threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Submission: On November 05 via manual (November 5th 2019, 3:26:54 pm UTC) from US

Summary HTTP 130 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 42 IPs in 8 countries across 35 domains to perform 130 HTTP transactions. The main IP is 35.173.160.135, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is threatpost.com.
TLS certificate: Issued by Thawte EV RSA CA 2018 on June 17th 2019. Valid for: a year.

This is the only time threatpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	35.173.160.135 35.173.160.135	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
5	2600:9000:21f... 2600:9000:21f3:a200:2:9275:3d40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE - Google LLC)
10	2600:9000:215... 2600:9000:2156:f800:0:5c46:4f40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1 4	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
13	46.166.134.24 46.166.134.24	43350 (NFORCE) (NFORCE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	91.228.74.135 91.228.74.135	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY - Fastly)
6	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:20e... 2600:9000:20eb:6a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1	151.101.113.140 151.101.113.140	54113 (FASTLY) (FASTLY - Fastly)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER - Twitter Inc.)
7	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	13.225.86.250 13.225.86.250	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2600:1f18:26d... 2600:1f18:26d4:7e01:960d:1da3:d671:de2a	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	34.196.45.218 34.196.45.218	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
19	185.127.16.52 185.127.16.52	210329 (CLOUDWEBM...) (CLOUDWEBMANAGE-UK-1)
1	91.228.74.226 91.228.74.226	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER - Twitter Inc.)
1 3	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
1	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
3	52.57.237.233 52.57.237.233	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.33.223.100 185.33.223.100	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2 3	52.215.98.88 52.215.98.88	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	5.39.66.192 5.39.66.192	16276 (OVH) (OVH)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY - Fastly)
1 1	3.215.92.99 3.215.92.99	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	3.225.171.54 3.225.171.54	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1288:110... 2a00:1288:110:c205::2000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
3 3	52.28.145.127 52.28.145.127	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	52.57.21.232 52.57.21.232	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
130	42

19 35.173.160.135 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com

threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kasperskycontenthub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:21f3:a200:2:9275:3d40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

assets.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.23.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2156:f800:0:5c46:4f40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

media.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland) 1 redirects

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: i1.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 46.166.134.24 (Amsterdam, Netherlands)

ASN43350 (NFORCE, NL)

live.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.135 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:6a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.86.250 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-86-250.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:26d4:7e01:960d:1da3:d671:de2a (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.45.218 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-196-45-218.compute-1.amazonaws.com

ipv4.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.127.16.52 (London, United Kingdom)

ASN210329 (CLOUDWEBMANAGE-UK-1, GB)

video.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.226 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

teachingaids-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.124 (Netherlands)

ASN35220 (SPOTX-AMS, NL)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.237.233 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-237-233.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.100 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.215.98.88 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-215-98-88.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.39.66.192 (France)

ASN16276 (OVH, FR)
PTR: s05.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY - Fastly, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.215.92.99 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-215-92-99.compute-1.amazonaws.com

sync.adap.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.171.54 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-225-171-54.compute-1.amazonaws.com

sync.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c205::2000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.145.127 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-145-127.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.21.232 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-21-232.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	threatpost.com threatpost.com assets.threatpost.com media.threatpost.com	780 KB
32	sekindo.com live.sekindo.com video.sekindo.com	4 MB
10	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	106 KB
8	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	134 KB
7	advertising.com 3 redirects ads.adaptv.advertising.com sync.adaptv.advertising.com pixel.advertising.com	2 KB
7	ampproject.org cdn.ampproject.org	379 KB
5	google.com 1 redirects www.google.com adservice.google.com	922 B
4	yahoo.com 1 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	2 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	openx.net 1 redirects teachingaids-d.openx.net u.openx.net	530 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	569 B
2	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	115 B
2	googleapis.com fonts.googleapis.com	1 KB
2	adrta.com 1 redirects adrta.com ipv4.adrta.com	819 B
2	amazon-adsystem.com c.amazon-adsystem.com	29 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	6 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	102 KB
2	google.de adservice.google.de www.google.de	280 B
1	adap.tv 1 redirects sync.adap.tv	221 B
1	id5-sync.com id5-sync.com	274 B
1	adnxs.com ib.adnxs.com	1 KB
1	spotxchange.com search.spotxchange.com	1 KB
1	twitter.com analytics.twitter.com	140 B
1	t.co t.co	171 B
1	reddit.com www.reddit.com	1 KB
1	linkedin.com www.linkedin.com
1	facebook.com graph.facebook.com	547 B
1	quantcount.com rules.quantcount.com	356 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	23 KB
1	wp.com i1.wp.com	65 B
1	gravatar.com 1 redirects secure.gravatar.com	400 B
1	kasperskycontenthub.com kasperskycontenthub.com	367 B
0	rlcdn.com Failed api.rlcdn.com Failed
130	35

	Domain	Requested by
19	video.sekindo.com	threatpost.com live.sekindo.com
18	threatpost.com	threatpost.com live.sekindo.com
13	live.sekindo.com	threatpost.com live.sekindo.com
10	media.threatpost.com	threatpost.com
7	cdn.ampproject.org	securepubads.g.doubleclick.net
7	securepubads.g.doubleclick.net	threatpost.com securepubads.g.doubleclick.net
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net threatpost.com cdn.ampproject.org
5	assets.threatpost.com	threatpost.com
4	www.google.com	1 redirects threatpost.com www.gstatic.com
3	ups.analytics.yahoo.com	1 redirects threatpost.com
3	pixel.advertising.com	3 redirects
3	match.adsrvr.org	2 redirects live.sekindo.com
3	ads.adaptv.advertising.com	live.sekindo.com
2	cm.g.doubleclick.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	u.openx.net	1 redirects live.sekindo.com
2	pagead2.googlesyndication.com
2	fonts.googleapis.com	live.sekindo.com
2	c.amazon-adsystem.com	live.sekindo.com c.amazon-adsystem.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	pr-bh.ybp.yahoo.com	threatpost.com
1	sync.adaptv.advertising.com	threatpost.com
1	sync.adap.tv	1 redirects
1	ads.pubmatic.com	live.sekindo.com
1	id5-sync.com	live.sekindo.com
1	ib.adnxs.com	live.sekindo.com
1	hbopenbid.pubmatic.com	live.sekindo.com
1	search.spotxchange.com	live.sekindo.com
1	teachingaids-d.openx.net	live.sekindo.com
1	analytics.twitter.com	static.ads-twitter.com
1	fonts.gstatic.com	threatpost.com
1	pixel.quantserve.com	threatpost.com
1	ipv4.adrta.com	threatpost.com
1	adrta.com	1 redirects
1	t.co	threatpost.com
1	www.reddit.com	threatpost.com
1	www.linkedin.com	threatpost.com
1	graph.facebook.com	threatpost.com
1	rules.quantcount.com	secure.quantserve.com
1	www.google.de	threatpost.com
1	stats.g.doubleclick.net	1 redirects
1	static.ads-twitter.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googletagmanager.com	threatpost.com
1	i1.wp.com	threatpost.com
1	secure.gravatar.com	1 redirects
1	kasperskycontenthub.com	threatpost.com
0	api.rlcdn.com Failed	live.sekindo.com
130	51

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
feedly.com
www.instagram.com
www.wired.com
msrc-blog.microsoft.com
attendee.gotowebinar.com
akismet.com
t.co
indd.adobe.com
spotlight.threatpost.com

Subject Issuer	Validity	Valid
threatpost.com Thawte EV RSA CA 2018	`2019-06-17` - `2020-06-17`	a year	crt.sh
assets.threatpost.com Amazon	`2019-04-02` - `2020-05-02`	a year	crt.sh
kasperskycontenthub.com Thawte RSA CA 2018	`2019-06-14` - `2020-06-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
media.threatpost.com Amazon	`2019-04-02` - `2020-05-02`	a year	crt.sh
*.wp.com Go Daddy Secure Certificate Authority - G2	`2018-04-10` - `2020-05-11`	2 years	crt.sh
www.google.com GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
www.sekindo.com Go Daddy Secure Certificate Authority - G2	`2019-05-23` - `2020-06-18`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2018-05-30` - `2020-09-01`	2 years	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2018-08-17` - `2020-09-02`	2 years	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.adrta.com COMODO RSA Domain Validation Secure Server CA	`2018-09-01` - `2020-08-31`	2 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2019-03-18` - `2021-03-17`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.adaptv.advertising.com DigiCert SHA2 High Assurance Server CA	`2017-09-20` - `2020-09-18`	3 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.id5-sync.com Go Daddy Secure Certificate Authority - G2	`2017-04-02` - `2020-04-02`	3 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-08-07` - `2020-02-03`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-10-30` - `2020-04-27`	6 months	crt.sh

This page contains 11 frames:

Primary Page: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Frame ID: 7CD74DC76279C0CB235DFD9C293183B8
Requests: 59 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=400&y=291&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&cbuster=1572967596&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=undefined&gdpr=1&gdprConsent=
Frame ID: E8F497D429CE06B19BFB6CF90E43506C
Requests: 31 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=0bBqi43w2fj-Lg1N3qzsqHNu&theme=standard&size=normal&cb=8mxba57dbhsu
Frame ID: 1B912777956BCB56778FD9D730D53A14
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js
Frame ID: F80AF26BA338974143F9E446E63DAE6E
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js
Frame ID: 3012E5C0BB9A7D22D28C3F7CE3F59CDF
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js
Frame ID: 925944E57478DE402AFF72367B33B644
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto
Frame ID: AF055AE474782E90EAEF48F7FC42DFCB
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto
Frame ID: C0DFE2116F5161820FD68F3023EB8473
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=0bBqi43w2fj-Lg1N3qzsqHNu&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=qdin84m7k8xq
Frame ID: 14778B3EB09066D82A3322388D486374
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: E3AEAE7C8D2BB96CBEE93EBF30E7D18B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 39BD02F712CB22A813496AE5DBA26A1D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

130
Requests

98 %
HTTPS

44 %
IPv6

35
Domains

51
Subdomains

42
IPs

8
Countries

5593 kB
Transfer

8256 kB
Size

5
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/threatpost/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/threatpost

Search URL Search Domain Scan URL

URL: https://feedly.com/threatpost

Search URL Search Domain Scan URL

URL: https://www.instagram.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://www.wired.com/story/bluekeep-hacking-cryptocurrency-mining/
Title: according to reports

Search URL Search Domain Scan URL

URL: https://twitter.com/GossiTheDog/status/1190654984553205761
Title: Tweeted

Search URL Search Domain Scan URL

URL: https://twitter.com/MalwareTechBlog/status/1190730471321112577
Title: Tweeted

Search URL Search Domain Scan URL

URL: https://msrc-blog.microsoft.com/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/
Title: stern warning

Search URL Search Domain Scan URL

URL: https://twitter.com/hashtag/bluekeep?src=hashtag_click
Title: #bluekeep

Search URL Search Domain Scan URL

URL: https://twitter.com/JamesAtack/status/1191264112522792960
Title: Tweeted

Search URL Search Domain Scan URL

URL: https://attendee.gotowebinar.com/register/3127445778613605890?source=ART
Title: Threatpost webinar

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

URL: http://twitter.com/search?q=%23ransomware
Title: #ransomware

Search URL Search Domain Scan URL

URL: https://t.co/uxwxlGMMde
Title: https://t.co/uxwxlGMMde

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost
Title: Follow @threatpost

Search URL Search Domain Scan URL

URL: https://indd.adobe.com/view/639c3b32-90d4-40a1-9a31-2c49c7a86075
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://spotlight.threatpost.com/
Title: HackerOne Spotlight

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://secure.gravatar.com/avatar/fab896982b5c9974407bc14bd8b50b84?s=60&d=https%3A%2F%2Fkasperskycontenthub.com%2Fwp-content%2Fthemes%2Fkaspersky-root%2Fassets%2Fimages%2Favatar_default.jpg&r=g HTTP 302
https://i1.wp.com/kasperskycontenthub.com/wp-content/themes/kaspersky-root/assets/images/avatar_default.jpg?ssl=1

