threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.sequentur.net/e/929133/o-zero-click-zero-day-1694160-/c1dkdn/1459165111?h=TdOEzYpbYZ1I5TmrZuTROWuMYGHKm8USoUSL...
Effective URL:
https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Submission: On September 15 via manual (September 15th 2021, 5:29:21 pm UTC) from IN — Scanned from DE

Summary HTTP 141 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 41 IPs in 6 countries across 36 domains to perform 141 HTTP transactions. The main IP is 35.173.160.135, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is threatpost.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 2nd 2021. Valid for: a year.

This is the only time threatpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.174.150.168 35.174.150.168	14618 (AMAZON-AES) (AMAZON-AES)
1 18	35.173.160.135 35.173.160.135	14618 (AMAZON-AES) (AMAZON-AES)
3	54.230.206.114 54.230.206.114	16509 (AMAZON-02) (AMAZON-02)
1	142.250.187.194 142.250.187.194	15169 (GOOGLE) (GOOGLE)
7	172.67.207.112 172.67.207.112	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	52.222.186.95 52.222.186.95	16509 (AMAZON-02) (AMAZON-02)
11	52.222.179.64 52.222.179.64	16509 (AMAZON-02) (AMAZON-02)
1 4	142.250.200.36 142.250.200.36	15169 (GOOGLE) (GOOGLE)
4	54.230.55.220 54.230.55.220	16509 (AMAZON-02) (AMAZON-02)
1	172.217.169.8 172.217.169.8	15169 (GOOGLE) (GOOGLE)
2	142.250.187.195 142.250.187.195	15169 (GOOGLE) (GOOGLE)
4	142.250.180.2 142.250.180.2	15169 (GOOGLE) (GOOGLE)
3	142.250.187.206 142.250.187.206	15169 (GOOGLE) (GOOGLE)
2	91.228.74.134 91.228.74.134	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	52.222.186.111 52.222.186.111	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
4	104.18.15.161 104.18.15.161	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.89.21.20 51.89.21.20	16276 (OVH) (OVH)
1	64.140.160.2 64.140.160.2	18450 (WEBNX) (WEBNX)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	74.125.206.155 74.125.206.155	15169 (GOOGLE) (GOOGLE)
1	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	134.209.131.220 134.209.131.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	18.192.222.132 18.192.222.132	16509 (AMAZON-02) (AMAZON-02)
1	213.19.147.43 213.19.147.43	3356 (LEVEL3) (LEVEL3)
2	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
4	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
3	18.158.15.79 18.158.15.79	16509 (AMAZON-02) (AMAZON-02)
1	54.228.75.94 54.228.75.94	16509 (AMAZON-02) (AMAZON-02)
1	204.237.133.116 204.237.133.116	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
1	172.217.16.226 172.217.16.226	15169 (GOOGLE) (GOOGLE)
1	142.250.178.1 142.250.178.1	15169 (GOOGLE) (GOOGLE)
5	216.58.213.1 216.58.213.1	15169 (GOOGLE) (GOOGLE)
3	142.250.187.193 142.250.187.193	15169 (GOOGLE) (GOOGLE)
2	216.58.212.226 216.58.212.226	15169 (GOOGLE) (GOOGLE)
1	142.250.200.2 142.250.200.2	15169 (GOOGLE) (GOOGLE)
141	41

1 35.174.150.168 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-3-ue1.aws.pardot.com

go.sequentur.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 35.173.160.135 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com

threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kasperskycontenthub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.230.206.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-206-114.ham50.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.187.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.207.112 (United States)

ASN13335 (CLOUDFLARENET, US)

qd.admetricspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.222.186.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-186-95.ham50.r.cloudfront.net

assets.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.222.179.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-64.ham50.r.cloudfront.net

media.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.200.36 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr48s30-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.230.55.220 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-55-220.ham50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.169.8 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s26-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.187.195 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.180.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.187.206 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.134 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.186.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-186-111.ham50.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.15.161 (None, )

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.21.20 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p14.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.140.160.2 (Clearfield, United States)

ASN18450 (WEBNX, US)
PTR: threatintelligenceplatform.com

geo.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

teachingaids-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.131.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.222.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-222-132.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.158.15.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-15-79.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.75.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-75-94.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.116 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.226 (United States)

ASN15169 (GOOGLE, US)
PTR: mad08s04-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.178.1 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f1.1e100.net

6d8909bd3cc0024033ac32ba1ddbca66.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.213.1 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ber01s14-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.187.193 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.226 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams16s22-in-f226.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.200.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s29-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	threatpost.com 1 redirects threatpost.com assets.threatpost.com media.threatpost.com	868 KB
7	admetricspro.com qd.admetricspro.com	327 KB
6	googlesyndication.com 6d8909bd3cc0024033ac32ba1ddbca66.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	79 KB
6	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	133 KB
5	ampproject.org cdn.ampproject.org	102 KB
5	google.com 1 redirects www.google.com adservice.google.com	2 KB
4	rubiconproject.com fastlane.rubiconproject.com	6 KB
4	4dex.io script.4dex.io mp.4dex.io	23 KB
4	amazon-adsystem.com c.amazon-adsystem.com	38 KB
3	sharethrough.com btlr.sharethrough.com	337 B
3	yahoo.com c2shb.ssp.yahoo.com	1 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	adlightning.com tagan.adlightning.com	72 KB
2	adnxs.com ib.adnxs.com	2 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	gstatic.com www.gstatic.com	268 KB
2	kasperskycontenthub.com kasperskycontenthub.com	1 KB
1	a-mo.net prebid.a-mo.net	169 B
1	pubmatic.com hbopenbid.pubmatic.com	115 B
1	servenobid.com ads.servenobid.com	538 B
1	1rx.io tag.1rx.io	170 B
1	3lift.com tlx.3lift.com	263 B
1	serverbid.com e.serverbid.com	984 B
1	openx.net teachingaids-d.openx.net	560 B
1	casalemedia.com htlb.casalemedia.com	373 B
1	lijit.com ap.lijit.com	760 B
1	twitter.com analytics.twitter.com	659 B
1	ipify.org geo.ipify.org	601 B
1	id5-sync.com id5-sync.com	532 B
1	t.co t.co	454 B
1	quantcount.com rules.quantcount.com	354 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	57 KB
1	googletagservices.com www.googletagservices.com	25 KB
1	sequentur.net 1 redirects go.sequentur.net	1 KB
0	connatix.com Failed cd.connatix.com Failed
141	36

	Domain	Requested by
18	assets.threatpost.com	threatpost.com assets.threatpost.com
16	threatpost.com	1 redirects threatpost.com
11	media.threatpost.com	threatpost.com
7	qd.admetricspro.com	threatpost.com qd.admetricspro.com
5	cdn.ampproject.org	tagan.adlightning.com
4	fastlane.rubiconproject.com	qd.admetricspro.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net threatpost.com
4	c.amazon-adsystem.com	qd.admetricspro.com c.amazon-adsystem.com
4	www.google.com	1 redirects threatpost.com
3	tpc.googlesyndication.com	threatpost.com tagan.adlightning.com
3	btlr.sharethrough.com	qd.admetricspro.com
3	c2shb.ssp.yahoo.com	qd.admetricspro.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com threatpost.com
3	tagan.adlightning.com	threatpost.com tagan.adlightning.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	ib.adnxs.com	qd.admetricspro.com
2	mp.4dex.io	qd.admetricspro.com threatpost.com
2	script.4dex.io	qd.admetricspro.com script.4dex.io
2	www.gstatic.com	www.google.com
2	kasperskycontenthub.com	threatpost.com
1	googleads.g.doubleclick.net	threatpost.com
1	6d8909bd3cc0024033ac32ba1ddbca66.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	tagan.adlightning.com
1	pixel.quantserve.com	threatpost.com
1	prebid.a-mo.net	qd.admetricspro.com
1	hbopenbid.pubmatic.com	qd.admetricspro.com
1	ads.servenobid.com	qd.admetricspro.com
1	tag.1rx.io	qd.admetricspro.com
1	tlx.3lift.com	qd.admetricspro.com
1	e.serverbid.com	qd.admetricspro.com
1	teachingaids-d.openx.net	qd.admetricspro.com
1	htlb.casalemedia.com	qd.admetricspro.com
1	ap.lijit.com	qd.admetricspro.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	analytics.twitter.com	tagan.adlightning.com
1	geo.ipify.org	qd.admetricspro.com
1	id5-sync.com	qd.admetricspro.com
1	t.co	threatpost.com
1	rules.quantcount.com	secure.quantserve.com
1	static.ads-twitter.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.googletagmanager.com	threatpost.com
1	www.googletagservices.com	threatpost.com
1	go.sequentur.net	1 redirects
0	cd.connatix.com Failed	threatpost.com
141	45

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
threatpost.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-07-03`	a year	crt.sh
*.adlightning.com Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-11` - `2022-08-10`	a year	crt.sh
assets.threatpost.com Amazon	`2021-02-04` - `2022-03-05`	a year	crt.sh
media.threatpost.com Amazon	`2021-02-04` - `2022-03-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
kasperskycontenthub.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-07-03`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-30` - `2022-02-23`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
e.serverbid.com R3	`2021-08-30` - `2021-11-28`	3 months	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
ads.servenobid.com Amazon	`2021-06-28` - `2022-07-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.a-mo.net R3	`2021-07-16` - `2021-10-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Frame ID: 03729C03239A544B361B1434FFCED5EA
Requests: 122 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.player.js
Frame ID: C05382FC6E4971298ADB1AAA5C89A882
Requests: 1 HTTP requests in this frame

Frame: https://6d8909bd3cc0024033ac32ba1ddbca66.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AF22D8649E540B3A9B7217424053778A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go.sequentur.net/e/929133/o-zero-click-zero-day-1694160-/c1dkdn/1459165111?h=TdOEzYpbYZ1I5Tmr... HTTP 301
https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/1694160/ HTTP 301
https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Gravity Forms (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/wp-content/plugins/gravityforms/js/[^/]+\.js\?ver=([\d.]+)$

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

141
Requests

86 %
HTTPS

0 %
IPv6

36
Domains

45
Subdomains

41
IPs

6
Countries

2044 kB
Transfer

4862 kB
Size

25
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=Cg4W-Yi1CYfuKEs2mzQaLmr7gB7SouKtkmYH1rvQLuLD5uNUIEAEg0YfSIGDJBqAB09-3mQPIAQLgAgCoAwHIAwiqBI0CT9CNVuv5_ZPjjplR712q9oK4blVce9YTgJm-zfVIniYX4p7iomTCZbtYDTzZvyqj1enr5o9KgQa3MTwe8aXyIkXnj3PiQL3b9CuzXkGkAl8zUKEan_WtQ3Xtgxnwqj31-OcrccLyv_SsL-9jmT_LOcV2FUSBjpMl3WIl4BlDLr50gaLJXsluIpuwbP8q8kJH3jtx0AxAM0gjXt7O62mXQqFAoky6lz-2Hp2e53SUIbKLfgh7YXFdDDHPO_PJspuXk4-H9GIiMMlU_rYP9GNVjN84gMJcXl1rE91xpu-_xA9903sEaCjeTRp2aGu7k-6yxK8DazHe5d1Z-9opRw3QCPpyKfBAGKto57vUdNrABK_ukbKPA-AEAaAGAoAHlaDIZqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcB0ggHCIhhEAEYHfIIG2FkeC1zdWJzeW4tNzI2MzU3MzQ0NjgwNDA3OLEJu8cguZ7OnSuACgOYCwHICwG4DAHYEw3QFQGYFgGAFwE&ae=1&num=1&sig=AOD64_1g4JCxS5UK9qTIRp7dxVI_gje8iw&client=ca-pub-9685734445476814&nx=CLICK_X&ny=CLICK_Y&nb=2&adurl=https://www.yubico.com/phishing-season-is-over/%3Futm_source%3Dgoogle%26utm_medium%3Dpd:display%26utm_campaign%3Dus_b2b_awareness_google-gdn_dis_phishing-ads%26utm_content%3D%26gclid%3DEAIaIQobChMI-8OEyMCB8wIVTVPTCh0LjQ98EAEYASAAEgJKefD_BwE

