54ac36266dcfe3dac263a6971265371eff7b9
102bb218d68483379722eb7ca86935804325d99241c8fd3a919875304dab3e4e
1301cc6eed7cee83f0ea8fad888715458882113b8f655d75194e3b4120d06132
14f90f011c0eaa863c9b121c6b16593b98cdbd8aa9335911e83d61416af87661
15c655f8cad7da4039c25091ce3def2ec863b19308952ecfce118a567aa24671
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20cdda5f0e51f5dac5693ffe15fb394528dd838e9887a785de1d02e3bb2a418f
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
2294b7ee15083e9fdd8a51251a176e8b066b0be2e7fa750eaa6b116482f3fd2c
2424d4d0676494244257b830643c905eac8254d373e00bc0cf6a13158626921b
27d6c435e0a1ef9df8c737529ea88cff14a17149d1ef1a18188095d84754e9c1
292db8e99993008fe2eafa512eef53239a226548c27b7d21b39e7d0aa1350165
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a
3b2c7b07daeb757f94d4730b0a0e4f50bc886883d7ef19b0fe140a769df063b3
403ae73e1aefe419a62f91a6446d6ee691cf8231514dc9564885d2684e24896b
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0
458cbb30f2353b6b6c54a1ea5a1b8ad9f0ecb35e5fdc68af15ded40391b26104
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7
45f6cdc5ebbd79b62f5a95fe920c066ea46849a1d0d6059e903457b631339b1a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49c2a3cf0f363bf387c06a35a4a4e6c7255799b3776bed55914862136d783028
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
51c09a888c623c7ff32ab9cc99eabed150324f4b7cd88f4feff2043c8fada199
59f1e452d77d2608e6f00313f7c348040dedd1ad952634ac88b9e304f42e7571
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf
5a9b0bcc0e7274386f0f560595519d66ee86bfccf57e76f2e59a6985091fa3a2
5b1b3e1dbec0a6b898bf6b8f17caa692c112ba2d215a1300b1c014c75f9f5ad8
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d363c974cd81869ce3fd8d76a06f12b273be51cb358a9a85c21d157eedde824
621cb112b261651aa6d840b2437dab4fc9df4085d5caad3a5b7da7dd17aa9be5
636dbf4f87fa130596fdb491938e4ad2b693b397139ba7f8d2a34b738a494078
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
68bcdec2fdc6ce23468b97a8c39a3f9eb86233e03be5072bf3b438ac1433714d
6eb101ed78f10b215f951721047f611e644f44be968e58d4a5846d47e67e98fb
76102878c1198de858725194952ba1c6b35bdee0f870cc6a124e93d17385e64e
76ba07e059d9e2113f9c940f1a31efc95bd9d5badd68bbc3637177e892a08099
78e251d71e85246da773213abe7f08772e99238a350f8f9e993b4916a728844f
7a554037eb44625bdb80dc76af7d4b57f2bcc897c9b355634ec67054e6743185
7fb585c3117accba53362a335a1200e2a3d43db7ac9876dd63797e987257b4df
8194ff3826976ab39199703c90dca9ddec292bfe5033e69e473f76b7fb8742e5
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb
85c062bb81d2e94fc73b18ae94a277e59dc15cd48d545677ee4ace0da97caaec
8626ecec544114d031c16540694ef6489e18df730f162023b1b39c65735b432f
87c40d1935f1b97602939d59a8bb89f9c4453f04db5af06fad9eae9a9f73b45c
882df6e992f249b28efae600befaf756d3034f5f493b84c0fbe87aa55e3b42e9
8b3cfcc95451254af95a4dc8a56719a8771ab5dbbc0f274f6e1492a61e5847fa
92989c2488ba8ccffeafa884ca43826cd5ac8bcfeeb248470c3908f4995554b9
940e0c3385928422aae38e1a74f1d84b462d8ce1a056c686fde505a0bf3162bb
9421e2dbc3b5aba9996c72bb75b3921dad845edfcd3a9fe09d668704685ca595