Request Chain 48

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=505719726&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&ul=en-us&de=UTF-8&dt=BlueKeep%20Attacks%20Have%20Arrived%2C%20Are%20Initially%20Underwhelming%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YAhAAEAB~&jid=712488025&gjid=215184773&cid=1751957402.1572967597&tid=UA-35676203-21&_gid=1788882411.1572967597&_r=1&gtm=2wgan1PM29HLF&z=703361626 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35676203-21&cid=1751957402.1572967597&jid=712488025&_gid=1788882411.1572967597&gjid=215184773&_v=j79&z=703361626 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1751957402.1572967597&jid=712488025&_v=j79&z=703361626 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1751957402.1572967597&jid=712488025&_v=j79&z=703361626&slf_rd=1&random=238325158

Request Chain 74

https://adrta.com/i?clid=pms&paid=pms&publisherId=19668&caid=&plid=&siteId=101281&kv1=400x291&kv2=threatpost.com&kv3=5dc194ad4191a&kv4=144.76.109.30&kv5=chrome&kv11=11745288215dc194ad44335&kv12=101281&kv15=DE&kv16=&kv17=&kv18=&kv19=&kv24=desktop&kv26=macosx&kv27=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36 HTTP 302
https://ipv4.adrta.com/i?__aas21=2a01:4f8:192:5414::2&clid=pms&paid=pms&publisherId=19668&caid=&plid=&siteId=101281&kv1=400x291&kv2=threatpost.com&kv3=5dc194ad4191a&kv4=144.76.109.30&kv5=chrome&kv11=11745288215dc194ad44335&kv12=101281&kv15=DE&kv16=&kv17=&kv18=&kv19=&kv24=desktop&kv26=macosx&kv27=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36

Request Chain 123

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 125

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D&_test=XcGUrwAAAFHsq36l HTTP 302
https://sync.adap.tv/sync?type=gif&key=tubemogul&uid=XcGUrwAAAFHsq36l&_test=XcGUrwAAAFHsq36l HTTP 302
https://sync.adaptv.advertising.com/sync?type=gif&key=tubemogul&uid=XcGUrwAAAFHsq36l&_test=XcGUrwAAAFHsq36l

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEFFIP2ThBVNlYIN246T0cbk&google_cver=1 HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEFFIP2ThBVNlYIN246T0cbk&google_cver=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFFIP2ThBVNlYIN246T0cbk&google_cver=1&apid=UPa9d904c3-ffe0-11e9-84b4-060ffcaa9e92 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFFIP2ThBVNlYIN246T0cbk&google_cver=1&apid=UPa9d904c3-ffe0-11e9-84b4-060ffcaa9e92&verify=true

Request Chain 128

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://pixel.advertising.com/ups/55953/sync?uid=9c62d2f9-7870-4b8a-bd3a-92ce3051e44f&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=9c62d2f9-7870-4b8a-bd3a-92ce3051e44f HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=9c62d2f9-7870-4b8a-bd3a-92ce3051e44f&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=9c62d2f9-7870-4b8a-bd3a-92ce3051e44f&apid=UPa9d904c3-ffe0-11e9-84b4-060ffcaa9e92

130 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/ 79 KB
20 KB 562ms
177ms Document
text/html 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4e66c0e886f8c071dd0a16cad530969e5ad7a11bffb9d3c29221f5c67f87e4e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: threatpost.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Server: nginx
Date: Tue, 05 Nov 2019 15:26:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Link: <https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/?p=149829>; rel=shortlink
x-cache-hit: HIT
Content-Encoding: gzip

GET
H/1.1 200
OK main.css
threatpost.com/wp-content/themes/threatpost-2018/assets/css/ 227 KB
35 KB 348ms
176ms Stylesheet
text/css 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1572552993
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 082f9475d9d702abb1d79353862bd60f700ed63280c8d961d9a6288cbf2f5e9e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Nov 2019 15:26:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Oct 2019 20:16:33 GMT
Server: nginx
ETag: W/"5dbb4121-38dc0"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=604800, public
Connection: close
Expires: Tue, 12 Nov 2019 15:26:37 GMT

GET
H2 200 /
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 66 KB
15 KB 58ms
7ms Stylesheet
text/css 2600:9000:21f3:a200:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-kaspersky-widgets/css/trending-authors.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=baf570d2

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:21f3:a200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

44ef9b8be9758f4944226128bcbd68f44fca4b8a4d272ad3288427bbd96accb8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 20:29:31 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 68225
x-cache: Hit from cloudfront
status: 200
content-length: 15126
last-modified: Thu, 31 Oct 2019 20:16:34 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-cache-hit: MISS
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: ssfcak_Vw4Waw4teQsaGvW56sUJz3ruwWeDMWwnX1CrVy8XzcJsyDg==
expires: Sat, 02 Nov 2019 20:16:56 GMT

GET
H/1.1 200
OK jquery.js Show response
threatpost.com/wp-includes/js/jquery/ 95 KB
37 KB 348ms
176ms Script
application/x-javascript 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Nov 2019 15:26:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Oct 2019 20:47:26 GMT
Server: nginx
ETag: W/"5da4dede-17a69"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Tue, 12 Nov 2019 15:26:37 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 175 KB
55 KB 60ms
10ms Script
application/x-javascript 2600:9000:21f3:a200:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=baf570d2

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:21f3:a200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

f89d17dc2e4ecb385243b7b4cdaf5d8d9f6d4b9829e2be80afb66d01721835e3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 20:29:31 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 68225
x-cache: Hit from cloudfront
status: 200
content-length: 55884
last-modified: Thu, 31 Oct 2019 20:16:35 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-cache-hit: MISS
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: zc_-uGCodYlTP0up1HmgxM3dzrAnYOXzmw7WWjXM37ASVA6Jm3FlSw==
expires: Fri, 01 Nov 2019 20:20:16 GMT

GET
H/1.1 200
OK / Show response
kasperskycontenthub.com/ 0
367 B 380ms
87ms Script
application/javascript 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=876688138&back=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:37 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: close
Content-Type: application/javascript
x-cache-hit: HIT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 49 KB
15 KB 41ms
41ms Script
text/javascript 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

c4bbc03a9fcd94ea2941b59d5b4d7772cdc893ec3105c3390632fd12b56d303d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 15:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "327 / 241 of 1000 / last-modified: 1572905287"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15503
x-xss-protection: 0
expires: Tue, 05 Nov 2019 15:26:36 GMT

GET
H2 200 abstract-digital-blue.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/06/05095542/ 186 KB
186 KB 141ms
10ms Image
image/jpeg 2600:9000:2156:f800:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/06/05095542/abstract-digital-blue.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:f800:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8c28f9e60045661983b21b06f8bff030a73a58b848b45e812d76c12f631dff8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 01:21:21 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront), 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2019 13:55:44 GMT
server: AmazonS3
age: 100820
etag: "09993fef888bc2b9b3a2d9b488c2414f"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2, FRA50-C1
accept-ranges: bytes
content-length: 190271
x-amz-cf-id: tgzq-N0XF8lXBvOCy8jOgiAaDxgyqtAe-LkiOnhPrMHkhDq26qdRIQ==
expires: Thu, 04 Jun 2020 13:55:42 GMT

GET
H2

404

avatar_default.jpg
i1.wp.com/kasperskycontenthub.com/wp-content/themes/kaspersky-root/assets/images/
Redirect Chain

https://secure.gravatar.com/avatar/fab896982b5c9974407bc14bd8b50b84?s=60&d=https%3A%2F%2Fkasperskycontenthub.com%2Fwp-content%2Fthemes%2Fkaspersky-root%2Fassets%2Fimages%2Favatar_default.jpg&r=g
https://i1.wp.com/kasperskycontenthub.com/wp-content/themes/kaspersky-root/assets/images/avatar_default.jpg?ssl=1

65 B
65 B

39ms
12ms

Image
text/html

192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.wp.com/kasperskycontenthub.com/wp-content/themes/kaspersky-root/assets/images/avatar_default.jpg?ssl=1
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: i1.wp.com
Software: nginx /
Resource Hash: 3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d

Request headers

Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 404
x-nc: UPDATING ams 8
date: Tue, 05 Nov 2019 15:26:37 GMT
server: nginx
content-type: text/html; charset=utf-8

Redirect headers

x-nc: HIT vie 2
date: Tue, 05 Nov 2019 15:26:36 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
source-age: 5281524
status: 302
content-type: text/html; charset=utf-8
location: https://i1.wp.com/kasperskycontenthub.com/wp-content/themes/kaspersky-root/assets/images/avatar_default.jpg?ssl=1
cache-control: max-age=300
link: <https://www.gravatar.com/avatar/fab896982b5c9974407bc14bd8b50b84?s=60&d=https%3A%2F%2Fkasperskycontenthub.com%2Fwp-content%2Fthemes%2Fkaspersky-root%2Fassets%2Fimages%2Favatar_default.jpg&r=g>; rel="canonical"
content-length: 0
expires: Tue, 05 Nov 2019 15:31:36 GMT

GET
H2 200 subscribe2.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/02/19151457/ 8 KB
9 KB 7ms
6ms Image
image/jpeg 2600:9000:2156:f800:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/02/19151457/subscribe2.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:f800:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa64fa30a3263fa3105736228a6feaaa4f7d32d8ef96b12e56f6fb95511b66a7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sun, 08 Sep 2019 02:37:10 GMT
via: 1.1 f0dda47e8f83bee88cb60d3d2e3fa5e5.cloudfront.net (CloudFront), 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified: Tue, 19 Feb 2019 20:14:58 GMT
server: AmazonS3
age: 5057368
etag: "5ba45563f793f39ef6baf02645651654"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2, FRA50-C1
accept-ranges: bytes
content-length: 8281
x-amz-cf-id: Y--v19_5p33KVh_4dA787DzzuSr-R8r2j1ml2l6-Qx7HTvPMO-D3_A==
expires: Wed, 19 Feb 2020 20:14:57 GMT

GET
H2 200 Laser-beam-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/11/04151504/ 24 KB
24 KB 8ms
8ms Image
image/jpeg 2600:9000:2156:f800:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/11/04151504/Laser-beam-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:f800:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d46f3064d0bc8dec9296cb15712ab2c117bfb899922c54745cb5d5ff165d200

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 20:17:26 GMT
via: 1.1 1015c68f2d8c45924ae7198c984dcdde.cloudfront.net (CloudFront), 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified: Mon, 04 Nov 2019 20:15:07 GMT
server: AmazonS3
age: 68214
etag: "f4863675d31f61a8f3bf1d8b364405c3"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53, FRA50-C1
accept-ranges: bytes
content-length: 24587
x-amz-cf-id: n5pfc-89_CPEkgQXK1A1B-K_hWybd7XHzLMOHcE0ZDkriQeXldQxvA==
expires: Tue, 03 Nov 2020 20:15:04 GMT

GET
H2 200 Passwords1-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/02/20142907/ 29 KB
29 KB 8ms
8ms Image
image/jpeg 2600:9000:2156:f800:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/02/20142907/Passwords1-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:f800:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 352bb10106a5335c7385809b33aa104cf39c20136867a0609d6763ded2af7e7a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 03:15:31 GMT
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront), 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified: Wed, 20 Feb 2019 19:29:10 GMT
server: AmazonS3
age: 115940
etag: "a8e1064095d537158434d4df8c179a11"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, FRA50-C1
accept-ranges: bytes
content-length: 29633
x-amz-cf-id: XYExDQKDr_hsNnFxSiPjL1J4aeK_mRBGYoF4mh8UP4LeHWlOb3mpEg==
expires: Thu, 20 Feb 2020 19:29:07 GMT

GET
H2 200 olympics-540x270.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2019/10/29103953/ 21 KB
21 KB 8ms
7ms Image
image/jpeg 2600:9000:2156:f800:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/10/29103953/olympics-540x270.jpeg
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:f800:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 487517bf8c9ca0878f9b54455c79b866f985b9d19ace45e2bdcf2a71a42facc0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 29 Oct 2019 14:59:14 GMT
via: 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront), 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified: Tue, 29 Oct 2019 14:39:56 GMT
server: AmazonS3
age: 126680
etag: "795dcc56248a852f9cc188526ccf87cb"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1, FRA50-C1
accept-ranges: bytes
content-length: 21231
x-amz-cf-id: 9qeBcfFzUPSe_FY0Eq6J1p5SBq-TfX79UCVPJTpwj2YABR0PsPggog==
expires: Wed, 28 Oct 2020 14:39:53 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 729 B
560 B 25ms
25ms Script
text/javascript 2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

64f8815aa79b455228746003b2b30c928d01c6d1de8707206b3e0031d4070cf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 15:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 463
x-xss-protection: 1; mode=block
expires: Tue, 05 Nov 2019 15:26:36 GMT