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?reasons=AB3afGEAAAX6W1tbW3RydWUsWzJdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFtbIll1YmljbyBJbmMuIiwiVVMiLDEsbnVsbCwxXV1dLFtudWxsLCJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvaW50ZXJhY3Rpb24vP2FpPUNnNFctWWkxQ1lmdUtFczJtelFhTG1yN2dCN1NvdUt0a21ZSDFydlFMdUxENXVOVUlFQUVnMFlmU0lHREpCcUFCMDktM21RUElBUUxnQWdDb0F3SElBd2lxQkkwQ1Q5Q05WdXY1X1pQampwbFI3MTJxOW9LNGJsVmNlOVlUZ0ptLXpmVkluaVlYNHA3aW9tVENaYnRZRFR6WnZ5cWoxZW5yNW85S2dRYTNNVHdlOGFYeUlrWG5qM1BpUUwzYjlDdXpYa0drQWw4elVLRWFuX1d0UTNYdGd4bndxajMxLU9jcmNjTHl2X1NzTC05am1UX0xPY1YyRlVTQmpwTWwzV0lsNEJsRExyNTBnYUxKWHNsdUlwdXdiUDhxOGtKSDNqdHgwQXhBTTBnalh0N082Mm1YUXFGQW9reTZsei0ySHAyZTUzU1VJYktMZmdoN1lYRmREREhQT19QSnNwdVhrNC1IOUdJaU1NbFVfcllQOUdOVmpOODRnTUpjWGwxckU5MXhwdS1feEE5OTAzc0VhQ2plVFJwMmFHdTdrLTZ5eEs4RGF6SGU1ZDFaLTlvcFJ3M1FDUHB5S2ZCQUdLdG81N3ZVZE5yQUJLX3VrYktQQS1BRUFhQUdBb0FIbGFESVpxZ0gxY2ticUFmdzJSdW9CX0xaRzZnSGpzNGJxQWVUMkJ1b0I3b0dxQWZ1bHJFQ3FBZW12aHVvQl9QUkc2Z0hsdGdicUFlcW03RUNxQWZmbjdFQzJBY0IwZ2dIQ0loaEVBRVlIZklJRzJGa2VDMXpkV0p6ZVc0dE56STJNelUzTXpRME5qZ3dOREEzT0xFSnU4Y2d1WjdPblN1QUNnT1lDd0hJQ3dHNERBSFlFdzNRRlFHWUZnR0FGd0VcdTAwMjZzaWdoPUZCV3MxS3BzTmVFXHUwMDI2Y2lkPUNBUVNQd0NOSXJMTUk5a1RWM2dqVUlNdGx4WTduSXBnTDNTT1YwZ0ctMUhYcllTYmtuNk8wZU44bmMzdndpcXc4TnpIVEFCNWl1X25yYnBlRFJCVjE0a3oyQSIsW251bGwsbnVsbCxudWxsLCJodHRwczovL2Rpc3BsYXlhZHMtZm9ybWF0cy5nb29nbGV1c2VyY29udGVudC5jb20vYWRzL3ByZXZpZXcvY29udGVudC5qcz9jbGllbnQ9d3RhXHUwMDI2b2JmdXNjYXRlZEN1c3RvbWVySWQ9MjkzNDY1MzQ1M1x1MDAyNmNyZWF0aXZlSWQ9NDYwODQwOTIwNDE1XHUwMDI2dmVyc2lvbklkPTBcdTAwMjZhZEdyb3VwQ3JlYXRpdmVJZD00MDkxOTQwMjEwMTdcdTAwMjZodG1sUGFyZW50SWQ9cHJldi0wXHUwMDI2aGVpZ2h0PTkwXHUwMDI2d2lkdGg9OTcwXHUwMDI2c2lnPUFDaVZCX3hqSTk3RkJvakUyRkx2RkdWcGlfYVBZd0o0TEEiXSxudWxsLG51bGwsMSwidldvOGRlMVRPNW9JbVlIMXJ2UUxFTnZDbE1Nb0dQWHk1V1lpRTNsMVltbGpieTVqYjIwdmNHaHBjMmhwYm1jeUNBZ0ZFeGltNUF3VVFoZGpZUzF3ZFdJdE9UWTROVGN6TkRRME5UUTNOamd4TkVnQldBSndBUSIsIjEwODc4MjYzNjQzIl1dXSxbMSwxLDEsMV1ddhUDaL6CqYDwMX3gX9ewwr3P-8pwu_7NDUAalpojJtlzjl6kpQFq03ezED3bUQWPJKCVY8QNH8-9f2p4qhYt-JFbIX3uK-sBz4lILn1r5dtpbcwnjs3iYlywLWRHpuA0nLidmfsYn0rYv8tKPnbH-IaBz7S1RpNVHXhLoDFVkY-8Lr9edefq7V7AltnEgVn4TNXma8VpWBWj1SzH6M80GeQPy7ZNGZExHaP61XpV96XeYMPnUYoCNHMZdos7BrQg-_syiP45FUOs0k2zHPka7PrDpJgRXJa-7LFPXq5flpp5MP3CPOxmZFIufZ1i6KCCfrlzliD6oVUgkciERwaJRg,8aX2C5N6dPOkLd9oWvZ7CA&source=display

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.sequentur.net/e/929133/o-zero-click-zero-day-1694160-/c1dkdn/1459165111?h=TdOEzYpbYZ1I5TmrZuTROWuMYGHKm8USoUSL8W9RkxQ HTTP 301
https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/1694160/ HTTP 301
https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 121

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

141 HTTP transactions
-17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Redirect Chain

https://go.sequentur.net/e/929133/o-zero-click-zero-day-1694160-/c1dkdn/1459165111?h=TdOEzYpbYZ1I5TmrZuTROWuMYGHKm8USoUSL8W9RkxQ
https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/1694160/
https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

91 KB
24 KB

279ms
94ms

Document
text/html

35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

19abbc81c9aa894c458863f581dd69a7a700e861311c909426b0449ac6d74e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: threatpost.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Wed, 15 Sep 2021 17:29:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Link: <https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/wp-json/wp/v2/posts/169416>; rel="alternate"; type="application/json" <https://threatpost.com/?p=169416>; rel=shortlink
X-Frame-Options: SAMEORIGIN
X-Debug-Auth: off
X-Request-Host: threatpost.com
x-cache-hit: HIT
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Wed, 15 Sep 2021 17:29:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0, no-store
X-Redirect-By: WordPress
Location: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
X-Frame-Options: SAMEORIGIN
X-Debug-Auth: off
X-Request-Host: threatpost.com
x-cache-hit: MISS

GET
H/1.1 200
OK museosans-900italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 15 KB
16 KB 279ms
94ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8edaef698e025c37ba9e8d632a895d7252c62251df3f095d5cff17b6f3304854

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Connection: keep-alive
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: public
Date: Wed, 15 Sep 2021 17:29:03 GMT
Last-Modified: Tue, 14 Sep 2021 08:56:31 GMT
Server: nginx
ETag: "614063bf-3ca8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 15528
Expires: Thu, 15 Sep 2022 17:29:03 GMT

GET
H/1.1 200
OK museosans-900-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 390ms
196ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Connection: keep-alive
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: public
Date: Wed, 15 Sep 2021 17:29:03 GMT
Last-Modified: Tue, 14 Sep 2021 08:56:34 GMT
Server: nginx
ETag: "614063c2-5124"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 20772
Expires: Thu, 15 Sep 2022 17:29:03 GMT

GET
H/1.1 200
OK museosans-700italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 15 KB
16 KB 292ms
99ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Connection: keep-alive
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: public
Date: Wed, 15 Sep 2021 17:29:03 GMT
Last-Modified: Tue, 14 Sep 2021 08:56:34 GMT
Server: nginx
ETag: "614063c2-3dcc"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 15820
Expires: Thu, 15 Sep 2022 17:29:03 GMT

GET
H/1.1 200
OK museosans-700-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 304ms
103ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Connection: keep-alive
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: public
Date: Wed, 15 Sep 2021 17:29:03 GMT
Last-Modified: Tue, 14 Sep 2021 08:56:31 GMT
Server: nginx
ETag: "614063bf-51a4"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 20900
Expires: Thu, 15 Sep 2022 17:29:03 GMT

GET
H/1.1 200
OK museosans-500italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 23 KB
23 KB 317ms
106ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 17aee1fe3d7d16e647b97f568230c2ff36c1855ce35ce930c26aec5d2c58eaf4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Connection: keep-alive
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: public
Date: Wed, 15 Sep 2021 17:29:03 GMT
Last-Modified: Tue, 14 Sep 2021 08:56:31 GMT
Server: nginx
ETag: "614063bf-5c74"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 23668
Expires: Thu, 15 Sep 2022 17:29:03 GMT

GET
H/1.1 200
OK museosans-500-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 360ms
98ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Connection: keep-alive
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: public
Date: Wed, 15 Sep 2021 17:29:03 GMT
Last-Modified: Tue, 14 Sep 2021 08:56:31 GMT
Server: nginx
ETag: "614063bf-5194"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 20884
Expires: Thu, 15 Sep 2022 17:29:03 GMT

GET
H/1.1 200
OK museosans-300italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 23 KB
23 KB 687ms
105ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Connection: keep-alive
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: public
Date: Wed, 15 Sep 2021 17:29:04 GMT
Last-Modified: Tue, 14 Sep 2021 08:56:34 GMT
Server: nginx
ETag: "614063c2-5bac"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 23468
Expires: Thu, 15 Sep 2022 17:29:04 GMT

GET
H/1.1 200
OK museosans-300-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 716ms
110ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Connection: keep-alive
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: public
Date: Wed, 15 Sep 2021 17:29:04 GMT
Last-Modified: Tue, 14 Sep 2021 08:56:34 GMT
Server: nginx
ETag: "614063c2-51b8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 20920
Expires: Thu, 15 Sep 2022 17:29:04 GMT

GET
H/1.1 200
OK museosans-100italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 23 KB
23 KB 718ms
111ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 038fc4d49a9191d416d49841f371b6e0b06bb40f719124099d40fe8f393b9e2c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Connection: keep-alive
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: public
Date: Wed, 15 Sep 2021 17:29:04 GMT
Last-Modified: Tue, 14 Sep 2021 08:56:31 GMT
Server: nginx
ETag: "614063bf-5b34"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 23348
Expires: Thu, 15 Sep 2022 17:29:04 GMT

GET
H/1.1 200
OK museosans-100-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 730ms
109ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Connection: keep-alive
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: public
Date: Wed, 15 Sep 2021 17:29:04 GMT
Last-Modified: Tue, 14 Sep 2021 08:56:34 GMT
Server: nginx
ETag: "614063c2-50c8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 20680
Expires: Thu, 15 Sep 2022 17:29:04 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/math-aids-threatpost/ 44 KB
18 KB 115ms
25ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7115cd70253cb099c0df950068a37287302aea32fbbc7e0fba91fdb3c30e44b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: pt755VlF4mCbGk80x1Vz70Q284xpDfkg
content-encoding: gzip
etag: "caaabd1ef49f3d91caef2e8b78152be4"
age: 254
x-cache: Hit from cloudfront
content-length: 18408
x-amz-meta-git_commit: 7b120a5
last-modified: Sat, 11 Sep 2021 18:13:46 GMT
server: AmazonS3
date: Wed, 15 Sep 2021 17:24:51 GMT
content-type: application/javascript
via: 1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
x-amz-cf-id: 63XhKX-7i3eB5MMN85uboIFC379GCc9YmbGxohYKv01d47d7CPtSng==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
25 KB 75ms
25ms Script
text/javascript 142.250.187.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f2.1e100.net