96237329e6e6c535359e45defff4ea4026bbcf4bf2a00c28c8a115b1a8974b99
9776cc02d6f0af7bc9d919ab3f3cc66e399543fd65ccf995bb958745ef7e5b86
98f18450e0413eef1feb21e263c266dec9dd572c44293b078899f230d033b37c
9a933f62fa17950f1307a5853d89f7967033e664598e49aa39dae0e68e0d2fd4
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9df0e8867ec50a03053296aee36587e9ef939215843f1d5366d234d3dca28472
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a765545861b392a5cd7379aaf63eafcf3d54098506ca7ff1588524bd9112263d
a783d2ad42c380bc896219c080fa845d1e9f2e77483558103aeb296b95b85701
a968b405c5b4dcd85f76e5400c41930968710351102d83a80cf114ad7549b5d0
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22
a9f6c03ce6f4d1654f29f2136651e883198d509cb2e26af1c24b1f87b6ccae13
aa7e1a04b2a9281c686970ac30a58a4893052f35710643503f8000f021454e19
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be
b50aa19f6c5e1926ff1930f8db327a94b8c280face6cf4659b974c48533593cc
b52cf905e81a7910d32943bebecb675896d381817e12ad17dc6001b43bda6a69
b7a572e3e636758a15d9ee955f76dc9012de0313cb0ae2fc326c509421115542
b7acec0bbac2b232d70ccd27a64201f3ec2789538c96a524f9f48e4a4a8a74f1
bad68415cd2eb4cd1a06a8fd0af508f4778096a952f360700140b87176f56f73
c1db7fa09e3fd8dcf852dcbb8656334adf41ea57a1aeef247253de8cf0f01785
c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4
c50a17e8272b9359e4b62e0f305e201f359cb5bd2245671c115d031f2b7f68d0
c7957886eaf7b92e9a3e1554ac5cdcdd4a676e7cd48b5cf547be45ee978160da
c8837c641ded8d7f19c3ede0312f838226ef4b083d59fe39d4bc076ec0c6718c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d2a953a03ff9038e93d2a3b6b85a73eb2d6fdd185b2f4472ba592b802867078b
d3712f0230306eb4bbe2464ee6e0ff9777ed2fcf561db8c5dd20084edbaad88a
d8990b989a73f89f4a3a27ebb779ab147d5c763b8efc5434a7e73c8d5003ec09
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e05b274c76d548e39c6633af671d715bd1be28a929ab47a5ae8d29ff120df7
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0
e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
ee4125edee988177e9e607a1753b3352121106960f24dda937b03d3a678fa3ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5c2b6220cfcf68b761ac2677872e7f1441aa9d67fefe61d526ab19a2a926933
f75a928d284febdd7987d57ee4cafc52663a3ea58714be568ddb69e2dea4e03a
f8035307272fb0b70f9acb0b65ee7859b12ecaba04473f9e02d3eaff90217027
f86cc9b93d6a8073783d55d575b6a42a3678d397ae739364e386dccc31802cf8
f89d17dc2e4ecb385243b7b4cdaf5d8d9f6d4b9829e2be80afb66d01721835e3
fb2f8c768aa1847bd7627d86df27cb92dac7322afc55e5635544e19659787518
fd3a1c103ab6039e3326e50449a731164eea494368e52483b32f386d97547ba2
ff6a67b5b4c91cf683b9168393ce7aa41d64326a40b928809cdf7e15d0b3c8b8

threatpost.com Open in urlscan Pro 35.173.160.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

153 Requests

99 %HTTPS

43 %IPv6

34 Domains

54 Subdomains

45 IPs

9 Countries

5758 kBTransfer

8660 kBSize

7 Cookies

14 Outgoing links

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

99 %
HTTPS

43 %
IPv6

34
Domains

54
Subdomains

45
IPs

9
Countries

5758 kB
Transfer

8660 kB
Size

7
Cookies

153 HTTP transactions
11 data transactions