GET
H2 200 ransomware_tag_cloud_key-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/01/14115123/ 1 KB
2 KB 7ms
7ms Image
image/jpeg 2600:9000:2156:f800:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/01/14115123/ransomware_tag_cloud_key-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:f800:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a25d6b15370e06383386c57fb5278ef22bc15d3151a8059303744f0388e8bbe3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 20:15:17 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront), 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified: Mon, 14 Jan 2019 16:51:25 GMT
server: AmazonS3
age: 1709056
etag: "25d6fb0ea662faf4a812406387e86c13"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, FRA50-C1
accept-ranges: bytes
content-length: 1272
x-amz-cf-id: s-LOa0sMr436s1XLXiXSJkZBZyyumDy8jU6p9UPxdX5tnpaQMbljuw==
expires: Tue, 14 Jan 2020 16:51:23 GMT

GET
H2 200 threat-intelligence-64x64.png
media.threatpost.com/wp-content/uploads/sites/103/2019/09/25182707/ 4 KB
4 KB 7ms
7ms Image
image/png 2600:9000:2156:f800:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/09/25182707/threat-intelligence-64x64.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:f800:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d877b654697728723f01959ffbf74d70842fe9cf331f721be5701b61c217638

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Thu, 26 Sep 2019 12:02:17 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront), 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified: Wed, 25 Sep 2019 22:27:10 GMT
server: AmazonS3
age: 3468261
etag: "f55ce318620c1cf746202293c984dac2"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1, FRA50-C1
accept-ranges: bytes
content-length: 4070
x-amz-cf-id: WeiES_QEdoplljOMSVAFu7SvqYrJ4Z4wgCx9SABH4liGWoNprecyxw==
expires: Thu, 24 Sep 2020 22:27:07 GMT

GET
H2 200 social_engineering-1-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/09/18142900/ 2 KB
3 KB 6ms
6ms Image
image/jpeg 2600:9000:2156:f800:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/09/18142900/social_engineering-1-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:f800:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51b7a583b42d20f16fa2755abe0e8fd716b3ec9378ec42500b0d894927598326

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 18 Sep 2019 18:31:13 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront), 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 18:29:03 GMT
server: AmazonS3
age: 4136125
etag: "a68c4b60ee4a35aab5ae3ce6df6a5d55"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2, FRA50-C1
accept-ranges: bytes
content-length: 2120
x-amz-cf-id: 32L4Nrmoe2t3lYpqb4-3n2i01ytm6zwPOg_SsXyNL0Y0C8yj2d2ZRQ==
expires: Thu, 17 Sep 2020 18:29:00 GMT

GET
H2 200 insider-threat-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/09/10155113/ 1 KB
2 KB 7ms
6ms Image
image/jpeg 2600:9000:2156:f800:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/09/10155113/insider-threat-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:f800:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 535f401ad4d0562612b8bcadc5edb6c194cb6a275f3915511f9d023cfc69fe2a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 10 Sep 2019 20:14:28 GMT
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront), 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified: Tue, 10 Sep 2019 19:51:16 GMT
server: AmazonS3
age: 4821130
etag: "ec77dc87aa47f7ebe4f8e56810e98baa"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA50-C1
accept-ranges: bytes
content-length: 1256
x-amz-cf-id: 2SdgS-y8jqmrq1ZFTLNVZOPGMRaRnceXiQCV2j9XAYsnVw4lets37A==
expires: Wed, 09 Sep 2020 19:51:13 GMT

GET
H2 200 gamification2-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/08/30125154/ 1016 B
1 KB 7ms
6ms Image
image/jpeg 2600:9000:2156:f800:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/08/30125154/gamification2-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:f800:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 93ebb1d614fa1e33c91a00ee803c268fcf812be0282ac38660f29a192109dc86

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Fri, 06 Sep 2019 20:00:48 GMT
via: 1.1 63db28734e1b9429c04087abd41a1692.cloudfront.net (CloudFront), 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified: Fri, 30 Aug 2019 16:52:12 GMT
server: AmazonS3
age: 5167550
etag: "6d043114652213eb6ff41200f8d61f22"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA56, FRA50-C1
accept-ranges: bytes
content-length: 1016
x-amz-cf-id: _5i5r-Ke_ULPUR6DDJWvnVLZwoBUgqR1Um2XWJvekcDo8pwDKadzww==
expires: Sat, 29 Aug 2020 16:52:09 GMT

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ 22 KB
7 KB 77ms
18ms Script
text/javascript 46.166.134.24
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=400&y=291&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.24 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.30
Resource Hash: 59deaca25b1ef82cd5b4a031009eb00d76557add3a300311a376a0b0a7755ad6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Nov 2019 15:26:36 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.30
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/javascript; charset=utf-8

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 2 KB
1 KB 7ms
6ms Script
application/x-javascript 2600:9000:21f3:a200:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/jquery.json.min.js&ver=baf570d2

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:21f3:a200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

a9f6c03ce6f4d1654f29f2136651e883198d509cb2e26af1c24b1f87b6ccae13

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 20:29:31 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 68225
x-cache: Hit from cloudfront
status: 200
content-length: 935
last-modified: Thu, 31 Oct 2019 20:16:32 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-cache-hit: MISS
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: J7LMCAiQJgd9pmB6uE0akM4OdG0GH1Ff5jL1WCGDxjh2uxTA4tDRRw==
expires: Fri, 01 Nov 2019 20:16:52 GMT

GET
H/1.1 200
OK gravityforms.min.js Show response
threatpost.com/wp-content/plugins/gravityforms/js/ 26 KB
10 KB 260ms
87ms Script
application/x-javascript 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.2.6.5
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a783d2ad42c380bc896219c080fa845d1e9f2e77483558103aeb296b95b85701

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Nov 2019 15:26:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Oct 2019 20:16:30 GMT
Server: nginx
ETag: W/"5dbb411e-6923"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Tue, 12 Nov 2019 15:26:37 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 13 KB
5 KB 7ms
6ms Script
application/x-javascript 2600:9000:21f3:a200:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/js/wp-embed.min.js,wp-content/plugins/gravityforms/js/conditional_logic.min.js,wp-content/plugins/gravityforms/js/placeholders.jquery.min.js,wp-content/plugins/akismet/_inc/form.js&ver=baf570d2

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:21f3:a200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

a69c028a3a2d261332d8fb4e17f82257d484d42fd5410b20d22a3ef6e619f66c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 20:29:31 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 68225
x-cache: Hit from cloudfront
status: 200
content-length: 4727
last-modified: Thu, 31 Oct 2019 20:16:32 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-cache-hit: MISS
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: ODn7FD7uiuCSoAbr0jjUAsQd32TiH-ceg499aua48O4Obqzd-nmtqw==
expires: Sat, 02 Nov 2019 20:16:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 68 KB
23 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:806::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e076f23e9d8ed3735576eec49a13860c41fc235bbb34aacbcb78b4591985a34b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 15:26:37 GMT
content-encoding: br
last-modified: Tue, 05 Nov 2019 15:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 23329
x-xss-protection: 0
expires: Tue, 05 Nov 2019 15:26:37 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/ 11 KB
4 KB 607ms
87ms Other
image/svg+xml 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 76ba07e059d9e2113f9c940f1a31efc95bd9d5badd68bbc3637177e892a08099

Request headers

Sec-Fetch-Mode: same-origin
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Nov 2019 15:26:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Oct 2019 20:16:34 GMT
Server: nginx
ETag: W/"5dbb4122-2b9f"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Tue, 12 Nov 2019 15:26:37 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 11 KB
4 KB 616ms
88ms Other
image/svg+xml 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 76ba07e059d9e2113f9c940f1a31efc95bd9d5badd68bbc3637177e892a08099

Request headers

Sec-Fetch-Mode: same-origin
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Nov 2019 15:26:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Oct 2019 20:16:33 GMT
Server: nginx
ETag: W/"5dbb4121-2b9f"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Tue, 12 Nov 2019 15:26:37 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=threatpost.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Nov 2019 15:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=threatpost.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Nov 2019 15:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019103101.js Show response
securepubads.g.doubleclick.net/gpt/ 159 KB
58 KB 41ms
41ms Script
text/javascript 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019103101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

e4ab34b8a905b1076f36fddd2dc1e2dacd9c1bbca6614ab260e9b40aa0dced41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 15:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 31 Oct 2019 13:10:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59272
x-xss-protection: 0
expires: Tue, 05 Nov 2019 15:26:37 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/0bBqi43w2fj-Lg1N3qzsqHNu/ 254 KB
91 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0bBqi43w2fj-Lg1N3qzsqHNu/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ef8d94114f16ad72f9ed3634f5ae54888f45ff87c42bcc330b88141d9b956fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 17:54:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Nov 2019 05:04:25 GMT
server: sffe
age: 77518
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92768
x-xss-protection: 0
expires: Tue, 03 Nov 2020 17:54:39 GMT

GET
H/1.1 200
OK logo.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 19 KB
19 KB 604ms
87ms Image
image/png 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo.png
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=400&y=291&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1572552993
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Nov 2019 15:26:37 GMT
Last-Modified: Thu, 31 Oct 2019 20:16:34 GMT
Server: nginx
ETag: "5dbb4122-4a32"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 18994
Expires: Tue, 12 Nov 2019 15:26:37 GMT

GET
H/1.1 200
OK museosans-300-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 229ms
87ms Font
font/woff2 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=400&y=291&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1572552993
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Nov 2019 15:26:37 GMT
Last-Modified: Thu, 31 Oct 2019 20:16:34 GMT
Server: nginx
ETag: "5dbb4122-51b8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20920
Expires: Wed, 04 Nov 2020 15:26:37 GMT

GET
H/1.1 200
OK mail-plane-light.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 828 B
722 B 605ms
88ms Image
image/svg+xml 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-light.svg
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=400&y=291&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1572552993
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Nov 2019 15:26:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Oct 2019 20:16:33 GMT
Server: nginx
ETag: W/"5dbb4121-33c"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Tue, 12 Nov 2019 15:26:37 GMT

GET
H/1.1 200
OK twitter-blue.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 868 B
847 B 609ms
88ms Image
image/svg+xml 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/twitter-blue.svg
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=400&y=291&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1572552993
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Nov 2019 15:26:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Oct 2019 20:16:33 GMT
Server: nginx
ETag: W/"5dbb4121-364"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Tue, 12 Nov 2019 15:26:37 GMT

GET
H/1.1 200
OK museosans-700-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 330ms
174ms Font
font/woff2 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=400&y=291&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1572552993
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Nov 2019 15:26:37 GMT
Last-Modified: Thu, 31 Oct 2019 20:16:33 GMT
Server: nginx
ETag: "5dbb4121-51a4"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20900
Expires: Wed, 04 Nov 2020 15:26:37 GMT

GET
H/1.1 200
OK museosans-100-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 334ms
172ms Font
font/woff2 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=400&y=291&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1572552993
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Nov 2019 15:26:37 GMT
Last-Modified: Thu, 31 Oct 2019 20:16:33 GMT
Server: nginx
ETag: "5dbb4121-50c8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20680
Expires: Wed, 04 Nov 2020 15:26:37 GMT

GET
H/1.1 200
OK museosans-500-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 256ms
87ms Font
font/woff2 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=400&y=291&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1572552993
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Nov 2019 15:26:37 GMT
Last-Modified: Thu, 31 Oct 2019 20:16:34 GMT
Server: nginx
ETag: "5dbb4122-5194"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20884
Expires: Wed, 04 Nov 2020 15:26:37 GMT

GET
H/1.1 200
OK museosans-700italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 15 KB
16 KB 345ms
175ms Font
font/woff2 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=400&y=291&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1572552993
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Nov 2019 15:26:37 GMT
Last-Modified: Thu, 31 Oct 2019 20:16:33 GMT
Server: nginx
ETag: "5dbb4121-3dcc"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 15820
Expires: Wed, 04 Nov 2020 15:26:37 GMT

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame E8F4 3 KB
2 KB 52ms
28ms Script
text/javascript 46.166.134.24
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=400&y=291&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&cbuster=1572967596&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=undefined&gdpr=1&gdprConsent=
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=400&y=291&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.24 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.30
Resource Hash: 31cf806fa028ec8f8ebbd0a1541d34c32cf70d77e45d1f380c27c242b4d7afd8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Nov 2019 15:26:36 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.30
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK mail-plane-large-dark.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 812 B
722 B 259ms
87ms Image
image/svg+xml 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-large-dark.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1572552993
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Nov 2019 15:26:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Oct 2019 20:16:34 GMT
Server: nginx
ETag: W/"5dbb4122-32c"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Tue, 12 Nov 2019 15:26:37 GMT