Software

sffe /

Resource Hash

6588da947ea77c208f6093a9fdba61ab0c707e35952e7eb0821f9c138c3af8d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "987 / 195 of 1000 / last-modified: 1631723147"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24990
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Sep 2021 17:29:04 GMT

GET
H2 200 ros-layout.js Show response
qd.admetricspro.com/js/threatpost/ 26 KB
3 KB 251ms
168ms Script
application/javascript 172.67.207.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.207.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96360cdfad170cb263cb44fcb39b29be40de62551769b40250ec754805bd096e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 11 May 2021 04:57:26 GMT
server: cloudflare
etag: W/"67cb-5c206bb059aa2-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uv0TWBnKr37iSjrENe8h9MVsak%2FcvACmYQdG3JIuJZ5REqtqKPuTq8%2B%2Fzwz6Yi2xKN4Dm2hYHCmWslU9AA5Egyoohtu5TPM%2BZ2OhOc8dl2mazLasfR3%2BjoYCzT0ONOomPP0fW%2FLj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 68f3933699da412c-PRG
expires: Wed, 15 Sep 2021 17:32:47 GMT

GET
H2 200 cmp.js Show response
qd.admetricspro.com/js/threatpost/ 310 KB
90 KB 268ms
265ms Script
application/javascript 172.67.207.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.207.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 01 Jun 2021 14:47:10 GMT
server: cloudflare
etag: W/"4d957-5c3b56abf6028-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8A2Jw7pZDZkdXcli8251NLockZJJlYu6qRat1aPjCRcTnxft6A8no%2Faswk46WRaYflmTLGHtQbRvpg22eBDhZnKa8HJJHi9tRvteC%2BWAd2hKDlfGKpT8T%2BqZhCqJTJL%2FTBpGBriN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 68f3933b5aa8412c-PRG
expires: Wed, 15 Sep 2021 17:32:48 GMT

GET
H2 200 uspcmp.js Show response
qd.admetricspro.com/js/threatpost/ 148 KB
58 KB 320ms
317ms Script
application/javascript 172.67.207.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.207.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 08 Aug 2020 22:40:07 GMT
server: cloudflare
etag: W/"24e50-5ac65673cef1c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWe7MHWu%2FqQA8v387hojGWyuq7QgugzmSDg8pBVUf%2FTnCs%2B5SCCoD4t2beK2xTGdadsHzfoxTZ8Gj6s8jiaawZOlPcq5gDcNOlNAWPFCbx2yytgjUzrvWb65%2BI%2FK%2FyeYqOe1yvy5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 68f3933b5aab412c-PRG
expires: Wed, 15 Sep 2021 17:32:48 GMT

GET
H2 200 targeting.js Show response
qd.admetricspro.com/js/threatpost/ 393 B
509 B 565ms
563ms Script
application/javascript 172.67.207.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/targeting.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.207.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03cc687f0c8a2d1694e509b91fcd6c62c0fbdbdbdb850b8007b8052f649c7f77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 21:50:12 GMT
server: cloudflare
etag: W/"189-5c8c2c96f96c7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxuwCnIGkRz6%2BX8xq1wndQbEVWZubtMp6VeYrnBY8u5sPUb8zP8iXWpe8aWALNHWbrJTK6LM02ALFroeAdgJ92vynprhrSzhpiF478pjuM28AI720stUiy%2Bv0OpFJviFPyjixkeV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 68f3933b5aac412c-PRG
expires: Wed, 15 Sep 2021 17:32:48 GMT

GET
H2 200 prebid.js Show response
qd.admetricspro.com/js/threatpost/ 421 KB
127 KB 232ms
230ms Script
application/javascript 172.67.207.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.207.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a103be6f279cae8485833488abe0ba61ec1ee6754a4f35df960fd970a480647f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 05 May 2021 13:42:31 GMT
server: cloudflare
etag: W/"695c1-5c1955dc8c1d2-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVTB2bmo9BoYMLXrEeCNK3%2FRrxXQaONw3%2B4rDfnTYt%2Blw%2FtUzuI2Wlk0M3UL6t0LdBwB7%2BiqMm08XU7Y7LoZGJwHeuAyK4PiUJdVQqm7s2D%2FDbPrCuCFOtFMDE6ngHlikkuxJkjG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 68f3933b5ab0412c-PRG
expires: Wed, 15 Sep 2021 17:32:48 GMT

GET
H2 200 engine.js Show response
qd.admetricspro.com/js/threatpost/ 33 KB
10 KB 249ms
167ms Script
application/javascript 172.67.207.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/engine.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.207.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83c6bdb6c54b2fb90a204cf0279e2d868513572d0963ec534083902c1307844b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 19 Apr 2021 20:48:42 GMT
server: cloudflare
etag: W/"83c9-5c059747d2d30-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOqf19vHMrAHOxqT1rMWJdRS1HcMypKTaSBlJ61O%2FNOIBgXFwxO6VefwvULf1DCJn1nZYspdib0aB3tYIC%2FpzuGAPGuQSbB9ZnoFi1r%2BHTwcqchxlx%2BiR8s%2FqhclqU7ep0gqiAlO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 68f3933699db412c-PRG
expires: Wed, 15 Sep 2021 17:32:47 GMT

GET
H2 200 /
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 292 KB
42 KB 454ms
404ms Stylesheet
text/css 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.186.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-186-95.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

651e04b0e5647f9e2913196fa892689f13772efe4636cc1bbdad48868f67e1ce

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:04 GMT
content-encoding: gzip
x-amz-cf-pop: HAM50-C2
x-cache: Miss from cloudfront
content-length: 42435
x-cache-hit: HIT
last-modified: Tue, 14 Sep 2021 08:56:35 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: 2yLa90Bg_GfQD5V_sQRKIkZEdlRBt_C6jftyy_3UJmusRIQhNb50ig==
expires: Thu, 16 Sep 2021 13:09:52 GMT

GET
H/1.1 200
OK jquery-1.12.4-wp.js Show response
threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/ 95 KB
37 KB 726ms
105ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: public
Date: Wed, 15 Sep 2021 17:29:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Sep 2021 08:56:30 GMT
Server: nginx
ETag: W/"614063be-17a56"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800 public
Connection: close
Expires: Wed, 22 Sep 2021 17:29:04 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 20 KB
7 KB 452ms
403ms Script
application/x-javascript 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=cce7029a

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.186.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-186-95.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

b813e47b551a74f55e504ad2e4a7fdb97ee55a9497486ffa61f4dfc34e6fd338

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:04 GMT
content-encoding: gzip
x-amz-cf-pop: HAM50-C2
x-cache: Miss from cloudfront
content-length: 6410
x-cache-hit: HIT
last-modified: Tue, 14 Sep 2021 08:56:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: r4KrV_KHfb_-lCSAcShlpM0DKEFu8ie15Uga4xxmKUjfuWZjPf3gJQ==
expires: Thu, 16 Sep 2021 13:09:39 GMT

GET
H2 200 white-pegasus-e1626804896117.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/07/20141444/ 58 KB
59 KB 66ms
16ms Image
image/jpeg 52.222.179.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/07/20141444/white-pegasus-e1626804896117.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-64.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 03cce68dfe7c9a3e3dd4ae5fa86a186b0e2db5ef228bec6c5ddfed431ee4048d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 18:58:49 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront), 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jul 2021 18:14:57 GMT
server: AmazonS3
age: 4919416
etag: "7475b9b0d986d0860a93b9a953f730cf"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, HAM50-C1
accept-ranges: bytes
content-length: 59442
x-amz-cf-id: aNvXH92iEMt86bBDPDOMjrpniWhqQSqNr0bSE2SaPKkQ3H66q02Tgg==
expires: Wed, 20 Jul 2022 18:14:56 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
989 B 79ms
28ms Script
text/javascript 142.250.200.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en&render=explicit

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.200.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f4.1e100.net

Software

GSE /

Resource Hash

0dec9aeb51462b308a63c0764200387b953392d7012b91c096b2ca88ddb59ba0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Wed, 15 Sep 2021 17:29:04 GMT

GET
H/1.1 200
OK scripts.js Show response
kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/ 2 KB
1 KB 570ms
123ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/scripts.js?ver=1.0
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: public
Date: Wed, 15 Sep 2021 17:29:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Sep 2021 08:56:31 GMT
Server: nginx
ETag: W/"614063bf-828"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Wed, 22 Sep 2021 17:29:05 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
626 B 84ms
31ms Script
text/javascript 142.250.200.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.200.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f4.1e100.net

Software

GSE /

Resource Hash

d213141dcfdeae23ae379124d70426e6de6da8ee08e26e25aef4feabcbdb211e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 557
x-xss-protection: 1; mode=block
expires: Wed, 15 Sep 2021 17:29:04 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 2 KB
1 KB 394ms
391ms Script
application/x-javascript 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/jquery.json.min.js&ver=cce7029a

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.186.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-186-95.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:04 GMT
content-encoding: gzip
x-amz-cf-pop: HAM50-C2
x-cache: Miss from cloudfront
content-length: 926
x-cache-hit: HIT
last-modified: Tue, 14 Sep 2021 08:56:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: mmzjnyan3TkGkC1ZZCbXm504v-bh2KqR6I8UOi9K07clHHI8PpQ4kQ==
expires: Thu, 16 Sep 2021 13:09:40 GMT

GET
H/1.1 200
OK gravityforms.min.js Show response
threatpost.com/wp-content/plugins/gravityforms/js/ 34 KB
12 KB 294ms
101ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.17.15
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: public
Date: Wed, 15 Sep 2021 17:29:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Sep 2021 08:56:30 GMT
Server: nginx
ETag: W/"614063be-88c2"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800 public
Connection: close
Expires: Wed, 22 Sep 2021 17:29:04 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 7 KB
3 KB 394ms
391ms Script
application/x-javascript 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/conditional_logic.min.js&ver=cce7029a

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.186.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-186-95.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:04 GMT
content-encoding: gzip
x-amz-cf-pop: HAM50-C2
x-cache: Miss from cloudfront
content-length: 2685
x-cache-hit: HIT
last-modified: Tue, 14 Sep 2021 08:56:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: llaBH1R1loyWMrPnETIQQPueBJmoenGwE_NVhJ8ubmTG8m5LG_rrMA==
expires: Thu, 16 Sep 2021 13:09:40 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 5 KB
2 KB 396ms
394ms Script
application/x-javascript 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/placeholders.jquery.min.js&ver=cce7029a

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.186.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-186-95.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:04 GMT
content-encoding: gzip
x-amz-cf-pop: HAM50-C2
x-cache: Miss from cloudfront
content-length: 1747
x-cache-hit: HIT
last-modified: Tue, 14 Sep 2021 08:56:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: 6RcPcjJNwYcebLhL5ZWfuGz9de1g7OR8-hmvaA8hXZlC5yF7FZRQ9A==
expires: Thu, 16 Sep 2021 13:09:37 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 161 KB
51 KB 397ms
395ms Script
application/x-javascript 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-gravity-forms-dynamic-recaptcha/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-includes/js/wp-embed.min.js,wp-content/plugins/akismet/_inc/form.js&ver=cce7029a

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.186.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-186-95.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