GET
H/1.1 200
OK logo-white.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 10 KB
10 KB 260ms
87ms Image
image/png 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo-white.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1572552993
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Nov 2019 15:26:38 GMT
Last-Modified: Thu, 31 Oct 2019 20:16:33 GMT
Server: nginx
ETag: "5dbb4121-260a"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 9738
Expires: Tue, 12 Nov 2019 15:26:38 GMT

GET
H/1.1 200
OK museosans-300italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 23 KB
23 KB 326ms
174ms Font
font/woff2 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1572552993
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Nov 2019 15:26:37 GMT
Last-Modified: Thu, 31 Oct 2019 20:16:33 GMT
Server: nginx
ETag: "5dbb4121-5bac"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 23468
Expires: Wed, 04 Nov 2020 15:26:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 3179
date: Tue, 05 Nov 2019 14:33:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 05 Nov 2019 16:33:38 GMT

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 12 KB
6 KB 31ms
8ms Script
application/x-javascript 91.228.74.135
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.135 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05-Nov-2019 15:26:37 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Tue, 12 Nov 2019 15:26:37 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 6ms
5ms Script
application/javascript 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 15:26:37 GMT
content-encoding: gzip
age: 25984
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-fra19130-FRA
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1572967597.307919,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
7 KB 77ms
77ms XHR
text/plain 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=190410903993546&correlator=59122824882427&output=ldjh&impl=fifs&eid=21062796%2C21063205%2C21065018&vrg=2019103101&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191105&iu_parts=21707124336%2C2x2-Skin%2C970x250-ATF%2C300x250-ATF%2C300x600-ATF&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=2x2%2C970x250%7C728x90%2C300x250%2C300x600%7C300x250&cust_params=urlhost%3Dhttps%253A%252F%252Fthreatpost.com%252F%26urlpath%3D%252Fbluekeep-attacks-have-arrived-are-initially-underwhelming%252F149829%252F%26urlquery%3Dgoogfc%26contentid%3D149829%26category%3Dhacks%26contenttags%3Dbluekeep%252Ccryptocurrency%252Ccryptojacking%252Ccryptomining%252Ccyberattacks%252Cdepartment-homeland-security%252Ciot%252Cmicrosoft%252Cremote-desktop-protocol%252Cwannacry%252Cwindows%252Cworm&cookie_enabled=1&bc=31&abxe=1&lmt=1572967597&dt=1572967597414&dlt=1572967596783&idt=525&frm=20&biw=1585&bih=1200&oid=3&adxs=0%2C308%2C1093%2C1093&adys=4526%2C0%2C407%2C1782&adks=2490549053%2C2675834513%2C974937504%2C960001541&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&dssz=29&icsg=797312&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x2%7C970x250%7C300x250%7C300x600&msz=1585x2%7C970x250%7C300x250%7C300x600&ga_vid=1751957402.1572967597&ga_sid=1572967597&ga_hid=505719726&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

c1130e6aae10ef9bd909278c2ff2a16b2c4926747bd907aded57560afe524794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 15:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6858
x-xss-protection: 0
google-lineitem-id: -2,5203678523,5203678523,5203678523
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138291554562,138291905809,138291554427
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://threatpost.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019103101.js Show response
securepubads.g.doubleclick.net/gpt/ 64 KB
25 KB 42ms
42ms Script
text/javascript 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019103101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

5075b0d31c00903c1a8f437e6e356da4ebf9fe7066ac6809427d184b55fc382c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 15:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 31 Oct 2019 13:10:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25134
x-xss-protection: 0
expires: Tue, 05 Nov 2019 15:26:37 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019103101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

GET
H/1.1 200
OK liveVideo.php Show response
live.sekindo.com/live/ Frame E8F4 912 KB
294 KB 69ms
45ms Script
text/html 46.166.134.24
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=400&y=291&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&cbuster=1572967596&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=undefined&gdpr=1&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.24 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.30
Resource Hash: 5b540185cd635ef5872d4c103475c9c4b23d02ac2eeac1dd1dd38e42063198ad

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:37 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.1.30
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=505719726&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&ul=en...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35676203-21&cid=1751957402.1572967597&jid=712488025&_gid=1788882411.1572967597&gjid=215184773&_v=j79&z=703361626
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1751957402.1572967597&jid=712488025&_v=j79&z=703361626
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1751957402.1572967597&jid=712488025&_v=j79&z=703361626&slf_rd=1&random=238325158

42 B
109 B

30ms
30ms

Image
image/gif

2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1751957402.1572967597&jid=712488025&_v=j79&z=703361626&slf_rd=1&random=238325158

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Nov 2019 15:26:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Nov 2019 15:26:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1751957402.1572967597&jid=712488025&_v=j79&z=703361626&slf_rd=1&random=238325158
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fontawesome-webfont.woff2
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/ 75 KB
76 KB 25ms
8ms Font
font/woff2 2600:9000:21f3:a200:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:a200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Sec-Fetch-Mode: cors
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-kaspersky-widgets/css/trending-authors.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=baf570d2
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sun, 25 Aug 2019 00:22:42 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
age: 6275034
x-cache: Hit from cloudfront
status: 200
content-length: 77160
pragma: public
last-modified: Fri, 23 Aug 2019 05:16:18 GMT
server: nginx
etag: "5d5f76a2-12d68"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: YzL6jMBYnC2gjdLqbs4ii-H7D2ctpNWFcPmPfsmeA800kK9aftbVvw==
expires: Mon, 24 Aug 2020 00:22:42 GMT

GET
H/1.1 200
OK photo-newsletter.jpg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 83 KB
83 KB 346ms
172ms Image
image/jpeg 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/photo-newsletter.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 940e0c3385928422aae38e1a74f1d84b462d8ce1a056c686fde505a0bf3162bb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Nov 2019 15:26:38 GMT
Last-Modified: Thu, 31 Oct 2019 20:16:33 GMT
Server: nginx
ETag: "5dbb4121-14c88"
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 85128
Expires: Tue, 12 Nov 2019 15:26:38 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 1B91 0
0 30ms
30ms Document
text/html 2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=0bBqi43w2fj-Lg1N3qzsqHNu&theme=standard&size=normal&cb=8mxba57dbhsu

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0bBqi43w2fj-Lg1N3qzsqHNu/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jUoUSfkkhJHwPqN6R+PKnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=0bBqi43w2fj-Lg1N3qzsqHNu&theme=standard&size=normal&cb=8mxba57dbhsu
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 05 Nov 2019 15:26:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-jUoUSfkkhJHwPqN6R+PKnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9444
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 rules-p-_7kVx0t9Jqj90.js Show response
rules.quantcount.com/ 3 B
356 B 375ms
358ms Script
application/x-javascript 2600:9000:20eb:6a00:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-_7kVx0t9Jqj90.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:6a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 15:26:28 GMT
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 14
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: nSveu4gNePLuqNCN_IPAqDQ8DPuUhX9gjlgBq3XOuEl3ET-XN5IW9w==

GET
H2 200 / Show response
graph.facebook.com/ 103 B
547 B 55ms
41ms XHR
application/json 2a03:2880:f01c:800e:face:b00c:0:2
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

ce4832580276f0cc9c6cca7cc9dd88929fd6080faef6de2e0d605a4bd92be071

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

strict-transport-security: max-age=15552000; preload
etag: "aa6275bc8d92cebb9b6fd6589da7fe63e45b28de"
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
x-fb-rev: 1001384777
alt-svc: h3-23=":443"; ma=3600
content-length: 103
pragma: no-cache
x-fb-debug: EnWi8V7lie/0xkhs3MG+wu8pdLhgCwFItaeT0Yh/6RGnFKCxvWosOtCKBE+mUWogozSY8m4mmcYpci/UqCWOlw==
x-fb-trace-id: BgMBQmtUPOx
date: Tue, 05 Nov 2019 15:26:37 GMT
content-type: application/json
access-control-allow-origin: *
x-fb-request-id: A9Hlb-DH_3CyQYGvnrf6AcV
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.10
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 404 share
www.linkedin.com/countserv/count/ 0
0 115ms
114ms Script
text/html 2a05:f500:10:101::b93f:9101
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linkedin.com/countserv/count/share?url=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&format=jsonp&callback=jQuery1124013484104780774575_1572967597154&_=1572967597155
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9101 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

GET
H2 200 info.json Show response
www.reddit.com/api/ 102 B
1 KB 236ms
221ms XHR
application/json 151.101.113.140
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

snooserv /

Resource Hash

f4f2c0a4763f01ee2b13b4f8189e6fd5f32bd704d71fed8d0f11883de9724198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 05 Nov 2019 15:26:37 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
content-length: 102
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4074-HHN
x-moose: majestic
expires: -1
server: snooserv
x-timer: S1572967598.571308,VS0,VE214
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 adsct
t.co/i/ 43 B
171 B 270ms
270ms Image
image/gif 104.244.42.197
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 15:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 264
pragma: no-cache
last-modified: Tue, 05 Nov 2019 15:26:37 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: b24a3078b61442185ab16b6daf812614
x-transaction: 000384a2008fb275
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011910251950120/ 20 KB
8 KB 39ms
19ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910251950120/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

866c1cf254c11afbcb1689842e0eb3ed4973f7edada9f814d5e6b72cd54b9b56

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 2618
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7923
x-xss-protection: 0
server: sffe
date: Tue, 05 Nov 2019 14:42:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "78dc79e454080e42"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Nov 2020 14:42:59 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011910251950120/ Frame F80A 243 KB
77 KB 46ms
26ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

25226e6e3ba0503974bdf2075bc6e44ff223c59520aae1f1722759050d988232

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 8537
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 78754
x-xss-protection: 0
server: sffe
date: Tue, 05 Nov 2019 13:04:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e013cb1224f59e75"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Nov 2020 13:04:20 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011910251950120/v0/ Frame F80A 151 KB
47 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910251950120/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e21da87120c823e7856f1e2af9d73746e19590b71407869dccb2d203115d451c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 8654
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 47460
x-xss-protection: 0
server: sffe
date: Tue, 05 Nov 2019 13:02:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8efde0f72d912957"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Nov 2020 13:02:23 GMT

GET
DATA 200
OK truncated
/ Frame F80A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c825c89c57f7b6713283f8360305176a5ca57634f7ef21e52c58a713a0a20c83

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011910251950120/ Frame 3012 243 KB
77 KB 38ms
25ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

25226e6e3ba0503974bdf2075bc6e44ff223c59520aae1f1722759050d988232

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 8537
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 78754
x-xss-protection: 0
server: sffe
date: Tue, 05 Nov 2019 13:04:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e013cb1224f59e75"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Nov 2020 13:04:20 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011910251950120/v0/ Frame 3012 151 KB
46 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910251950120/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e21da87120c823e7856f1e2af9d73746e19590b71407869dccb2d203115d451c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 8654
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 47460
x-xss-protection: 0
server: sffe
date: Tue, 05 Nov 2019 13:02:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8efde0f72d912957"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Nov 2020 13:02:23 GMT

GET
DATA 200
OK truncated
/ Frame 3012 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fa7ee8a734f8b381eab13fd4843321d67228a0b4705bb7692a88659c42123a1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011910251950120/ Frame 9259 243 KB
77 KB 21ms
13ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

25226e6e3ba0503974bdf2075bc6e44ff223c59520aae1f1722759050d988232

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 8537
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 78754
x-xss-protection: 0
server: sffe
date: Tue, 05 Nov 2019 13:04:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e013cb1224f59e75"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Nov 2020 13:04:20 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011910251950120/v0/ Frame 9259 151 KB
46 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910251950120/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019103101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e21da87120c823e7856f1e2af9d73746e19590b71407869dccb2d203115d451c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 8654
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 47460
x-xss-protection: 0
server: sffe
date: Tue, 05 Nov 2019 13:02:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8efde0f72d912957"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Nov 2020 13:02:23 GMT

GET
DATA 200
OK truncated
/ Frame 9259 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25e8f0d54945a9f8f39857028c2f611bf4947b790a45a6c37f2d4bc5bf6fc9f1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6724660090432861970
tpc.googlesyndication.com/simgad/ Frame F80A 28 KB
28 KB 8ms
6ms Image
image/png 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6724660090432861970