164f113713f0f15f300354fb36e2f2529e5d2f74c0b88ed714e745a277e4be02

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:04 GMT
content-encoding: gzip
x-amz-cf-pop: HAM50-C2
x-cache: Miss from cloudfront
content-length: 51515
x-cache-hit: HIT
last-modified: Tue, 14 Sep 2021 08:56:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-request-host: assets.threatpost.com
x-amz-cf-id: lrMwWuim28cK-qlf-KpXyiNp5vf5tSnbrFg3m7vE39jisxiYk3fr4A==
expires: Thu, 16 Sep 2021 13:09:40 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 127 KB
34 KB 62ms
14ms Script
application/javascript 54.230.55.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.55.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-55-220.ham50.r.cloudfront.net
Software: Server /
Resource Hash: 1465ea73b9db4601cda29c323ea3eea1fc28337bd2c5193154c9ecbd7bf38bbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: uWwyK2X6BNEEFcp6N7LVJOnZGxm.y_02
content-encoding: gzip
etag: 708a268139e52bdfbe59398b3e766151
age: 831
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 15W3EW5PTBXQJXQV47WZ
date: Wed, 15 Sep 2021 17:15:12 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6c080b1173adbaa14122fac10a76a7c7.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: _NGWww_eQGsk6sOUu4-2fQE6NTYXwvnu-RpVNN7Q8b4pfpooaTWjxw==

GET connatix.player.js
cd.connatix.com/ Frame C053 0
0

GET
H/1.1 200
OK / Show response
kasperskycontenthub.com/ 0
398 B 557ms
124ms Script
application/javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=1997201572&back=https%3A%2F%2Fthreatpost.com%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 17:29:05 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Type: application/javascript
x-cache-hit: HIT
Transfer-Encoding: chunked
X-Debug-Auth: off
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Request-Host: kasperskycontenthub.com
X-XSS-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 168 KB
57 KB 122ms
50ms Script
application/javascript 172.217.169.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s26-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4a46d493692f92617005dda00f97f1189f37f5dd647f3fb328d06cc3529273e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57505
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 17:29:04 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/ 13 KB
5 KB 302ms
102ms Other
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: same-origin
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: public
Date: Wed, 15 Sep 2021 17:29:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Sep 2021 08:56:34 GMT
Server: nginx
ETag: W/"614063c2-3496"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800 public
Connection: close
Expires: Wed, 22 Sep 2021 17:29:04 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 13 KB
5 KB 322ms
106ms Other
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: same-origin
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: public
Date: Wed, 15 Sep 2021 17:29:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Sep 2021 08:56:34 GMT
Server: nginx
ETag: W/"614063c2-3496"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800 public
Connection: close
Expires: Wed, 22 Sep 2021 17:29:04 GMT

GET
H2 200 logo.png
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 19 KB
19 KB 480ms
480ms Image
image/png 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo.png
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-95.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Sep 2021 17:29:04 GMT
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Tue, 14 Sep 2021 08:56:32 GMT
server: nginx
x-amz-cf-pop: HAM50-C2
etag: "614063c0-4a32"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 18994
x-amz-cf-id: dnljS5KK2Ek4zysBeLFwKsXuFHPKLBUCtZITC3BD7yQ8GQVxgoFJCg==
expires: Wed, 22 Sep 2021 17:29:04 GMT

GET
H2 200 museosans-700-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 366ms
333ms Font
font/woff2 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-95.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Sep 2021 17:29:04 GMT
via: 1.1 2408979685aa1bdb752824d292e63bf7.cloudfront.net (CloudFront)
last-modified: Tue, 14 Sep 2021 08:56:31 GMT
server: nginx
x-amz-cf-pop: HAM50-C2
etag: "614063bf-51a4"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 20900
x-amz-cf-id: XZ_SxbgvEEQ53J3oZOJwTgIUsO6XHBeKtqJqGN9WzBCmg9z-rfgEbw==
expires: Thu, 15 Sep 2022 17:29:04 GMT

GET
H2 200 museosans-100-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 426ms
393ms Font
font/woff2 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-95.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Sep 2021 17:29:04 GMT
via: 1.1 2408979685aa1bdb752824d292e63bf7.cloudfront.net (CloudFront)
last-modified: Tue, 14 Sep 2021 08:56:34 GMT
server: nginx
x-amz-cf-pop: HAM50-C2
etag: "614063c2-50c8"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 20680
x-amz-cf-id: OGXxDXljwDRIWMXF3tCBTb67ZtNu18nZFc0DgejO8Cg1HoZYYK7ROg==
expires: Thu, 15 Sep 2022 17:29:04 GMT

GET
H2 200 museosans-300-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 426ms
394ms Font
font/woff2 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-95.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Sep 2021 17:29:04 GMT
via: 1.1 2408979685aa1bdb752824d292e63bf7.cloudfront.net (CloudFront)
last-modified: Tue, 14 Sep 2021 08:56:34 GMT
server: nginx
x-amz-cf-pop: HAM50-C2
etag: "614063c2-51b8"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 20920
x-amz-cf-id: -rMDTGA1A1ACFv3OEdhrmXtDoRgcytxYTJmCtGpf35DVBNHbmqVLRw==
expires: Thu, 15 Sep 2022 17:29:04 GMT

GET
H2 200 museosans-500-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 537ms
505ms Font
font/woff2 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-95.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Sep 2021 17:29:04 GMT
via: 1.1 2408979685aa1bdb752824d292e63bf7.cloudfront.net (CloudFront)
last-modified: Tue, 14 Sep 2021 08:56:32 GMT
server: nginx
x-amz-cf-pop: HAM50-C2
etag: "614063c0-5194"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 20884
x-amz-cf-id: tYVYyU6Upc8G7L3uYL8ojlQnel2dPGhhQR7ZRONjtnUjPgV_cBSkEw==
expires: Thu, 15 Sep 2022 17:29:04 GMT

GET
H2 200 Lisa-Vaas-Headshot.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/05/05095532/ 18 KB
19 KB 34ms
33ms Image
image/jpeg 52.222.179.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/05/05095532/Lisa-Vaas-Headshot.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-64.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d5a65e5129df0b4c89e73f205c6cb89cba0cd1d8e21a1512ca76b769634052d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 03:38:51 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront), 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 13:37:34 GMT
server: AmazonS3
age: 4629014
etag: "78f8fd88850c65941db84cb8bf0d741d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, HAM50-C1
accept-ranges: bytes
content-length: 18649
x-amz-cf-id: IzmkgpyCBWX7NMywc2RQSTP4Fu4lR23TtWVYMD_6NBbYwGoTz2bJVw==
expires: Wed, 25 May 2022 13:37:32 GMT

GET
H2 200 infosec_insiders_in_article_promo.png
media.threatpost.com/wp-content/uploads/sites/103/2021/07/10165815/ 20 KB
20 KB 22ms
21ms Image
image/png 52.222.179.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/07/10165815/infosec_insiders_in_article_promo.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-64.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbe4e4e4e847a32bd717d963f0ac04b619a7a9cdd631a7454d9dfec16fbae73f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 02:51:30 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront), 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
last-modified: Tue, 10 Aug 2021 20:58:17 GMT
server: AmazonS3
age: 3076655
etag: "101ba02c43488b8b07cf42f9aa850f6a"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, HAM50-C1
accept-ranges: bytes
content-length: 20484
x-amz-cf-id: 6myvhP5X9yWwOFlxtz-lHbLjnXeGgfH-oiN-n89qM0p-sG-eYAl6Iw==
expires: Wed, 10 Aug 2022 20:58:15 GMT

GET
H2 200 fish-on-hook-540x270.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2021/09/15090435/ 20 KB
20 KB 26ms
25ms Image
image/jpeg 52.222.179.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/09/15090435/fish-on-hook-540x270.jpeg
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-64.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f48bb87151a83c17456329424c3cbeb23ae930aab6925f06f37974ec2f312cc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 13:07:50 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront), 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
last-modified: Wed, 15 Sep 2021 13:04:40 GMT
server: AmazonS3
age: 15675
etag: "bd4ea1ed2f3943fc3432cb87e095cfc7"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, HAM50-C1
accept-ranges: bytes
content-length: 20093
x-amz-cf-id: TSrgXan2jCTHa7rvOr_18FzBlm97W8-jmuab6IHC6ZLiqjG91Gm3vA==
expires: Thu, 15 Sep 2022 13:04:39 GMT

GET
H2 200 adobe_patch-540x270.png
media.threatpost.com/wp-content/uploads/sites/103/2018/08/22080754/ 122 KB
122 KB 35ms
34ms Image
image/png 52.222.179.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/08/22080754/adobe_patch-540x270.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-64.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d72af0a6149bc4353ba91b1f6aad64e586f727f06eea3d4ab5ffae1bad2de4dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 21:03:16 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront), 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
last-modified: Wed, 22 Aug 2018 12:07:57 GMT
server: AmazonS3
age: 73549
etag: "5dd020acb952227872e5c70b208f1b77"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, HAM50-C1
accept-ranges: bytes
content-length: 124677
x-amz-cf-id: 9-fZPprsImU3R5FRWH4XcMlOstF-Q193ZNlxfbWq0qOlORI1bV0pag==
expires: Thu, 22 Aug 2019 12:07:54 GMT

GET
H2 200 microsoft-exploit-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/09/15094855/ 14 KB
14 KB 32ms
31ms Image
image/jpeg 52.222.179.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/09/15094855/microsoft-exploit-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-64.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b597cceb87a951a2a82dc4473315305bd9fe95bab1202188ffe11758698cda4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:25:02 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront), 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 13:48:59 GMT
server: AmazonS3
age: 176643
etag: "af7ef1f875f1edfb73732f0eb9166e3a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, HAM50-C1
accept-ranges: bytes
content-length: 13995
x-amz-cf-id: ffQk2lJhTslrrmCrLuekOsLIlSMf0ARDP4yaxS0XKgxWDiipJQhPtA==
expires: Wed, 15 Sep 2021 13:48:58 GMT

GET
H2 200 mail-plane-light.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 828 B
743 B 494ms
494ms Image
image/svg+xml 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-light.svg
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-95.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Sep 2021 17:29:05 GMT
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 08:56:34 GMT
server: nginx
x-amz-cf-pop: HAM50-C2
etag: W/"614063c2-33c"
x-cache: Miss from cloudfront
content-type: image/svg+xml
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
x-amz-cf-id: l3l7n7WmKWhas-nHWdrdJr0zG4mopJVeGFnQklLIFnjI3BoLdiQG-g==
expires: Wed, 22 Sep 2021 17:29:05 GMT

GET
H2 200 twitter-blue.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 868 B
867 B 494ms
494ms Image
image/svg+xml 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/twitter-blue.svg
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-95.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Sep 2021 17:29:05 GMT
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 08:56:31 GMT
server: nginx
x-amz-cf-pop: HAM50-C2
etag: W/"614063bf-364"
x-cache: Miss from cloudfront
content-type: image/svg+xml
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
x-amz-cf-id: 4msvJ8TAz0DIcj5l0aRTjs_F-_A3GulnAtk-BlgXcY926Die4cVK9A==
expires: Wed, 22 Sep 2021 17:29:05 GMT

GET
H2 200 museosans-700italic-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 15 KB
16 KB 494ms
494ms Font
font/woff2 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-95.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Sep 2021 17:29:04 GMT
via: 1.1 2408979685aa1bdb752824d292e63bf7.cloudfront.net (CloudFront)
last-modified: Tue, 14 Sep 2021 08:56:32 GMT
server: nginx
x-amz-cf-pop: HAM50-C2
etag: "614063c0-3dcc"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 15820
x-amz-cf-id: OEkj3YH9aiHbzpRaYNN0aKYttBga4jM6H8I0BRlMHrEs7Yyu8uE82w==
expires: Thu, 15 Sep 2022 17:29:04 GMT

GET
H2 200 Software-Patch-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/09/03102603/ 2 KB
2 KB 24ms
22ms Image
image/jpeg 52.222.179.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/09/03102603/Software-Patch-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-64.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c023c2ee91cd3f525f15ae65edfbe679a4b03c09a4c53020ed81f7eac9276491

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:06:49 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront), 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
last-modified: Tue, 03 Sep 2019 14:26:06 GMT
server: AmazonS3
age: 76936
etag: "951dbe4b001c12963838ab021b32ad90"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, HAM50-C1
accept-ranges: bytes
content-length: 1667
x-amz-cf-id: dc5_LynkbxIDj0r33SpRyJemdrRD8pSVoxs9S1KUQUALAK-ZRZAS_g==
expires: Wed, 02 Sep 2020 14:26:03 GMT

GET
H2 200 ransomware-cpu-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/08/31064150/ 2 KB
3 KB 23ms
21ms Image
image/jpeg 52.222.179.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/08/31064150/ransomware-cpu-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-64.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 709b3435af6dddb0cd6fabf74952628ee2016914e48bbe7498c2bc39e41318fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 18:19:27 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront), 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
last-modified: Tue, 31 Aug 2021 10:41:55 GMT
server: AmazonS3
age: 169778
etag: "18014791005664b666591f208f17dd0f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, HAM50-C1
accept-ranges: bytes
content-length: 2467
x-amz-cf-id: PeGuuYSSyht_2EWJdQY6ZES51PTm-tH5V-ridMSf9l8GF6PzkwrtoQ==
expires: Wed, 31 Aug 2022 10:41:54 GMT

GET
H2 200 cryptocurrency_fail-405x270-1-64x64.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2021/08/26171204/ 3 KB
3 KB 27ms
26ms Image
image/jpeg 52.222.179.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/08/26171204/cryptocurrency_fail-405x270-1-64x64.jpeg
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-64.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eeb3bfb6dfdb96c9cd6135255277a50c4c911b00e99fa26f4a83f5bdde23ac23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 17:51:40 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront), 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
last-modified: Thu, 26 Aug 2021 21:12:07 GMT
server: AmazonS3
age: 517045
etag: "6b0448713599cb01a950e1ff9596d291"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, HAM50-C1
accept-ranges: bytes
content-length: 2569
x-amz-cf-id: fvYPfM3tOPZCYO2OU9jU2wk1gKcB5RdPLjkmI0gXwg5fXU_J0dfO1A==
expires: Fri, 26 Aug 2022 21:12:06 GMT

GET
H2 200 gate-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/09/08142255/ 3 KB
3 KB 23ms
22ms Image
image/jpeg 52.222.179.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/09/08142255/gate-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-64.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3f2db571cdfa70d26d1ea4fc42ae6de6df5a9c02f68b4ecee3b8508a1770931

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 19:01:20 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront), 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 18:23:01 GMT
server: AmazonS3
age: 599265
etag: "8c096723581ebb3cc5cfd53da0087e83"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, HAM50-C1
accept-ranges: bytes
content-length: 2666
x-amz-cf-id: k9YAMGa49gYdtRsS4y4Q9NQj3AyMQs2m91mC6pWjTCpbza5Q_NEqpg==
expires: Thu, 08 Sep 2022 18:23:00 GMT

GET
H2 200 Mule-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/09/06111636/ 2 KB
2 KB 23ms
23ms Image
image/jpeg 52.222.179.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2021/09/06111636/Mule-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-64.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd52765ab641f26faf7c1a3674f65e2c3ee658270cd300a370fc5662ff510d47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:30:25 GMT
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront), 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
last-modified: Mon, 06 Sep 2021 15:16:42 GMT
server: AmazonS3
age: 784720
etag: "b8b11cbaf329d8290c0c067630b63c3b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, HAM50-C1
accept-ranges: bytes
content-length: 2069
x-amz-cf-id: 7xebNKNYsMRveAndNmY1PZArRoxZKiFXqqJ4b-QGlAhzkqenMVfw6g==
expires: Tue, 06 Sep 2022 15:16:41 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ 340 KB
133 KB 94ms
29ms Script
text/javascript 142.250.187.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f3.1e100.net

Software

sffe /

Resource Hash

4e4f76389625a4e86c8328c2d1e01de5e3bb22dfd06edb9873313a6da47e4e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 12:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135849
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 17:56:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 12:27:06 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 57 B
413 B 14ms
14ms XHR
application/json 54.230.55.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthreatpost.com%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.55.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-55-220.ham50.r.cloudfront.net
Software: Server /
Resource Hash: 8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 08:04:10 GMT
via: 1.1 6c080b1173adbaa14122fac10a76a7c7.cloudfront.net (CloudFront)
server: Server
age: 33893
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: max-age=43150, s-maxage=43200
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C1
content-length: 57
x-amz-cf-id: gzVe0y39FViwTGnC-crxQikCNfN9K1klHAKrKkZMEmPZdV3cEYEH6Q==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 41ms
14ms XHR
application/javascript 54.230.55.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.55.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-55-220.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: S8kNCKkikutwvs4V44q0sFuZ4JNc9Ate
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 9233
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 07 Sep 2021 22:15:56 GMT
server: AmazonS3
date: Wed, 15 Sep 2021 15:32:19 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 cadd28ddf17473bac9ce00c18f8e1bc2.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: 4bLR9rCpWyCwxvqdCkc7_bXZyHUgCJNe-LLk02XISdb9UIFK0m6Mqw==

GET
H2 200 mail-plane-large-dark.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 812 B
745 B 486ms
486ms Image
image/svg+xml 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-large-dark.svg
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-95.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Sep 2021 17:29:05 GMT
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 08:56:32 GMT
server: nginx
x-amz-cf-pop: HAM50-C2
etag: W/"614063c0-32c"
x-cache: Miss from cloudfront
content-type: image/svg+xml
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
x-amz-cf-id: DtOBsRRnoFXMpk7ZQBIxXvKR4NO79bR2Vc24MblxphY5jPH3Ly4Qzw==
expires: Wed, 22 Sep 2021 17:29:05 GMT

GET
H2 200 logo-white.png
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 10 KB
10 KB 493ms
492ms Image
image/png 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo-white.png
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-95.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Sep 2021 17:29:05 GMT
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Tue, 14 Sep 2021 08:56:34 GMT
server: nginx
x-amz-cf-pop: HAM50-C2
etag: "614063c2-260a"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 9738
x-amz-cf-id: 5rv128z4CC4ftZxpThQB2FCgXOVjZE__QeWKbRDFis7fbYt0sSDSiA==
expires: Wed, 22 Sep 2021 17:29:05 GMT

GET
H2 200 pubads_impl_2021091001.js Show response
securepubads.g.doubleclick.net/gpt/ 333 KB
117 KB 226ms
26ms Script
text/javascript 142.250.180.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f2.1e100.net

Software

sffe /

Resource Hash

7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119453
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 19:52:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Sep 2021 17:29:04 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 97 B
742 B 229ms
34ms XHR
application/json 142.250.180.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=threatpost.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f2.1e100.net

Software

cafe /

Resource Hash

faa56d1968744818c877c9bf9f917b408c69e69198e7a27568078d828aa7042f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 17:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85
x-xss-protection: 0
expires: Wed, 15 Sep 2021 17:29:04 GMT

GET
H2 200 b-7b120a5-9b871d4e.js Show response
tagan.adlightning.com/math-aids-threatpost/ 73 KB
28 KB 14ms
13ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 17:51:16 GMT
content-encoding: gzip
age: 2590669
x-cache: Hit from cloudfront
content-length: 28179
x-amz-meta-git_commit: 7b120a5
last-modified: Mon, 16 Aug 2021 17:49:31 GMT
server: AmazonS3
etag: "c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id: HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via: 1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: DqMEy3PcTQvTzAL52Wu0zSAIAHM3awNXx41CeRAdFZIUutfl19HDbw==

GET
H2 200 bl-51e1d9e-e467ad0d.js Show response
tagan.adlightning.com/math-aids-threatpost/ 60 KB
26 KB 14ms
13ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-51e1d9e-e467ad0d.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e36df73429a259ceda26c9d66e040d0012d78914dd3002ea77df55b42a4ca0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:57:06 GMT
content-encoding: gzip
age: 340319
x-cache: Hit from cloudfront
content-length: 25942
x-amz-meta-git_commit: 51e1d9e
last-modified: Sat, 11 Sep 2021 18:12:51 GMT
server: AmazonS3
etag: "083825cfb8db10bac68e6410ab248c51"
x-amz-version-id: PSa1C79GhQnptS._710ocSamU9psfOMp
via: 1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: IDZR5gv-8enD2TLjezGVGS9hVGh-9jtMDf6w-oGKynOCAUy-BW4CgA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 88ms
25ms Script
text/javascript 142.250.187.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6415
date: Wed, 15 Sep 2021 15:42:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 15 Sep 2021 17:42:09 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 66ms
11ms Script
application/javascript 91.228.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:04 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 22 Sep 2021 17:29:04 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 6 KB
2 KB 80ms
20ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:04 GMT
content-encoding: gzip
fastly-restarts: 1
last-modified: Wed, 25 Aug 2021 16:20:44 GMT
etag: "934b8997f9fc81b2d0e16fca4cd0b8bb+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra: DE-NW
cache-control: no-cache
x-cache: HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 2119
x-served-by: cache-fra19148-FRA

GET
H3 200 vendor-list.json Show response
qd.admetricspro.com/js/cmp2/ 256 KB
38 KB 264ms
224ms XHR
application/json 172.67.207.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/cmp2/vendor-list.json
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aeb3ee07f4b462935c5d8047ff038c8e279d75f9be1dcd0b848ba68223a3ee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 31 May 2021 16:54:38 GMT
server: cloudflare
etag: W/"3ffae-5c3a314b5dcb2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4POf9hvKNf7Dv5dzsD4PKoINUJ6uG6D94rBy9QCf1YOW7B%2Fllu9L3mvgxI1PYuAzg5tDDWEkQuiB97x0YtWJEokMsQF0BD9O3sGtK26hmNWeVPC%2FvvF19LlUG1kRqB0nH95GoJP"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 68f3933dfae2413e-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 15 Sep 2021 17:39:05 GMT

GET
H2 200 rules-p-_7kVx0t9Jqj90.js Show response
rules.quantcount.com/ 2 B
354 B 82ms
18ms Script
application/javascript 52.222.186.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-_7kVx0t9Jqj90.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-111.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:56:36 GMT
via: 1.1 f2bfcb0e5eaa96cb4b9aaa38ccd55547.cloudfront.net (CloudFront)
server: AmazonS3
age: 1948
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: HAM50-C2
content-length: 2
x-amz-cf-id: r2alCj7rdo42EXpP26xgEYHoUsXs0LW5DmEnpl1RBukGHLvznl5qjw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 69ms
34ms XHR
text/plain 142.250.187.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1017504172&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F&ul=en-us&de=UTF-8&dt=Apple%20Issues%20Emergency%20Fix%20for%20NSO%20Zero-Click%20Zero%20Day%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1598764759&gjid=1189789769&cid=1718323493.1631726945&tid=UA-35676203-21&_gid=214541775.1631726945&_r=1&gtm=2wg9d0PM29HLF&z=689578843

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 17:29:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 58ms
29ms Image
image/gif 142.250.187.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=1017504172&t=event&ni=0&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F&ul=en-us&de=UTF-8&dt=Apple%20Issues%20Emergency%20Fix%20for%20NSO%20Zero-Click%20Zero%20Day%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VISIBILITY&ea=elementVisibility%20%2F%20%5BHeader%5D%20%2F%20Social%20Networks%20View&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1718323493.1631726945&tid=UA-35676203-21&_gid=214541775.1631726945&gtm=2wg9d0PM29HLF&z=1495640715