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

658cd890cc8ab4258fa635bd02f049a19cf9906357c3ab5ab135c2a7e23ecb08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 06:26:03 GMT
x-content-type-options: nosniff
age: 550834
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28179
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 15:06:43 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Oct 2020 06:26:03 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F80A 0
75 B 17ms
16ms Image
image/gif 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-UrdeJMpZ5g_kTQ8zZ2PsM_x6tYfb5Hm948_xnaN3gkwHq57MSXBH_7ze4KAXdCez3ryDNEMS2jkrh9wuK6zMpT1ZdmjmP0asvFj6XYaWIh2671LVGSBDwn8Ai_X24g6h5iSDqPNhWqW9bsciJHlYD6LoxpZR1PMr_pKU5HV5jcd59YaFxvXwczO84PFmEaJDourk7_nXcytGE3K-vpsKGMarzpU_ddqI6cuxTFniiBqDBbaVFewQUZuN1RhpPvLsMKy-o2I&sai=AMfl-YSHgP8gH50VKtM_ZWjiOFTnHte7jO3p_EBMqII01OFP2GNxFWQXutSQ69ff7OsNj444P9Qjr32j-sTnsBhoA5FWzkuBjiSJOecFSiI0&sig=Cg0ArKJSzIRCBHajZ0deEAE&adurl=

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Nov 2019 15:26:37 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 17005452282922285100
tpc.googlesyndication.com/simgad/ Frame 3012 22 KB
23 KB 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17005452282922285100

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8af9277beea03fa6657fbefb20592a05e592b3ca05d824ea2f4e92e42eb0910e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:34:40 GMT
x-content-type-options: nosniff
age: 532317
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 23027
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 15:07:16 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Oct 2020 11:34:40 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3012 0
255 B 27ms
27ms Image
image/gif 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJbE7w6Z8-FUrSji7OxYPzauy4uvm2NrIiz3_LZnwYCkfHJs6VQGy71vMSij7AKnb9EAdzUxLmJlZ6I6U3KX0rkSnQAFYaKDRGxRzIDlx3GtD5pwBjDkKbh0hg14Bu5VfJuM9OFhQizkIwvl5t_Kd0QiSNj6PXwTOSGtmgPPHZiuJVLYENDFedy-dNK1kQ3FbPuIaFYyleWR1hQkP8EfFe5hjIgySLXPSOV65SyDVmdk5R6POT-C75wwFjIwbPVK-NruJirc0&sai=AMfl-YT0fourjFgQgDHSQz9loOH_c_JYk327vsvLmhFTYisVL3VikDPxFNl4ZXwayaLQsPHoiD-QmHIvj6mFB3RAifRJfldzSx2qnlaMMo_P&sig=Cg0ArKJSzBj7bU3EHL0rEAE&adurl=

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Nov 2019 15:26:37 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Nov 2019 15:26:37 GMT

GET
H2 200 14538969332801618795
tpc.googlesyndication.com/simgad/ Frame 9259 28 KB
28 KB 7ms
7ms Image
image/png 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14538969332801618795

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1b58502f35dc1b48ad4f026a8fb9e473d01ddaf6211f6548c10b57cebed78b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Fri, 01 Nov 2019 19:38:35 GMT
x-content-type-options: nosniff
age: 330482
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28350
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 15:06:26 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Oct 2020 19:38:35 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9259 0
256 B 21ms
19ms Image
image/gif 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvL-QUQfIiRFcRZqKjgL1aZJUfk0ot9MHmQJKKm21VjZl100lNJP4ATS_Fczf-icWb7woZyrLRgUZU7FadgdA4EcB9kja4MZ-VcHQTtnf972bIR3oEkYBNKMu29Waso05bnXtCHDJHZap6CZWu4q7VJj23YIeySQvkyhipGgVlTGEkSJz9FXhI6cGkK_3w6dpN5jrfXStwwKZgcTblaq-JZmDUg8EWp9DEQGXawa0iDOQiVL0Nm1vrNvKyIK0lTknKSAg2nd6c&sai=AMfl-YQUCXd3D75_GzQoQEMzNAs7rk_CWvfQZSUk-KHjqsrMstj69C_TV6URiHQJRR7sT1cAOtgvlegIO9vAzUsKFkPj0dp6szBGLwn4ralG&sig=Cg0ArKJSzCREG_uigNgsEAE&adurl=

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Nov 2019 15:26:37 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Nov 2019 15:26:37 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame E8F4 88 KB
26 KB 24ms
7ms Script
application/javascript 13.225.86.250
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 1d578dc3367ffc480f6c230a912f72e3906d4438b5daaf1c319fd3b7a006cd3d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 15:42:53 GMT
content-encoding: gzip
server: Server
age: 85422
etag: 4802c581ddff8a15b3e0b68c83bbce7b
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: UXauCIhbTlGwmbfj9lAvbpIeirvHiILAFfjjWD2uyQsZ3lNSI4ui6w==
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)

GET
H2

200

i
ipv4.adrta.com/ Frame E8F4
Redirect Chain

https://adrta.com/i?clid=pms&paid=pms&publisherId=19668&caid=&plid=&siteId=101281&kv1=400x291&kv2=threatpost.com&kv3=5dc194ad4191a&kv4=144.76.109.30&kv5=chrome&kv11=11745288215dc194ad44335&kv12=101...
https://ipv4.adrta.com/i?__aas21=2a01:4f8:192:5414::2&clid=pms&paid=pms&publisherId=19668&caid=&plid=&siteId=101281&kv1=400x291&kv2=threatpost.com&kv3=5dc194ad4191a&kv4=144.76.109.30&kv5=chrome&kv1...

43 B
402 B

265ms
88ms

Image
image/gif

34.196.45.218
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipv4.adrta.com/i?__aas21=2a01:4f8:192:5414::2&clid=pms&paid=pms&publisherId=19668&caid=&plid=&siteId=101281&kv1=400x291&kv2=threatpost.com&kv3=5dc194ad4191a&kv4=144.76.109.30&kv5=chrome&kv11=11745288215dc194ad44335&kv12=101281&kv15=DE&kv16=&kv17=&kv18=&kv19=&kv24=desktop&kv26=macosx&kv27=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.45.218 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-196-45-218.compute-1.amazonaws.com
Software: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Nov 2019 15:26:38 GMT
server: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips
content-type: image/gif
status: 200
cache-control: no-cache
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

status: 302
date: Tue, 05 Nov 2019 15:26:37 GMT
server: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips
content-length: 0
location: https://ipv4.adrta.com/i?__aas21=2a01:4f8:192:5414::2&clid=pms&paid=pms&publisherId=19668&caid=&plid=&siteId=101281&kv1=400x291&kv2=threatpost.com&kv3=5dc194ad4191a&kv4=144.76.109.30&kv5=chrome&kv11=11745288215dc194ad44335&kv12=101281&kv15=DE&kv16=&kv17=&kv18=&kv19=&kv24=desktop&kv26=macosx&kv27=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36

GET
H2 200 css
fonts.googleapis.com/ Frame AF05 2 KB
592 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 05 Nov 2019 15:26:37 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 05 Nov 2019 15:26:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 05 Nov 2019 15:26:37 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C0DF 2 KB
546 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 05 Nov 2019 15:26:37 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 05 Nov 2019 15:26:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 05 Nov 2019 15:26:37 GMT

GET
H/1.1 200
OK placeHolder.png
live.sekindo.com/content/video/splayer/assets/ 23 KB
24 KB 39ms
14ms Image
image/png 46.166.134.24
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/content/video/splayer/assets/placeHolder.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.24 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx /
Resource Hash: 76102878c1198de858725194952ba1c6b35bdee0f870cc6a124e93d17385e64e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:37 GMT
Last-Modified: Sun, 11 Jun 2017 08:03:58 GMT
Server: nginx
ETag: "593cf96e-5dbf"
Content-Type: image/png
Cache-Control: no-cache, private
Accept-Ranges: bytes
Content-Length: 23999
Expires: Tue, 05 Nov 2019 15:26:36 GMT

GET
H/1.1 200
OK vid5dc0904fa078c491390251.jpg
video.sekindo.com/uploads/cn10/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame C0DF 7 KB
8 KB 78ms
19ms Image
image/jpeg 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn10/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.jpg?cbuster=1572900950

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

a016f64a1c94a740d8551ef430b76e35be1c84a07c8e70f7a8c8e738f40e3c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:36 GMT
Last-Modified: Mon, 04 Nov 2019 20:56:24 GMT
Server: Tengine
ETag: "5dc09078-1d06"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 7430
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5db7e3f1d6291074671067.jpg
video.sekindo.com/uploads/cn10/video/users/converted/24485/video1523972806/ Frame C0DF 23 KB
23 KB 95ms
36ms Image
image/jpeg 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn10/video/users/converted/24485/video1523972806/vid5db7e3f1d6291074671067.jpg?cbuster=1572332531

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

ab5e1a02f91bc9443467e816bd0c0b1506200963cbed9386ccdd805f127e4baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:36 GMT
Last-Modified: Tue, 29 Oct 2019 07:03:20 GMT
Server: Tengine
ETag: "5db7e438-5c55"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 23637
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5db7896da0aac947139787.jpg
video.sekindo.com/uploads/cn9/video/users/converted/24485/video1523972806/ Frame C0DF 19 KB
20 KB 98ms
38ms Image
image/jpeg 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn9/video/users/converted/24485/video1523972806/vid5db7896da0aac947139787.jpg?cbuster=1572309359

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

ad3e5e38216e5b13b79daf32495743f04b452ff5f7b936ea5e457f2f36e1436e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:36 GMT
Last-Modified: Tue, 29 Oct 2019 00:47:38 GMT
Server: Tengine
ETag: "5db78c2a-4ce1"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 19681
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5db78972b9ee5741081601.jpg
video.sekindo.com/uploads/cn9/video/users/converted/24485/video1523972806/ Frame C0DF 9 KB
9 KB 81ms
21ms Image
image/jpeg 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn9/video/users/converted/24485/video1523972806/vid5db78972b9ee5741081601.jpg?cbuster=1572309364

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

6cd70b4f239ef927a651233ccd24424a679f57d2330c9dd3141013be6d373cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:36 GMT
Last-Modified: Tue, 29 Oct 2019 00:37:04 GMT
Server: Tengine
ETag: "5db789b0-237c"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 9084
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5db73b905ef83569695326.jpg
video.sekindo.com/uploads/cn9/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame C0DF 2 KB
3 KB 82ms
18ms Image
image/jpeg 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn9/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5db73b905ef83569695326.jpg?cbuster=1572289431

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

bd78ccd86b7a12989f496475e98987793e6003ec9f5efe778ca4fbfd887b333d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:36 GMT
Last-Modified: Mon, 28 Oct 2019 19:04:41 GMT
Server: Tengine
ETag: "5db73bc9-8ab"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 2219
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5dc0f1e5ec9ed545915799.jpg
video.sekindo.com/uploads/cn8/video/users/converted/24485/video1523972806/ Frame C0DF 13 KB
14 KB 96ms
18ms Image
image/jpeg 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn8/video/users/converted/24485/video1523972806/vid5dc0f1e5ec9ed545915799.jpg?cbuster=1572925927

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

e98b015995770420a20af6b768ada3a4ac4a11bccd4c9f8bd6b46bff66b8cea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:36 GMT
Last-Modified: Tue, 05 Nov 2019 03:53:50 GMT
Server: Tengine
ETag: "5dc0f24e-35fa"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 13818
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5dc0f1e45aacf777787692.jpg
video.sekindo.com/uploads/cn8/video/users/converted/24485/video1523972806/ Frame C0DF 13 KB
14 KB 18ms
17ms Image
image/jpeg 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn8/video/users/converted/24485/video1523972806/vid5dc0f1e45aacf777787692.jpg?cbuster=1572925924

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

b4d605565c1030952a3690ec0faf45e4fe909c838fdbe195e3c7487b5adc6922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:36 GMT
Last-Modified: Tue, 05 Nov 2019 03:53:14 GMT
Server: Tengine
ETag: "5dc0f22a-35b4"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 13748
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5dc0f1e25a7ca677680366.jpg
video.sekindo.com/uploads/cn8/video/users/converted/24485/video1523972806/ Frame C0DF 17 KB
18 KB 18ms
18ms Image
image/jpeg 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn8/video/users/converted/24485/video1523972806/vid5dc0f1e25a7ca677680366.jpg?cbuster=1572925923

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

287ef359fd0ee77565247dac9629ded5911db58b4ac8d7b78b89435d6860a174

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:36 GMT
Last-Modified: Tue, 05 Nov 2019 03:53:08 GMT
Server: Tengine
ETag: "5dc0f224-45ee"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 17902
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5dc0f1e923e5e480236204.jpg
video.sekindo.com/uploads/cn8/video/users/converted/24485/video1523972806/ Frame C0DF 8 KB
9 KB 19ms
18ms Image
image/jpeg 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn8/video/users/converted/24485/video1523972806/vid5dc0f1e923e5e480236204.jpg?cbuster=1572925930

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

7104502e3ae4295349723205e6104d1343fa49bdf356cb3c93b31b62cea9ef9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:36 GMT
Last-Modified: Tue, 05 Nov 2019 03:54:33 GMT
Server: Tengine
ETag: "5dc0f279-21ee"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 8686
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5dc0f1ea7e58b237558194.jpg
video.sekindo.com/uploads/cn8/video/users/converted/24485/video1523972806/ Frame C0DF 21 KB
21 KB 18ms
18ms Image
image/jpeg 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn8/video/users/converted/24485/video1523972806/vid5dc0f1ea7e58b237558194.jpg?cbuster=1572925932

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

3b546ffc169727e9c8c9c4d4f5d70267345aab6c0d7223d20d88d8953367a013

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:36 GMT
Last-Modified: Tue, 05 Nov 2019 03:55:06 GMT
Server: Tengine
ETag: "5dc0f29a-536e"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 21358
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame E8F4 6 KB
3 KB 21ms
7ms XHR
application/javascript 13.225.86.250
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 14:32:07 GMT
content-encoding: gzip
vary: Origin
age: 3271
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Fri, 01 Nov 2019 13:46:13 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: vmMS8R0TmX5R0Bl-YmMJR8NYUYSOP6diYZH0akEMQd8PhoVnhEofRw==

GET
H2 200 6724660090432861970
tpc.googlesyndication.com/simgad/ Frame F80A 28 KB
28 KB 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6724660090432861970

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

658cd890cc8ab4258fa635bd02f049a19cf9906357c3ab5ab135c2a7e23ecb08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 06:26:03 GMT
x-content-type-options: nosniff
age: 550834
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28179
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 15:06:43 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Oct 2020 06:26:03 GMT

GET
H2 200 14538969332801618795
tpc.googlesyndication.com/simgad/ Frame 9259 28 KB
28 KB 9ms
9ms Image
image/png 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14538969332801618795

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1b58502f35dc1b48ad4f026a8fb9e473d01ddaf6211f6548c10b57cebed78b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Fri, 01 Nov 2019 19:38:35 GMT
x-content-type-options: nosniff
age: 330482
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28350
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 15:06:26 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Oct 2020 19:38:35 GMT

GET
H/1.1 200
OK vid5dc0904fa078c491390251.jpg
video.sekindo.com/uploads/cn10/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame AF05 7 KB
8 KB 55ms
22ms Image
image/jpeg 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn10/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.jpg?cbuster=1572900950

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),

Reverse DNS

Software

Tengine /

Resource Hash

a016f64a1c94a740d8551ef430b76e35be1c84a07c8e70f7a8c8e738f40e3c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://amli.sekindo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:36 GMT
Last-Modified: Mon, 04 Nov 2019 20:56:24 GMT
Server: Tengine
ETag: "5dc09078-1d06"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 7430
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame AF05 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AF05 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 1477 0
0 28ms
28ms Document
text/html 2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=0bBqi43w2fj-Lg1N3qzsqHNu&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=qdin84m7k8xq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0bBqi43w2fj-Lg1N3qzsqHNu/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6yuN6e5P+haF+6+wOx3sOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=0bBqi43w2fj-Lg1N3qzsqHNu&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=qdin84m7k8xq
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 05 Nov 2019 15:26:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-6yuN6e5P+haF+6+wOx3sOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1114
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame E8F4 35 KB
2 KB 281ms
281ms XHR
application/json 46.166.134.24
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.0.0&vid_viewabilityState=0&vid_playbackMethod=auto&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn10%2Fvideo%2Fusers%2Fconverted%2F28530%2Fvideo_5d5baf9fe4c32389620327%2Fvid5dc0904fa078c491390251.mp4&vid_content_id=563550&vid_content_desc=Instagram+taking+action+against+%27spy+app%27&vid_content_title=Instagram+taking+action+against+%27spy+app%27&vid_content_duration=54&x=400&y=225&fpl=2&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&geoLati=51.29930114746094&geoLong=9.491000175476074&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&debugInformation=&gdpr=1&csuuid=5dc194ad4191a&cbuster=1572967598025&gdprConsent=&isWePassGdpr=0
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.24 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.30
Resource Hash: 78b1956ef472e64f7c86131cccfd57d053f67b65452689cbfa52e6335611a246

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Nov 2019 15:26:37 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.30
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 2038

GET
H/1.1 200
OK pixel;r=934886219;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F;fpan=1;fpa=P0-1522400562-1572967598075;ns=0;ce=1;qj...
pixel.quantserve.com/ 35 B
494 B 30ms
7ms Image
image/gif 91.228.74.226
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=934886219;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F;fpan=1;fpa=P0-1522400562-1572967598075;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1572967598074;tzo=-60;ogl=image.https%3A%2F%2Fmedia%252Ethreatpost%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F103%2F2019%2F06%2F05095542%2Fabstr%2Ctype.article%2Ctitle.BlueKeep%20Attacks%20Have%20Arrived%252C%20Are%20Initially%20Underwhelming%2Cdescription.The%20first%20attacks%20that%20exploit%20the%20zero-day%20Windows%20vulnerability%20install%20crypto%2Curl.https%3A%2F%2Fthreatpost%252Ecom%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.226 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Nov 2019 15:26:38 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame E8F4 35 KB
2 KB 481ms
455ms XHR
application/json 46.166.134.24
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.0.0&vid_viewabilityState=0&vid_playbackMethod=auto&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn10%2Fvideo%2Fusers%2Fconverted%2F28530%2Fvideo_5d5baf9fe4c32389620327%2Fvid5dc0904fa078c491390251.mp4&vid_content_id=563550&vid_content_desc=Instagram+taking+action+against+%27spy+app%27&vid_content_title=Instagram+taking+action+against+%27spy+app%27&vid_content_duration=54&x=320&y=180&fpl=2&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&geoLati=51.29930114746094&geoLong=9.491000175476074&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&debugInformation=&gdpr=1&csuuid=5dc194ad4191a&cbuster=1572967598114&gdprConsent=&isWePassGdpr=0
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.24 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.30
Resource Hash: 16ea27c119578893eba6f9a33e3f8fd9b4075e3a8bcb4da9080079c96765bf43

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Nov 2019 15:26:37 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.30
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 2041

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame E8F4 62 KB
3 KB 473ms
449ms XHR
application/json 46.166.134.24
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.0.0&vid_viewabilityState=1&vid_playbackMethod=auto&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn10%2Fvideo%2Fusers%2Fconverted%2F28530%2Fvideo_5d5baf9fe4c32389620327%2Fvid5dc0904fa078c491390251.mp4&vid_content_id=563550&vid_content_desc=Instagram+taking+action+against+%27spy+app%27&vid_content_title=Instagram+taking+action+against+%27spy+app%27&vid_content_duration=54&x=320&y=180&fpl=2&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&geoLati=51.29930114746094&geoLong=9.491000175476074&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&debugInformation=&gdpr=1&csuuid=5dc194ad4191a&cbuster=1572967598128&gdprConsent=&isWePassGdpr=0
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.24 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.30
Resource Hash: 4a188decf6c2063623459b7ca4a50e8cacaba866b3b22e74c5a9f1509ce6c6b9

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Nov 2019 15:26:38 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.30
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 2619

GET
H/1.1 200
OK chunklist_640.m3u8 Show response
video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.mp4/ Frame E8F4 392 B
792 B 77ms
19ms XHR
application/vnd.apple.mpegurl 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.mp4/chunklist_640.m3u8
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: cf38dc1849498a12875ccc61401a45d52e8efc88d55b82c50ca56fdfa5ba205a

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:36 GMT
Last-Modified: Mon, 04 Nov 2019 20:56:49 GMT
Server: Tengine
ETag: "5dc09091-188"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Tue, 12 Nov 2019 15:26:36 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 392
X-Proxy-Cache: HIT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame AF05 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Thu, 31 Oct 2019 18:43:13 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 420205
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11016
x-xss-protection: 0
expires: Fri, 30 Oct 2020 18:43:13 GMT

GET
H/1.1 200
OK w_640_000.ts Show response
video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.mp4/ Frame E8F4 474 KB
475 KB 42ms
42ms XHR
video/mp2t 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.mp4/w_640_000.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 49818d15e560296b11d38bc1f155de85c64d5f1c8c8942e116e8a1200a93358d

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:36 GMT
Last-Modified: Mon, 04 Nov 2019 20:56:46 GMT
Server: Tengine
ETag: "5dc0908e-768e4"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Tue, 12 Nov 2019 15:26:36 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 485604
X-Proxy-Cache: HIT

GET
BLOB 200
OK 556349e5-7b24-41e2-baf5-a5b5ad631b50
https://threatpost.com/ Frame E8F4 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://threatpost.com/556349e5-7b24-41e2-baf5-a5b5ad631b50
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Sec-Fetch-Mode: same-origin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
140 B 126ms
126ms Script
application/javascript 104.244.42.195
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 15:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 120
pragma: no-cache
last-modified: Tue, 05 Nov 2019 15:26:38 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 530ce0795482e38b4eba84410d99a83e
x-transaction: 00dcad6000dd32b0
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK w_640_001.ts Show response
video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.mp4/ Frame E8F4 540 KB
540 KB 30ms
29ms XHR
video/mp2t 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.mp4/w_640_001.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 0677813a073d549a3705bbae9143a064807e4bb2294cc536bb493c98ee2d73e4

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:37 GMT
Last-Modified: Mon, 04 Nov 2019 20:56:46 GMT
Server: Tengine
ETag: "5dc0908e-86f10"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Tue, 12 Nov 2019 15:26:37 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 552720
X-Proxy-Cache: HIT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame C0DF 0
379 B 19ms
19ms Image
text/html 46.166.134.24
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=16&serverTime=1572967597&s=0&sta=12348808&x=320&y=180&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&gdpr=1&gdprConsent=&isWePassGdpr=0&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F78.0.3904.70%20Safari%2F537.36&csuuid=5dc194ad4191a&contentFileId=563550&mediaPlayListId=5946&playerVer=3.0.0&isExcludeFromOpt=0&cbuster=1572967598446
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.24 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Nov 2019 15:26:37 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.30
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

GET
H2 200 avjp Show response
teachingaids-d.openx.net/v/1.0/ Frame E8F4 92 B
334 B 64ms
56ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=7e4af080-40f2-4e2e-ac15-33ed6d07fbc7&nocache=1572967598614&schain=1.0%2C1!primis.tech%2C19668%2C1%2C%2C%2C&auid=540882778&vwd=320&vht=180&
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.1 /
Resource Hash: 004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Nov 2019 15:26:38 GMT
via: 1.1 google
server: OXGW/16.167.1
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 92
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content 171621 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame E8F4 0
1 KB 227ms
186ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/171621
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 05 Nov 2019 15:26:38 GMT
X-SpotX-Timing-Transform: 0.000273
X-SpotX-Timing-SpotMarket: 0.168945
X-SpotX-Timing-Page-Mux: 0.000247
X-SpotX-Timing-Page-Require: 0.000310
X-fe: 037
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000028
X-SpotX-Timing-Page: 0.172275
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000250
Last-Modified: Tue, 05 Nov 2019 15:26:38 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.015320
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://threatpost.com
X-SpotX-Timing-Page-Misc: 0.002102
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.153625
X-SpotX-Timing-Page-URI: 0.000119
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame E8F4 0
115 B 41ms
13ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 05 Nov 2019 15:26:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://threatpost.com

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame E8F4 0
215 B 35ms
12ms XHR
application/json 52.57.237.233
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.237.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-237-233.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Server: adaptv/1.0
Connection: keep-alive
Content-Length: 0
Content-Type: application/json

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame E8F4 0
215 B 40ms
18ms XHR
application/json 52.57.237.233
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.237.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-237-233.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Server: adaptv/1.0
Connection: keep-alive
Content-Length: 0
Content-Type: application/json