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 08:15:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33189
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
454 B 146ms
120ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 15 Sep 2021 17:29:05 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 73e1ce98bafe1f980cbefaf8825b08407421262f19889e74b5eb1e2c9865b24c
x-transaction: 43d4f19dcad7884d
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
711 B 90ms
36ms Script
application/javascript 104.18.15.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.161 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 09 Sep 2021 12:35:55 GMT
server: cloudflare
age: 535972
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 68f39340fbb02790-PRG
x-amz-request-id: TD3DS9YZ8440AKDY
x-amz-id-2: M2Q7mY6rdpzXw/sL0fa+n0BFIJ9kCQCZ5Pu3Nfv1fXbLplIOJnLEBWCmKKKxSvug0l8dkcZHDP0=
expires: Wed, 15 Sep 2021 17:59:05 GMT

POST
H/1.1 200 724.json Show response
id5-sync.com/g/v2/ 213 B
532 B 1050ms
8ms XHR
application/json 51.89.21.20
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/724.json

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.20 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p14.id5-sync.com

Software

Resource Hash

9222b6d906221d67a6a3613caae8ad439213bab34f39ee3f935d5f7c21f7671b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://threatpost.com
Date: Wed, 15 Sep 2021 17:29:02 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ 343 KB
134 KB 60ms
27ms Script
text/javascript 142.250.187.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f3.1e100.net

Software

sffe /

Resource Hash

3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 05:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137529
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 17:56:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 05:55:37 GMT

GET
H2 200 flipboard.svg
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/ 236 B
566 B 294ms
293ms Image
image/svg+xml 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/flipboard.svg
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-95.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Sep 2021 17:29:05 GMT
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 08:56:34 GMT
server: nginx
x-amz-cf-pop: HAM50-C2
etag: W/"614063c2-ec"
x-cache: Miss from cloudfront
content-type: image/svg+xml
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
x-amz-cf-id: cIrI_-Ags4PL_zPMyuQzmMQ8j1IWxpJkB5STFZiRPo51iI4xAFkvpg==
expires: Wed, 22 Sep 2021 17:29:05 GMT

GET
H2 200 fontawesome-webfont.woff2
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/ 75 KB
76 KB 387ms
386ms Font
font/woff2 52.222.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-95.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=cce7029a
Origin: https://threatpost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Sep 2021 17:29:05 GMT
via: 1.1 2408979685aa1bdb752824d292e63bf7.cloudfront.net (CloudFront)
last-modified: Tue, 14 Sep 2021 08:56:32 GMT
server: nginx
x-amz-cf-pop: HAM50-C2
etag: "614063c0-12d68"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 77160
x-amz-cf-id: hSrF2YS7UuyQdzj7xze6uboBYo2qHFc_wT8OOEnHGv9D_x6HoKk5NQ==
expires: Thu, 15 Sep 2022 17:29:05 GMT

GET
H/1.1 200
OK v1 Show response
geo.ipify.org/api/ 390 B
601 B 619ms
207ms XHR
application/json 64.140.160.2
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.ipify.org/api/v1?apiKey=at_riPAQYz3EiQ6JhsH05bmtozma13RA

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.140.160.2 Clearfield, United States, ASN18450 (WEBNX, US),

Reverse DNS

threatintelligenceplatform.com

Software

nginx /

Resource Hash

8d6dbedc85214877c9c54b381fe755c941ea86b748f4796cd0fb961d914624d6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 17:29:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
659 B 206ms
116ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 15 Sep 2021 17:29:05 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 84e83097bf46c41411e2700810c339faefe00c386c3bd51fe78f89f15ba6ac87
x-transaction: 0127ac67e4d73934
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
431 B 97ms
14ms XHR
text/plain 74.125.206.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-35676203-21&cid=1718323493.1631726945&jid=1598764759&gjid=1189789769&_gid=214541775.1631726945&_u=YEBAAEAAAAAAAC~&z=680602978

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 15 Sep 2021 17:29:05 GMT
content-type: text/plain
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 99 B
341 B 96ms
46ms XHR
application/json 104.18.15.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mp.4dex.io/prebid

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f1406375a1b5560e502c60564b2aadb8c54df7d7029543aba8751883920e890

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 17:29:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-warn: Selecting bids. No selected bids
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
cf-ray: 68f39341ad152790-PRG
server: cloudflare
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
760 B 194ms
125ms XHR
application/json 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.37.0
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: bb2d31858387a459f9756d5e0bc82ef986185acc2d09de0ac5462d5b9e495aeb

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 15 Sep 2021 17:29:05 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
474 B 472ms
81ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_728x90-atf&cmd=bid&secure=1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: ad482d8a8ebd9a70876e35968f38df7f5f7d773bf1f3d451e6fea00fdb3a4515

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 15 Sep 2021 17:29:05 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
474 B 466ms
75ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_300x250-atf&cmd=bid&secure=1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: e51f19cde13b14cecb54f28ea6cfae350f56f2fa630974c771bb9a71da54489b

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 15 Sep 2021 17:29:05 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
474 B 517ms
126ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_300x600-atf&cmd=bid&secure=1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: b5a51464d72d4c1881e6694686718b2faa45f7c9a1e2ceaa35507a499549d774

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 15 Sep 2021 17:29:06 GMT
Server: ATS/7.1.2.138
Age: 1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
373 B 171ms
106ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=438654&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22154cedf70aac45d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%224.37.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A4%2C%22msi%22%3A4%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22sid%22%3A%221005%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216b6d92be2a8636%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2217fa7a60009d83b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22181f0232a742be5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2216b6d92be2a8636%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2216b6d92be2a8636%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2217fa7a60009d83b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22181f0232a742be5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1177777bb51be46688cb5027876269279c655932bb9dea08395886fff799138b

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 17:29:05 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.163], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://threatpost.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 12
expires: Wed, 15 Sep 2021 17:29:05 GMT

GET
H2 200 arj Show response
teachingaids-d.openx.net/w/1.0/ 173 B
560 B 115ms
47ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthreatpost.com%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=88767be8-11bc-47f0-9c36-72fe605c526e%2C88767be8-11bc-47f0-9c36-72fe605c526e%2C227a0f7b-d714-4a13-a15f-09078f8a30e9%2C98171aa2-64ae-4393-a8e2-a432a1d67061%2C98171aa2-64ae-4393-a8e2-a432a1d67061&nocache=1631726945498&pubcid=872cbcec-2bf7-4ab8-a7e9-49faf66a5bc8&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&aus=728x90%2C970x250%2C970x90%7C728x90%2C970x250%2C970x90%7C300x250%2C336x280%7C300x250%2C300x600%7C300x250%2C300x600&divIds=div-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-3%2Cdiv-gpt-ad-6794670-5%2Cdiv-gpt-ad-6794670-5&auid=540932704%2C540932709%2C540932713%2C540932715%2C540932720
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: ded6a492601f06707a83121193d35f18e2ef37f4bb0186e6578f0b9a3b77a193

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 17:29:05 GMT
content-encoding: gzip
server: OXGW/16.216.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
984 B 496ms
111ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: f4b064d961dd5c30917481f9cf22f400d352737e7dac10d70e574877eef1e8ea

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
date: Wed, 15 Sep 2021 17:29:05 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
263 B 127ms
64ms XHR
application/json 18.192.222.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.37.0&referrer=https%3A%2F%2Fthreatpost.com%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F&tmax=1200

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.192.222.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-222-132.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 17:29:05 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/216477/0/ 0
170 B 77ms
15ms XHR
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/216477/0/mvo?z=1r&hbv=4.37,2.1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
pragma: no-cache
date: Wed, 15 Sep 2021 17:29:05 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 371 B
1 KB 110ms
52ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

cf7cfed153f0642135e6189041f427f9f027a5117d54f883ad52a07bbeca7fe7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 17:29:05 GMT
X-Proxy-Origin: 216.131.114.163; 216.131.114.163; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 16c45435-0aa1-4305-afd5-1e5c82a66810
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 371
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
2 KB 132ms
68ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F&tk_flint=pbjs_lite_v4.37.0&x_source.tid=88767be8-11bc-47f0-9c36-72fe605c526e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.763213159900344
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 26fdd87ac6f90149a771880c4db796e3846ee325712d0cbd194e07e861bdddad

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 17:29:05 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
2 KB 110ms
46ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=16&p_pos=atf&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F&tk_flint=pbjs_lite_v4.37.0&x_source.tid=227a0f7b-d714-4a13-a15f-09078f8a30e9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.29846612493857916
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 4e3a9458d56491008e037925e5934cd311a2e8e32615c95662aee5007f8cb470

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 17:29:05 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
2 KB 213ms
150ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509506&size_id=15&alt_size_ids=10&p_pos=atf&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F&tk_flint=pbjs_lite_v4.37.0&x_source.tid=98171aa2-64ae-4393-a8e2-a432a1d67061&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.46444558814271475
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 26ea059dd126a4d1dea671092f5f45ef116331ecd652d953c4ccb315e910d807

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 17:29:05 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
2 KB 147ms
83ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=10&p_pos=atf&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F&tk_flint=pbjs_lite_v4.37.0&x_source.tid=98171aa2-64ae-4393-a8e2-a432a1d67061&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.07933511527325487
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 5effd40df4544ac9fad3fc67c3544947e047f3448d18e6aa076a3aa2f7c36f04

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 17:29:05 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 108ms
53ms XHR
text/plain 18.158.15.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.15.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-15-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
date: Wed, 15 Sep 2021 17:29:05 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
113 B 65ms
10ms XHR
text/plain 18.158.15.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.15.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-15-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
date: Wed, 15 Sep 2021 17:29:05 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 75ms
20ms XHR
text/plain 18.158.15.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.15.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-15-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
date: Wed, 15 Sep 2021 17:29:05 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 200 adreq Show response
ads.servenobid.com/ 414 B
538 B 504ms
397ms XHR
application/json 54.228.75.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=5002
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.75.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-75-94.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: af3aa76004b665fbf3850f3d8837a8a9f0278934d29156b4cb3e08b65ebdc93b

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 17:29:05 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://threatpost.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 673ms
299ms XHR
text/plain 204.237.133.116
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.116 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://threatpost.com
date: Wed, 15 Sep 2021 17:29:06 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 360 B
1 KB 64ms
14ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

7aaa952b38f8d56c3fd3fc948a55c587044c33282ba18e9190d2b3c126659abd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 17:29:05 GMT
X-Proxy-Origin: 216.131.114.163; 216.131.114.163; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f03b9fa9-df45-47aa-b567-1a2372f90911
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 360
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
169 B 459ms
90ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Wed, 15 Sep 2021 17:29:05 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://threatpost.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
410 B 55ms
54ms XHR
text/javascript 54.230.55.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F&pid=Vkz0Jf7nBgsWd&cb=0&ws=1600x1200&v=7.68.00&t=1200&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21707124336%2FThreatPost-970x250-ATF%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F21707124336%2FThreatPost-300x250-ATF%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F21707124336%2FThreatPost-300x600-ATF%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%222x2%22%5D%2C%22sn%22%3A%22%2F21707124336%2FThreatPost-2x2-Skin%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22872cbcec-2bf7-4ab8-a7e9-49faf66a5bc8%22%7D%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.55.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-55-220.ham50.r.cloudfront.net
Software: Server /
Resource Hash: d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:05 GMT
via: 1.1 6c080b1173adbaa14122fac10a76a7c7.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: HAM50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: zRsJdcoxwI8zFkpk5jOp8V7vdcIpYzwWdyHWgbjHLPipadJ_E1Jejg==

GET
H2 200 pixel;r=385901390;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-917105975-16317269...
pixel.quantserve.com/ 35 B
371 B 19ms
11ms Image
image/gif 91.228.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=385901390;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-917105975-1631726945561;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=threatpost.com;je=0;sr=1600x1200x24;dst=0;et=1631726945561;tzo=0;ogl=image.https%3A%2F%2Fmedia%252Ethreatpost%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F103%2F2021%2F07%2F20141444%2Fwhite%2Ctype.article%2Ctitle.Apple%20Issues%20Emergency%20Fix%20for%20NSO%20Zero-Click%20Zero%20Day%2Cdescription.Citizen%20Lab%20urges%20Apple%20users%20to%20update%20immediately%252E%20The%20new%20zero-click%20zero-day%2Curl.https%3A%2F%2Fthreatpost%252Ecom%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 17:29:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
22 KB 60ms
25ms Fetch
application/javascript 104.18.15.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.161 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d13b828524033b9a73c68df3bf063d050d264b970d6292f5a177f885a27e6792

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:05 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 534622
x-amz-request-id: 0PXMQM7HSB7B6YZM
x-amz-id-2: dc6G+1crC7ON7DnlDVNn81eruWzaR49CiUgsAyhuYbSdv5sEjHZ1A5mdmaowqqH0yqBZQJFAm6A=
last-modified: Thu, 09 Sep 2021 12:35:54 GMT
server: cloudflare
etag: W/"80a6d470c029b1acfca7d8abeb00b240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 68f393421da74119-PRG
expires: Wed, 15 Sep 2021 17:59:05 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 108ms
41ms Image
image/gif 142.250.200.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-35676203-21&cid=1718323493.1631726945&jid=1598764759&_u=YEBAAEAAAAAAAC~&z=878528948

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 17:29:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 data Show response
mp.4dex.io/ 26 B
112 B 43ms
43ms XHR
application/json 104.18.15.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mp.4dex.io/data

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.161 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ed6dc25c0545ce6ad509aec899a13cc81124c187c9905306a05652c266fdc85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://threatpost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 17:29:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
cf-ray: 68f393457c822790-PRG
content-length: 26
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 85ms
27ms Script
application/javascript 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=threatpost.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 17:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 128 KB
15 KB 526ms
501ms XHR
text/plain 142.250.180.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3864394198090029&correlator=1228754510247278&output=ldjh&impl=fifs&eid=31061422%2C31062393%2C31061424%2C31062564&vrg=2021091001&ptt=17&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&sc=1&sfv=1-0-38&ecs=20210915&iu_parts=21707124336%2CThreatPost-970x250-ATF%2CThreatPost-300x250-ATF%2CThreatPost-300x600-ATF%2CThreatPost-2x2-Skin&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C336x280%2C300x250%7C300x600%2C2x2&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=urlhost%3Dhttps%253A%252F%252Fthreatpost.com%252F%26urlpath%3D%252Fapple-emergency-fix-nso-zero-click-zero-day%252F169416%252F%26urlquery%3Dgoogfc%26contentid%3D169416%26category%3Dbreaking-news%26contenttags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1631726946&dt=1631726946208&dlt=1631726943660&idt=1706&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1082%2C1082%2C0&adys=8%2C165%2C1225%2C8&adks=1015519800%2C654286612%2C375389812%2C3385906655&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthreatpost.com%2Fapple-emergency-fix-nso-zero-click-zero-day%2F169416%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0%7C300x0%7C300x0%7C1600x0&msz=728x0%7C300x0%7C300x0%7C1600x0&ga_vid=1718323493.1631726945&ga_sid=1631726946&ga_hid=1017504172&ga_fc=false&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f2.1e100.net

Software

cafe /

Resource Hash

d167036b89b06d365a8b4cd383ce890bd020ea0e1055361d0d0764da39900021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15291
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://threatpost.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6d8909bd3cc0024033ac32ba1ddbca66.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AF22 6 KB
4 KB 189ms
30ms Document
text/html 142.250.178.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6d8909bd3cc0024033ac32ba1ddbca66.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6d8909bd3cc0024033ac32ba1ddbca66.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatpost.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 15 Sep 2021 17:29:06 GMT
expires: Thu, 15 Sep 2022 17:29:06 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012109032350000/ 189 KB
55 KB 69ms
19ms Script
text/javascript 216.58.213.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109032350000/amp4ads-v0.mjs

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ber01s14-in-f1.1e100.net

Software

sffe /

Resource Hash

5b50180d19361f6fe64b58067f1a933a07fe538c8d88c81497076713b2872957

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 174110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55553
x-xss-protection: 0
server: sffe
date: Mon, 13 Sep 2021 17:07:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff855bcab669fc1a"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 17:07:17 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012109032350000/v0/ 13 KB
5 KB 100ms
50ms Script
text/javascript 216.58.213.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109032350000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ber01s14-in-f1.1e100.net

Software

sffe /

Resource Hash

b0dd411f02f5b629666261dc8dd9ac72bef9d6fb1fbacddb4463919343734e28

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 174110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4990
x-xss-protection: 0
server: sffe
date: Mon, 13 Sep 2021 17:07:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a08f7255b8f87285"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 17:07:17 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012109032350000/v0/ 89 KB
28 KB 102ms
52ms Script
text/javascript 216.58.213.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109032350000/v0/amp-analytics-0.1.mjs

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ber01s14-in-f1.1e100.net

Software

sffe /

Resource Hash

ae625e9e6b3122d32b8d11214bd5cc002949da0c906f9418053f6a23a821ec5c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 174110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28534
x-xss-protection: 0
server: sffe
date: Mon, 13 Sep 2021 17:07:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fcb7bfffafc8a349"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 17:07:17 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012109032350000/v0/ 4 KB
2 KB 112ms
62ms Script
text/javascript 216.58.213.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109032350000/v0/amp-fit-text-0.1.mjs

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ber01s14-in-f1.1e100.net

Software

sffe /

Resource Hash

f599aefbfabdfe52cc2ad3ed7db44f24b715b50c263438c4cd7818f728f51073

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 174110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1640
x-xss-protection: 0
server: sffe
date: Mon, 13 Sep 2021 17:07:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8affbe378de64f77"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 17:07:17 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012109032350000/v0/ 40 KB
13 KB 110ms
60ms Script
text/javascript 216.58.213.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109032350000/v0/amp-form-0.1.mjs

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ber01s14-in-f1.1e100.net

Software

sffe /

Resource Hash

5273296fe3bf7de7a8a3e91d887085df23af6452519e0b654aeb712aa5d0df95

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 174110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12817
x-xss-protection: 0
server: sffe
date: Mon, 13 Sep 2021 17:07:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "326015506c318bde"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 17:07:17 GMT

GET
DATA 200
OK truncated
/ 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c64c732796aa8593e1ede0199fe248b5e6782e1249f1a024768fc07f0c3abf36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6157924974422949736
tpc.googlesyndication.com/daca_images/simgad/ 63 KB
63 KB 72ms
22ms Image
image/png 142.250.187.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6157924974422949736

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f1.1e100.net

Software

sffe /

Resource Hash

7c448100caf43aa62aaac3ccba529a79366e5e20ef75537c515328814280f8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:17:30 GMT
x-content-type-options: nosniff
age: 94297
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64829
x-xss-protection: 0
last-modified: Mon, 24 Aug 2020 06:37:11 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 15:17:30 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ 2 KB
3 KB 70ms
20ms Image
image/png 142.250.187.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 03:04:00 GMT
x-content-type-options: nosniff
server: cafe
age: 51907
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 16 Sep 2021 03:04:00 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ 295 B
399 B 71ms
21ms Image
image/png 142.250.187.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 03:00:56 GMT
x-content-type-options: nosniff
server: cafe
age: 52091
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 16 Sep 2021 03:00:56 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 33ms
32ms Image
text/html 142.250.180.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJnmaYi1CYfuKEs2mzQaLmr7gB7SouKtkmYH1rvQLuLD5uNUIEAEg0YfSIGDJBqAB09-3mQPIAQLgAgCoAwHIAwiqBIoCT9CNVuv5_ZPjjplR712q9oK4blVce9YTgJm-zfVIniYX4p7iomTCZbtYDTzZvyqj1enr5o9KgQa3MTwe8aXyIkXnj3PiQL3b9CuzXkGkAl8zUKEan_WtQ3Xtgxnwqj31-OcrccLyv_SsL-9jmT_LOcV2FUSBjpMl3WIl4BlDLr50gaLJXsluIpuwbP8q8kJH3jtx0AxAM0gjXt7O62mXQqFAoky6lz-2Hp2e53SUIbKLfgh7YXFdDDHPO_PJspuXk4-H9GIiMMlU_rYP9GNVjN84gMJcXl1rE91xpu-_xA9903sEaCjeTRp2aGu7k-6yxK8DazHe5d0b-de79pRgAHbCTUC_aRq_zaHABK_ukbKPA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAeVoMhmqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHBBD3_nfSCAcIiGEQARgd8ggbYWR4LXN1YnN5bi03MjYzNTczNDQ2ODA0MDc4gAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTk2ODU3MzQ0NDU0NzY4MTQY7MZs&sigh=-kwbJmQ7Jo8
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.180.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr25s32-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 81ms
31ms XHR
application/json 216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021091001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f226.1e100.net

Software

cafe /

Resource Hash

44d93671aecc2f6a95704998d8f90f43db839d7c14d0608f77d6fe226e813c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 17:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8442
x-xss-protection: 0

GET sodar2.js
tpc.googlesyndication.com/sodar/ 0
0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

76ms
26ms

Image
text/html

142.250.200.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: threatpost.com
URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.200.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr48s29-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date: Wed, 15 Sep 2021 17:29:07 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
64 B 76ms
42ms Image
image/gif 216.58.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2AjX-lnAYol0lWx2pZJ2VQyard2qXx-ZaR5pkfJ_rmDdfCoBy0mOiZD-KPpySZN796EzNf0uRuTkUMa58lRChJhc7_eXWY4nPucqIe-zD6OCwTtw&sai=AMfl-YSq0n1pudN5hdgzAUTbms_T-drLf_pD9_myBqGZ-hFNFR8uuqOIW2DeEXRA1qJIKYPWcpR2Rh1-hww62Q06HkqKm-bHm7U5QMPUo6c0dRhwoiocDSVSdEGrKZ-zZ77o&sig=Cg0ArKJSzKyJc7Nyro6EEAE&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=123&tls=1123&g=100&h=100&tt=1123&r=v&avms=ampa&adk=1015519800

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f226.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 17:29:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