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame E8F4 0
215 B 35ms
13ms XHR
application/json 52.57.237.233
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisHB
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.237.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-237-233.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Server: adaptv/1.0
Connection: keep-alive
Content-Length: 0
Content-Type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E8F4 144 B
1 KB 61ms
32ms XHR
application/json 185.33.223.100
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a4090d88738de7527d96edfdc5d16923545a35fdc5f13ec5c9ab61bbbd816a70

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 05 Nov 2019 15:26:40 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.135:80
AN-X-Request-Uuid: 7dcabbe5-b627-44b8-82e4-743d0cf924ab
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame C0DF 0
379 B 67ms
42ms Image
text/html 46.166.134.24
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=27&serverTime=1572967598&s=58057&sta=0&x=320&y=180&msta=12348808&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&gdpr=1&gdprConsent=&isWePassGdpr=0&playbackMethod=auto&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F78.0.3904.70%20Safari%2F537.36&csuuid=5dc194ad4191a&contentFileId=0&mediaPlayListId=0&cbuster=1572967598603
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.24 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Nov 2019 15:26:38 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.30
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK w_640_002.ts Show response
video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.mp4/ Frame E8F4 458 KB
458 KB 19ms
18ms XHR
video/mp2t 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.mp4/w_640_002.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: f0fc6ab9df71f01b83c27f9772beefcef5292dcfd03b713bb035f793f3cf3733

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:37 GMT
Last-Modified: Mon, 04 Nov 2019 20:56:47 GMT
Server: Tengine
ETag: "5dc0908f-726cc"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Tue, 12 Nov 2019 15:26:37 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 468684
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_640_003.ts Show response
video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.mp4/ Frame E8F4 480 KB
480 KB 24ms
24ms XHR
video/mp2t 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.mp4/w_640_003.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 93431944aea7a5346648bfd64fd22954066fc4e1dc0da1fe61cb50131bec7bcf

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:37 GMT
Last-Modified: Mon, 04 Nov 2019 20:56:47 GMT
Server: Tengine
ETag: "5dc0908f-78064"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Tue, 12 Nov 2019 15:26:37 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 491620
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_640_004.ts Show response
video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.mp4/ Frame E8F4 576 KB
576 KB 21ms
20ms XHR
video/mp2t 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.mp4/w_640_004.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 8da5f5fb50661798866ac6ad1ea89d9f3d97899a63b548450ef0cac8a95248c2

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:37 GMT
Last-Modified: Mon, 04 Nov 2019 20:56:48 GMT
Server: Tengine
ETag: "5dc09090-90078"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Tue, 12 Nov 2019 15:26:37 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 589944
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_640_005.ts Show response
video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.mp4/ Frame E8F4 529 KB
530 KB 34ms
34ms XHR
video/mp2t 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.mp4/w_640_005.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: a2f1d69fa609e2a66b278b4065dba1873706d4fbd45a6a3a8baa9129c49bb869

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:37 GMT
Last-Modified: Mon, 04 Nov 2019 20:56:48 GMT
Server: Tengine
ETag: "5dc09090-845f0"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Tue, 12 Nov 2019 15:26:37 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 542192
X-Proxy-Cache: HIT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3012 42 B
110 B 16ms
15ms Image
image/gif 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstI5RC1UfAwwppH9-zKyq-pjECv5zDV-qJkd8bbDpZfYNedAdEctWJ0DFVv4GNYe8ziSt-IgSXe0IXypHDLoSmYOZSlTbky1aL-kHIcK_4&sig=Cg0ArKJSzD-Xqr22gfHLEAE&id=ampim&o=1093,407&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=241&tls=1242&g=100&h=100&pt=375&tt=1242&rpt=375&rst=1572967597574&r=v&adk=974937504&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Nov 2019 15:26:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F80A 42 B
110 B 15ms
15ms Image
image/gif 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvC2aLMrcKcyoIXIcircimpCGiogWAOHOhN4NF0pKipLEGCPRs5nDHls1ClOvQlTzY7TaoKx0-891Xa6Vdf8VBKTA3v5awSWe9QuARIu2E&sig=Cg0ArKJSzG-WdPaoa1cfEAE&id=ampim&o=308,0&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=242&tls=1242&g=100&h=100&pt=285&tt=1242&rpt=285&rst=1572967597567&r=v&adk=2675834513&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Nov 2019 15:26:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame E8F4 109 B
536 B 90ms
28ms XHR
application/json 52.215.98.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.98.88 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-215-98-88.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d503c9cf3d3eff2d9e0d7b3b150ef71796a70883020e4785cd665865da824f99

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Nov 2019 15:26:39 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://threatpost.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 05 Dec 2019 15:26:39 GMT

GET
H/1.1 200 212.json Show response
id5-sync.com/g/v1/ Frame E8F4 35 B
274 B 56ms
14ms XHR
text/json 5.39.66.192
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://id5-sync.com/g/v1/212.json?1puid=&gdpr=0&gdpr_consent=
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.39.66.192 , France, ASN16276 (OVH, FR),
Reverse DNS: s05.id5-sync.com
Software: /
Resource Hash: 6d3ad1cfd3221aa7bffc10ba678fda2d9d94c9aa3b026d45a74fa767763ec1d5

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://threatpost.com
Date: Tue, 05 Nov 2019 15:26:39 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Content-Type: text/json;charset=utf-8

GET envelope
api.rlcdn.com/api/identity/ Frame E8F4 0
0

GET
H2

200

pd
u.openx.net/w/1.0/ Frame E3AE
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

0
0

15ms
15ms

Document
text/html

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.1 /
Resource Hash

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
accept-encoding: gzip, deflate, br
cookie: i=989295ad-d2b6-45f6-8a2d-d98111d725fd|1572967599
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Response headers

status: 200
vary: Accept
set-cookie: i=989295ad-d2b6-45f6-8a2d-d98111d725fd|1572967599; Version=1; Expires=Wed, 04-Nov-2020 15:26:39 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1572967599|mOgikimWiygu; Version=1; Expires=Wed, 20-Nov-2019 15:26:39 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.167.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 05 Nov 2019 15:26:39 GMT
content-type: text/html
content-length: 592
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=989295ad-d2b6-45f6-8a2d-d98111d725fd|1572967599; Version=1; Expires=Wed, 04-Nov-2020 15:26:39 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server: OXGW/16.167.1
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1
date: Tue, 05 Nov 2019 15:26:39 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 39BD 0
0 21ms
6ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Response headers

Last-Modified: Fri, 26 Jul 2019 09:39:45 GMT
ETag: "13006b6-9bf6-58e925294ef26"
Server: Apache/2.2.15 (CentOS)
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14898
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=67552
Expires: Wed, 06 Nov 2019 10:12:31 GMT
Date: Tue, 05 Nov 2019 15:26:39 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

410
Gone

sync
sync.adaptv.advertising.com/ Frame E8F4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D&_test=XcGUrwAAAFHsq36l
https://sync.adap.tv/sync?type=gif&key=tubemogul&uid=XcGUrwAAAFHsq36l&_test=XcGUrwAAAFHsq36l
https://sync.adaptv.advertising.com/sync?type=gif&key=tubemogul&uid=XcGUrwAAAFHsq36l&_test=XcGUrwAAAFHsq36l

10 B
118 B

379ms
87ms

Image
text/plain

3.225.171.54
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adaptv.advertising.com/sync?type=gif&key=tubemogul&uid=XcGUrwAAAFHsq36l&_test=XcGUrwAAAFHsq36l
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.171.54 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-171-54.compute-1.amazonaws.com
Software: ribs2.0 /
Resource Hash: 42e2bdfb6f2641ab97b6a586c31e591246a5240bc86e504d6ec02c616aeb8e4e

Request headers

Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Server: ribs2.0
Connection: keep-alive
Content-Length: 10
Content-Type: text/plain

Redirect headers

Location: //sync.adaptv.advertising.com/sync?type=gif&key=tubemogul&uid=XcGUrwAAAFHsq36l&_test=XcGUrwAAAFHsq36l
Server: ribs2.0
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2 200 %7Bcombo_uid%7D
pr-bh.ybp.yahoo.com/sync/adaptv_ortb/ Frame E8F4 43 B
381 B 122ms
40ms Image
image/gif 2a00:1288:110:c205::2000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/adaptv_ortb/%7Bcombo_uid%7D

Requested by

Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c205::2000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 15:26:39 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/57304/ Frame E8F4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_sc=&google_tc=
https://pixel.advertising.com/ups/57304/sync?uid=CAESEFFIP2ThBVNlYIN246T0cbk&google_cver=1
https://pixel.advertising.com/ups/57304/sync?uid=CAESEFFIP2ThBVNlYIN246T0cbk&google_cver=1&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFFIP2ThBVNlYIN246T0cbk&google_cver=1&apid=UPa9d904c3-ffe0-11e9-84b4-060ffcaa9e92
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFFIP2ThBVNlYIN246T0cbk&google_cver=1&apid=UPa9d904c3-ffe0-11e9-84b4-060ffcaa9e92&verify=true

0
473 B

8ms
8ms

Image
text/plain

52.57.21.232
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFFIP2ThBVNlYIN246T0cbk&google_cver=1&apid=UPa9d904c3-ffe0-11e9-84b4-060ffcaa9e92&verify=true
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.21.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-21-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 204
date: Tue, 05 Nov 2019 15:26:39 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Tue, 05 Nov 2019 15:26:39 GMT
content-length: 0
location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFFIP2ThBVNlYIN246T0cbk&google_cver=1&apid=UPa9d904c3-ffe0-11e9-84b4-060ffcaa9e92&verify=true
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55953/ Frame E8F4
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
https://pixel.advertising.com/ups/55953/sync?uid=9c62d2f9-7870-4b8a-bd3a-92ce3051e44f&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=9c62d2f9-7870-4b8a-bd3a-92ce3051e44f
https://ups.analytics.yahoo.com/ups/55953/sync?uid=9c62d2f9-7870-4b8a-bd3a-92ce3051e44f&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=9c62d2f9-7870-4b8a-bd3a-92ce3051e44f&apid=UPa9d904c3-ffe0-11e9...

0
494 B

9ms
8ms

Image
text/plain

52.57.21.232
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.analytics.yahoo.com/ups/55953/sync?uid=9c62d2f9-7870-4b8a-bd3a-92ce3051e44f&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=9c62d2f9-7870-4b8a-bd3a-92ce3051e44f&apid=UPa9d904c3-ffe0-11e9-84b4-060ffcaa9e92
Requested by: Host: threatpost.com
URL: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.21.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-21-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 204
date: Tue, 05 Nov 2019 15:26:39 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Tue, 05 Nov 2019 15:26:39 GMT
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=9c62d2f9-7870-4b8a-bd3a-92ce3051e44f&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=9c62d2f9-7870-4b8a-bd3a-92ce3051e44f&apid=UPa9d904c3-ffe0-11e9-84b4-060ffcaa9e92
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame C0DF 0
379 B 44ms
20ms Image
text/html 46.166.134.24
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=36&serverTime=1572967597&s=101281&sta=0&x=400&y=291&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&gdpr=1&gdprConsent=&isWePassGdpr=0&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F78.0.3904.70%20Safari%2F537.36&csuuid=5dc194ad4191a&contentFileId=0&mediaPlayListId=0&cbuster=1572967600149
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.24 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Nov 2019 15:26:39 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.30
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame C0DF 0
379 B 39ms
15ms Image
text/html 46.166.134.24
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1572967597&s=101281&sta=0&x=400&y=291&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&gdpr=1&gdprConsent=&isWePassGdpr=0&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F78.0.3904.70%20Safari%2F537.36&csuuid=5dc194ad4191a&contentFileId=0&mediaPlayListId=0&dur=500&cbuster=1572967603141
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.24 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Nov 2019 15:26:42 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.30
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK w_640_006.ts Show response
video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.mp4/ Frame E8F4 461 KB
462 KB 38ms
38ms XHR
video/mp2t 185.127.16.52
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn10/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5dc0904fa078c491390251.mp4/w_640_006.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323031392D31312D30355F31377D7B7331323334383830387D7B4335377D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583430307D7B593239317D7B66317D7B4C363631357DFEFE&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&csuuid=5dc194ad4191a&debugInfo=12348808_&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=400&y=291&pubUrl=https%3A%2F%2Fthreatpost.com%2Fbluekeep-attacks-have-arrived-are-initially-underwhelming%2F149829%2F&contentNum=1&flow_closeBtn=1&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.29930114746094&geoLong=9.491000175476074&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&is_app=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.52 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 6dce502daa4ba0b2c87d5dec85a191e5b2f3620e98b824d88247eaf8bb795494