279 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416	1969-12-31 23:59:59	Name: _dlt Value: 1
go.sequentur.net/	1970-01-23 12:51:26	Name: visitor_id929133 Value: 654362895
go.sequentur.net/	1970-01-23 12:51:26	Name: visitor_id929133-hash Value: 1c2e3ece71e80fa3335e4a3a477c198598403f8885bf33a3550704f21921bc963ac5d1741b3c6e6828f64e9a26aced146886b7a1
.threatpost.com/	1970-01-20 14:46:38	Name: _ga Value: GA1.2.1718323493.1631726945
.threatpost.com/	1970-01-19 21:16:53	Name: _gid Value: GA1.2.214541775.1631726945
.threatpost.com/	1970-01-19 21:15:27	Name: _gat_UA-35676203-21 Value: 1
threatpost.com/	1970-01-19 21:58:38	Name: _pbjs_userid_consent_data Value: 3524755945110770
.quantserve.com/	1970-01-20 06:45:41	Name: mc Value: 61422d61-8dbd4-db573-ec2d2
.threatpost.com/	1970-01-20 06:39:55	Name: __qca Value: P0-917105975-1631726945561
.adnxs.com/	1970-01-19 23:25:02	Name: icu Value: ChgIzLJhEAoYASABKAEw4dqIigY4AUABSAEQ4dqIigYYAA..
.adnxs.com/	1970-01-19 23:25:02	Name: uuid2 Value: 2125620795493717362
.openx.net/	1970-01-20 06:01:02	Name: i Value: 872cbcec-2bf7-4ab8-a7e9-49faf66a5bc8\|1631726945
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVAywYaQOmrhQ6qYZbyIiI/PTx+vvVOnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG6pEKVeU6zjT6a3MjDFVf/xlH9h
.rubiconproject.com/	1970-01-19 21:16:11	Name: ses15 Value:
.rubiconproject.com/	1970-01-19 21:16:11	Name: vis15 Value: 300372^1
.rubiconproject.com/	1970-01-19 21:16:11	Name: ses2 Value:
.rubiconproject.com/	1970-01-19 21:16:11	Name: vis2 Value: 300372^1
.twitter.com/	1970-01-20 14:46:38	Name: personalization_id Value: "v1_ODZSW7/9MUEF2Nsw/Cz2UQ=="
.rubiconproject.com/	1970-01-20 06:01:02	Name: khaos Value: KTLS3D45-4-FMF8
.rubiconproject.com/	1970-01-20 06:01:02	Name: audit Value: 1\|hLZGFuTafB1mduSRBg+y9xySOUM4yQP+soPVz05fOg5YRFw6lRVejED3pCcW8TpHcpj76PKZXj8oT2OqK/B16qwRNgFmLHdP
e.serverbid.com/	1970-01-20 06:01:02	Name: azk Value: ue1-sb1-23da7874-f0d8-44ed-aabe-8870b4e4a1e9
threatpost.com/	1970-01-20 06:01:02	Name: usprivacy Value: 1---
.threatpost.com/	1970-01-20 06:37:02	Name: __gads Value: ID=a36e34f6ba2649dc-22c865c537cb0022:T=1631726946:S=ALNI_MaHPqZRtpf1yotemXrVCkdkC1r63w
.doubleclick.net/	1970-01-20 14:46:38	Name: IDE Value: AHWqTUmWhwj6CRocwHbFUVqhUa3ullFmHiaSvFpdKl6-X1x3BiiCio4yO0zZuSnXEl0
.doubleclick.net/	1970-01-19 21:15:30	Name: DSID Value: NO_DATA

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://tagan.adlightning.com/math-aids-threatpost/op.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tagan.adlightning.com/math-aids-threatpost/bl-51e1d9e-e467ad0d.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tagan.adlightning.com/math-aids-threatpost/op.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://tagan.adlightning.com/math-aids-threatpost/op.js Message: Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
javascript	warning	URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/ Message: The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
security	error	URL: https://tagan.adlightning.com/ Message: Refused to frame 'https://ap.lijit.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://tagan.adlightning.com/ Message: Refused to frame 'https://js-sec.indexww.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://tagan.adlightning.com/ Message: Refused to frame 'https://public.servenobid.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://tagan.adlightning.com/ Message: Refused to frame 'https://eus.rubiconproject.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://tagan.adlightning.com/ Message: Refused to frame 'https://eu-u.openx.net/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://tagan.adlightning.com/ Message: Refused to frame 'https://eb2.3lift.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://tagan.adlightning.com/ Message: Refused to frame 'https://acdn.adnxs.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://tagan.adlightning.com/ Message: Refused to frame 'https://ads.pubmatic.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://tagan.adlightning.com/ Message: Refused to frame 'https://sync.serverbid.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6d8909bd3cc0024033ac32ba1ddbca66.safeframe.googlesyndication.com
ads.servenobid.com
adservice.google.com
analytics.twitter.com
ap.lijit.com
assets.threatpost.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cd.connatix.com
cdn.ampproject.org
e.serverbid.com
fastlane.rubiconproject.com
geo.ipify.org
go.sequentur.net
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
kasperskycontenthub.com
media.threatpost.com
mp.4dex.io
pagead2.googlesyndication.com
pixel.quantserve.com
prebid.a-mo.net
qd.admetricspro.com
rules.quantcount.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tag.1rx.io
tagan.adlightning.com
teachingaids-d.openx.net
threatpost.com
tlx.3lift.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
cd.connatix.com
tpc.googlesyndication.com
104.18.15.161
104.244.42.195
104.244.42.69
134.209.131.220
142.250.178.1
142.250.180.2
142.250.187.193
142.250.187.194
142.250.187.195
142.250.187.206
142.250.200.2
142.250.200.36
147.75.38.124
151.101.12.157
172.217.16.226
172.217.169.8
172.67.207.112
18.158.15.79
18.192.222.132
184.31.84.150
185.33.220.244
204.237.133.116
213.19.147.43
216.52.2.39
216.58.212.226
216.58.213.1
35.157.246.167
35.173.160.135
35.174.150.168
35.244.159.8
51.89.21.20
52.222.179.64
52.222.186.111
52.222.186.95
54.228.75.94
54.230.206.114
54.230.55.220
64.140.160.2
69.173.144.141
74.125.206.155
91.228.74.134
01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c
038fc4d49a9191d416d49841f371b6e0b06bb40f719124099d40fe8f393b9e2c
03cc687f0c8a2d1694e509b91fcd6c62c0fbdbdbdb850b8007b8052f649c7f77
03cce68dfe7c9a3e3dd4ae5fa86a186b0e2db5ef228bec6c5ddfed431ee4048d
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7
0dec9aeb51462b308a63c0764200387b953392d7012b91c096b2ca88ddb59ba0
1177777bb51be46688cb5027876269279c655932bb9dea08395886fff799138b
1465ea73b9db4601cda29c323ea3eea1fc28337bd2c5193154c9ecbd7bf38bbb
164f113713f0f15f300354fb36e2f2529e5d2f74c0b88ed714e745a277e4be02
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
17aee1fe3d7d16e647b97f568230c2ff36c1855ce35ce930c26aec5d2c58eaf4
19abbc81c9aa894c458863f581dd69a7a700e861311c909426b0449ac6d74e15
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f
1aeb3ee07f4b462935c5d8047ff038c8e279d75f9be1dcd0b848ba68223a3ee2
1d5a65e5129df0b4c89e73f205c6cb89cba0cd1d8e21a1512ca76b769634052d
1f1406375a1b5560e502c60564b2aadb8c54df7d7029543aba8751883920e890
26ea059dd126a4d1dea671092f5f45ef116331ecd652d953c4ccb315e910d807
26fdd87ac6f90149a771880c4db796e3846ee325712d0cbd194e07e861bdddad
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d
3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a
3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26
3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44d93671aecc2f6a95704998d8f90f43db839d7c14d0608f77d6fe226e813c89
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd
4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398
4a46d493692f92617005dda00f97f1189f37f5dd647f3fb328d06cc3529273e3
4e3a9458d56491008e037925e5934cd311a2e8e32615c95662aee5007f8cb470
4e4f76389625a4e86c8328c2d1e01de5e3bb22dfd06edb9873313a6da47e4e14
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2
5273296fe3bf7de7a8a3e91d887085df23af6452519e0b654aeb712aa5d0df95
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf
5b50180d19361f6fe64b58067f1a933a07fe538c8d88c81497076713b2872957
5effd40df4544ac9fad3fc67c3544947e047f3448d18e6aa076a3aa2f7c36f04
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
651e04b0e5647f9e2913196fa892689f13772efe4636cc1bbdad48868f67e1ce
6588da947ea77c208f6093a9fdba61ab0c707e35952e7eb0821f9c138c3af8d7
6ed6dc25c0545ce6ad509aec899a13cc81124c187c9905306a05652c266fdc85
709b3435af6dddb0cd6fabf74952628ee2016914e48bbe7498c2bc39e41318fa
7115cd70253cb099c0df950068a37287302aea32fbbc7e0fba91fdb3c30e44b3
7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866
7aaa952b38f8d56c3fd3fc948a55c587044c33282ba18e9190d2b3c126659abd
7c448100caf43aa62aaac3ccba529a79366e5e20ef75537c515328814280f8dd
7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c6bdb6c54b2fb90a204cf0279e2d868513572d0963ec534083902c1307844b
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb
8d6dbedc85214877c9c54b381fe755c941ea86b748f4796cd0fb961d914624d6
8e36df73429a259ceda26c9d66e040d0012d78914dd3002ea77df55b42a4ca0e
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec
8edaef698e025c37ba9e8d632a895d7252c62251df3f095d5cff17b6f3304854
9222b6d906221d67a6a3613caae8ad439213bab34f39ee3f935d5f7c21f7671b
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
96360cdfad170cb263cb44fcb39b29be40de62551769b40250ec754805bd096e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a103be6f279cae8485833488abe0ba61ec1ee6754a4f35df960fd970a480647f
a3f2db571cdfa70d26d1ea4fc42ae6de6df5a9c02f68b4ecee3b8508a1770931
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad482d8a8ebd9a70876e35968f38df7f5f7d773bf1f3d451e6fea00fdb3a4515
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be
ae625e9e6b3122d32b8d11214bd5cc002949da0c906f9418053f6a23a821ec5c
af3aa76004b665fbf3850f3d8837a8a9f0278934d29156b4cb3e08b65ebdc93b
b0dd411f02f5b629666261dc8dd9ac72bef9d6fb1fbacddb4463919343734e28
b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55
b597cceb87a951a2a82dc4473315305bd9fe95bab1202188ffe11758698cda4b
b5a51464d72d4c1881e6694686718b2faa45f7c9a1e2ceaa35507a499549d774
b813e47b551a74f55e504ad2e4a7fdb97ee55a9497486ffa61f4dfc34e6fd338
bb2d31858387a459f9756d5e0bc82ef986185acc2d09de0ac5462d5b9e495aeb
bbe4e4e4e847a32bd717d963f0ac04b619a7a9cdd631a7454d9dfec16fbae73f
c023c2ee91cd3f525f15ae65edfbe679a4b03c09a4c53020ed81f7eac9276491
c64c732796aa8593e1ede0199fe248b5e6782e1249f1a024768fc07f0c3abf36
cd52765ab641f26faf7c1a3674f65e2c3ee658270cd300a370fc5662ff510d47
cf7cfed153f0642135e6189041f427f9f027a5117d54f883ad52a07bbeca7fe7
d13b828524033b9a73c68df3bf063d050d264b970d6292f5a177f885a27e6792
d167036b89b06d365a8b4cd383ce890bd020ea0e1055361d0d0764da39900021
d213141dcfdeae23ae379124d70426e6de6da8ee08e26e25aef4feabcbdb211e
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d72af0a6149bc4353ba91b1f6aad64e586f727f06eea3d4ab5ffae1bad2de4dd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded6a492601f06707a83121193d35f18e2ef37f4bb0186e6578f0b9a3b77a193
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0
e51f19cde13b14cecb54f28ea6cfae350f56f2fa630974c771bb9a71da54489b
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eeb3bfb6dfdb96c9cd6135255277a50c4c911b00e99fa26f4a83f5bdde23ac23
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f48bb87151a83c17456329424c3cbeb23ae930aab6925f06f37974ec2f312cc6
f4b064d961dd5c30917481f9cf22f400d352737e7dac10d70e574877eef1e8ea
f599aefbfabdfe52cc2ad3ed7db44f24b715b50c263438c4cd7818f728f51073
f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189
faa56d1968744818c877c9bf9f917b408c69e69198e7a27568078d828aa7042f
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

threatpost.com Open in urlscan Pro 35.173.160.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

141 Requests

86 %HTTPS

0 %IPv6

36 Domains

45 Subdomains

41 IPs

6 Countries

2044 kBTransfer

4862 kBSize

25 Cookies

2 Outgoing links

Page URL History

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

86 %
HTTPS

0 %
IPv6

36
Domains

45
Subdomains

41
IPs

6
Countries

2044 kB
Transfer

4862 kB
Size

25
Cookies

141 HTTP transactions
-17 data transactions