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Tue, 05 Nov 2019 15:26:43 GMT
Last-Modified: Mon, 04 Nov 2019 20:56:49 GMT
Server: Tengine
ETag: "5dc09091-7357c"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Tue, 12 Nov 2019 15:26:43 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 472444
X-Proxy-Cache: HIT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame C0DF 0
379 B 25ms
25ms Image
text/html 46.166.134.24
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=25&serverTime=1572967597&s=101281&sta=0&x=400&y=291&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&gdpr=1&gdprConsent=&isWePassGdpr=0&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F78.0.3904.70%20Safari%2F537.36&csuuid=5dc194ad4191a&contentFileId=0&mediaPlayListId=0&dur=1000&cbuster=1572967607931
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.24 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Nov 2019 15:26:47 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.30
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame C0DF 0
379 B 18ms
18ms Image
text/html 46.166.134.24
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1572967597&s=101281&sta=0&x=400&y=291&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&gdpr=1&gdprConsent=&isWePassGdpr=0&userIpAddr=144.76.109.30&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F78.0.3904.70%20Safari%2F537.36&csuuid=5dc194ad4191a&contentFileId=0&mediaPlayListId=0&dur=500&cbuster=1572967608141
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.166.134.24 Amsterdam, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx / PHP/7.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Nov 2019 15:26:47 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.1.30
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=34

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.threatpost.com/	1970-01-19 14:20:36	Name: __qca Value: P0-1522400562-1572967598075
.threatpost.com/	1970-01-19 04:56:07	Name: _gat_UA-35676203-21 Value: 1
.threatpost.com/	1970-01-19 22:27:19	Name: __gads Value: ID=5cc5861ba00a962f:T=1572967597:S=ALNI_MbUhT9ZJBp-uF9RhKeZZhik3WwEig
.threatpost.com/	1970-01-19 04:57:33	Name: _gid Value: GA1.2.1788882411.1572967597
.threatpost.com/	1970-01-19 22:27:19	Name: _ga Value: GA1.2.1751957402.1572967597

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js(Line 508) Message: Powered by AMP ⚡ HTML – Version 1910251950120 https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
console-api	info	URL: https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js(Line 508) Message: Powered by AMP ⚡ HTML – Version 1910251950120 https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/
console-api	info	URL: https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js(Line 508) Message: Powered by AMP ⚡ HTML – Version 1910251950120 https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adrta.com
ads.adaptv.advertising.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
analytics.twitter.com
api.rlcdn.com
assets.threatpost.com
c.amazon-adsystem.com
cdn.ampproject.org
cm.g.doubleclick.net
fonts.googleapis.com
fonts.gstatic.com
graph.facebook.com
hbopenbid.pubmatic.com
i1.wp.com
ib.adnxs.com
id5-sync.com
ipv4.adrta.com
kasperskycontenthub.com
live.sekindo.com
match.adsrvr.org
media.threatpost.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
rules.quantcount.com
search.spotxchange.com
secure.gravatar.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.ads-twitter.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adap.tv
sync.adaptv.advertising.com
t.co
teachingaids-d.openx.net
threatpost.com
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
video.sekindo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.reddit.com
api.rlcdn.com
104.244.42.195
104.244.42.197
13.225.86.250
151.101.113.140
151.101.114.49
151.101.12.157
172.217.16.130
172.217.23.162
185.127.16.52
185.33.223.100
185.64.189.112
185.94.180.124
192.0.77.2
2.18.233.180
2600:1f18:26d4:7e01:960d:1da3:d671:de2a
2600:9000:20eb:6a00:6:44e3:f8c0:93a1
2600:9000:2156:f800:0:5c46:4f40:93a1
2600:9000:21f3:a200:2:9275:3d40:93a1
2a00:1288:110:c205::2000
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:808::2002
2a00:1450:4001:814::2001
2a00:1450:4001:817::2003
2a00:1450:4001:817::2004
2a00:1450:4001:819::2003
2a00:1450:4001:81b::200e
2a00:1450:4001:820::2001
2a00:1450:4001:821::2003
2a00:1450:4001:825::200a
2a00:1450:400c:c00::9b
2a03:2880:f01c:800e:face:b00c:0:2
2a04:fa87:fffe::c000:4902
2a05:f500:10:101::b93f:9101
3.215.92.99
3.225.171.54
34.196.45.218
34.95.120.147
35.173.160.135
46.166.134.24
5.39.66.192
52.215.98.88
52.28.145.127
52.57.21.232
52.57.237.233
91.228.74.135
91.228.74.226
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0677813a073d549a3705bbae9143a064807e4bb2294cc536bb493c98ee2d73e4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7
082f9475d9d702abb1d79353862bd60f700ed63280c8d961d9a6288cbf2f5e9e
16ea27c119578893eba6f9a33e3f8fd9b4075e3a8bcb4da9080079c96765bf43
1b58502f35dc1b48ad4f026a8fb9e473d01ddaf6211f6548c10b57cebed78b32
1d578dc3367ffc480f6c230a912f72e3906d4438b5daaf1c319fd3b7a006cd3d
1d877b654697728723f01959ffbf74d70842fe9cf331f721be5701b61c217638
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
25226e6e3ba0503974bdf2075bc6e44ff223c59520aae1f1722759050d988232
25e8f0d54945a9f8f39857028c2f611bf4947b790a45a6c37f2d4bc5bf6fc9f1
287ef359fd0ee77565247dac9629ded5911db58b4ac8d7b78b89435d6860a174
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
31cf806fa028ec8f8ebbd0a1541d34c32cf70d77e45d1f380c27c242b4d7afd8
352bb10106a5335c7385809b33aa104cf39c20136867a0609d6763ded2af7e7a
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a
3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d
3b546ffc169727e9c8c9c4d4f5d70267345aab6c0d7223d20d88d8953367a013
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730
42e2bdfb6f2641ab97b6a586c31e591246a5240bc86e504d6ec02c616aeb8e4e
44ef9b8be9758f4944226128bcbd68f44fca4b8a4d272ad3288427bbd96accb8
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7
487517bf8c9ca0878f9b54455c79b866f985b9d19ace45e2bdcf2a71a42facc0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49818d15e560296b11d38bc1f155de85c64d5f1c8c8942e116e8a1200a93358d
4a188decf6c2063623459b7ca4a50e8cacaba866b3b22e74c5a9f1509ce6c6b9
4e66c0e886f8c071dd0a16cad530969e5ad7a11bffb9d3c29221f5c67f87e4e9
5075b0d31c00903c1a8f437e6e356da4ebf9fe7066ac6809427d184b55fc382c
51b7a583b42d20f16fa2755abe0e8fd716b3ec9378ec42500b0d894927598326
535f401ad4d0562612b8bcadc5edb6c194cb6a275f3915511f9d023cfc69fe2a
59deaca25b1ef82cd5b4a031009eb00d76557add3a300311a376a0b0a7755ad6
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf
5b540185cd635ef5872d4c103475c9c4b23d02ac2eeac1dd1dd38e42063198ad
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
64f8815aa79b455228746003b2b30c928d01c6d1de8707206b3e0031d4070cf2
658cd890cc8ab4258fa635bd02f049a19cf9906357c3ab5ab135c2a7e23ecb08
6cd70b4f239ef927a651233ccd24424a679f57d2330c9dd3141013be6d373cfe
6d3ad1cfd3221aa7bffc10ba678fda2d9d94c9aa3b026d45a74fa767763ec1d5
6dce502daa4ba0b2c87d5dec85a191e5b2f3620e98b824d88247eaf8bb795494
7104502e3ae4295349723205e6104d1343fa49bdf356cb3c93b31b62cea9ef9b
76102878c1198de858725194952ba1c6b35bdee0f870cc6a124e93d17385e64e
76ba07e059d9e2113f9c940f1a31efc95bd9d5badd68bbc3637177e892a08099
78b1956ef472e64f7c86131cccfd57d053f67b65452689cbfa52e6335611a246
7d46f3064d0bc8dec9296cb15712ab2c117bfb899922c54745cb5d5ff165d200
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb
866c1cf254c11afbcb1689842e0eb3ed4973f7edada9f814d5e6b72cd54b9b56
8af9277beea03fa6657fbefb20592a05e592b3ca05d824ea2f4e92e42eb0910e
8da5f5fb50661798866ac6ad1ea89d9f3d97899a63b548450ef0cac8a95248c2
93431944aea7a5346648bfd64fd22954066fc4e1dc0da1fe61cb50131bec7bcf
93ebb1d614fa1e33c91a00ee803c268fcf812be0282ac38660f29a192109dc86
940e0c3385928422aae38e1a74f1d84b462d8ce1a056c686fde505a0bf3162bb
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9fa7ee8a734f8b381eab13fd4843321d67228a0b4705bb7692a88659c42123a1
a016f64a1c94a740d8551ef430b76e35be1c84a07c8e70f7a8c8e738f40e3c40
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a25d6b15370e06383386c57fb5278ef22bc15d3151a8059303744f0388e8bbe3
a2f1d69fa609e2a66b278b4065dba1873706d4fbd45a6a3a8baa9129c49bb869
a4090d88738de7527d96edfdc5d16923545a35fdc5f13ec5c9ab61bbbd816a70
a69c028a3a2d261332d8fb4e17f82257d484d42fd5410b20d22a3ef6e619f66c
a783d2ad42c380bc896219c080fa845d1e9f2e77483558103aeb296b95b85701
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22
a9f6c03ce6f4d1654f29f2136651e883198d509cb2e26af1c24b1f87b6ccae13
aa64fa30a3263fa3105736228a6feaaa4f7d32d8ef96b12e56f6fb95511b66a7
ab5e1a02f91bc9443467e816bd0c0b1506200963cbed9386ccdd805f127e4baa
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad3e5e38216e5b13b79daf32495743f04b452ff5f7b936ea5e457f2f36e1436e
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be
b4d605565c1030952a3690ec0faf45e4fe909c838fdbe195e3c7487b5adc6922
bd78ccd86b7a12989f496475e98987793e6003ec9f5efe778ca4fbfd887b333d
c1130e6aae10ef9bd909278c2ff2a16b2c4926747bd907aded57560afe524794
c4bbc03a9fcd94ea2941b59d5b4d7772cdc893ec3105c3390632fd12b56d303d
c825c89c57f7b6713283f8360305176a5ca57634f7ef21e52c58a713a0a20c83
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce4832580276f0cc9c6cca7cc9dd88929fd6080faef6de2e0d605a4bd92be071
cf38dc1849498a12875ccc61401a45d52e8efc88d55b82c50ca56fdfa5ba205a
d503c9cf3d3eff2d9e0d7b3b150ef71796a70883020e4785cd665865da824f99
d8c28f9e60045661983b21b06f8bff030a73a58b848b45e812d76c12f631dff8
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e076f23e9d8ed3735576eec49a13860c41fc235bbb34aacbcb78b4591985a34b
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e21da87120c823e7856f1e2af9d73746e19590b71407869dccb2d203115d451c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0
e4ab34b8a905b1076f36fddd2dc1e2dacd9c1bbca6614ab260e9b40aa0dced41
e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa
e98b015995770420a20af6b768ada3a4ac4a11bccd4c9f8bd6b46bff66b8cea9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8d94114f16ad72f9ed3634f5ae54888f45ff87c42bcc330b88141d9b956fdb
f0fc6ab9df71f01b83c27f9772beefcef5292dcfd03b713bb035f793f3cf3733
f4f2c0a4763f01ee2b13b4f8189e6fd5f32bd704d71fed8d0f11883de9724198
f89d17dc2e4ecb385243b7b4cdaf5d8d9f6d4b9829e2be80afb66d01721835e3
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

threatpost.com Open in urlscan Pro 35.173.160.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

130 Requests

98 %HTTPS

44 %IPv6

35 Domains

51 Subdomains

42 IPs

8 Countries

5593 kBTransfer

8256 kBSize

5 Cookies

19 Outgoing links

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

98 %
HTTPS

44 %
IPv6

35
Domains

51
Subdomains

42
IPs

8
Countries

5593 kB
Transfer

8256 kB
Size

5
Cookies

130 HTTP transactions
5 data transactions