threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://threatpost.com/easter-attack-apple-ios/143901/
Submission: On April 20 via automatic, source hackernews (April 20th 2019, 5:05:01 am UTC)

Summary HTTP 145 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 36 domains to perform 145 HTTP transactions. The main IP is 35.173.160.135, located in Seattle, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is threatpost.com.
TLS certificate: Issued by Thawte EV RSA CA 2018 on June 21st 2018. Valid for: a year.

This is the only time threatpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	35.173.160.135 35.173.160.135	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
6	2600:9000:204... 2600:9000:2047:2000:2:9275:3d40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2606:4700::68... 2606:4700::6813:c497	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
13	2600:9000:204... 2600:9000:2047:5400:0:5c46:4f40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
2 6	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:814::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
3 20	151.101.2.2 151.101.2.2	54113 (FASTLY) (FASTLY - Fastly)
5	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:401... 2a00:1450:4016:80d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2 4	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	91.228.74.212 91.228.74.212	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	151.101.120.157 151.101.120.157	54113 (FASTLY) (FASTLY - Fastly)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2600:9000:204... 2600:9000:2047:e600:2:9275:3d40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a03:2880:f01... 2a03:2880:f01c:20e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY - Fastly)
2 2	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	104.111.214.103 104.111.214.103	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER - Twitter Inc.)
6	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:204... 2600:9000:2047:c800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	91.228.74.150 91.228.74.150	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
13	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY - Fastly)
1 1	35.201.85.158 35.201.85.158	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	18.196.37.19 18.196.37.19	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	54.194.234.200 54.194.234.200	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	104.111.241.32 104.111.241.32	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	185.33.223.80 185.33.223.80	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 1	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	54.72.175.179 54.72.175.179	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	34.211.85.62 34.211.85.62	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT - Bidtellect Inc.)
3 3	18.153.11.14 18.153.11.14	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	213.9.42.202 213.9.42.202	12676 (NCORE-AS ...) (NCORE-AS Hochstadenstr. 5)
1	213.202.235.8 213.202.235.8	24961 (MYLOC-AS) (MYLOC-AS)
11	2606:4700::68... 2606:4700::6810:5424	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER - Twitter Inc.)
5	52.4.203.244 52.4.203.244	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
145	37

19 35.173.160.135 (Seattle, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com

threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kasperskycontenthub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2047:2000:2:9275:3d40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

assets.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:2047:5400:0:5c46:4f40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

media.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland) 1 redirects

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81e::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 151.101.2.2 (San Francisco, United States) 3 redirects

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:820::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4016:80d::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200e (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.212 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.120.157 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2047:e600:2:9275:3d40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

assets.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:20e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9a (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.214.103 (Amsterdam, Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-214-103.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2047:c800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.150 (United Kingdom) 1 redirects

ASN27281 (QUANTCAST - Quantcast Corporation, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.2.49 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
convammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
opps.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.85.158 (Ann Arbor, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 158.85.201.35.bc.googleusercontent.com

server.exposebox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.37.19 (Cambridge, United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-37-19.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.234.200 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-234-200.eu-west-1.compute.amazonaws.com

px.powerlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.241.32 (Amsterdam, Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-241-32.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.80 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.34 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.175.179 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-175-179.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.211.85.62 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-211-85-62.us-west-2.compute.amazonaws.com

www.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT - Bidtellect Inc., US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.153.11.14 (Cambridge, United States) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-14.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.9.42.202 (Germany) 1 redirects

ASN12676 (NCORE-AS Hochstadenstr. 5, DE)

asn.advolution.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.8 (Germany)

ASN24961 (MYLOC-AS, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6810:5424 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.4.203.244 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-4-203-244.compute-1.amazonaws.com

gklfs-idnhw.ads.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s5pvq.ads.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	taboola.com 3 redirects cdn.taboola.com trc.taboola.com 15.taboola.com match.taboola.com images.taboola.com vidstat.taboola.com imprammp.taboola.com convammp.taboola.com vidstatb.taboola.com wf.taboola.com opps.taboola.com	3 MB
38	threatpost.com threatpost.com assets.threatpost.com media.threatpost.com	652 KB
13	doubleclick.net 3 redirects googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	90 KB
11	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	191 KB
7	google.com 2 redirects www.google.com adservice.google.com	1 KB
5	tremorhub.com gklfs-idnhw.ads.tremorhub.com s5pvq.ads.tremorhub.com	2 KB
4	google-analytics.com 2 redirects www.google-analytics.com	35 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	facebook.com graph.facebook.com www.facebook.com	940 B
3	quantserve.com 1 redirects secure.quantserve.com pixel.quantserve.com	7 KB
3	googletagservices.com www.googletagservices.com	67 KB
3	google.de adservice.google.de www.google.de	699 B
2	adsrvr.org 2 redirects match.adsrvr.org	849 B
2	adnxs.com ib.adnxs.com	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	facebook.net connect.facebook.net	57 KB
2	googletagmanager.com www.googletagmanager.com	45 KB
2	cloudflare.com cdnjs.cloudflare.com	11 KB
1	twitter.com analytics.twitter.com	673 B
1	exactag.com m.exactag.com	654 B
1	advolution.de 1 redirects asn.advolution.de	1 KB
1	bttrack.com bttrack.com	380 B
1	storygize.net 1 redirects www.storygize.net	450 B
1	bluekai.com 1 redirects tags.bluekai.com	862 B
1	powerlinks.com 1 redirects px.powerlinks.com	611 B
1	exposebox.com 1 redirects server.exposebox.com	290 B
1	quantcount.com rules.quantcount.com	2 KB
1	t.co t.co	486 B
1	reddit.com www.reddit.com	3 KB
1	linkedin.com www.linkedin.com	1 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	gstatic.com www.gstatic.com	91 KB
1	wp.com i0.wp.com	65 B
1	gravatar.com 1 redirects secure.gravatar.com	384 B
1	kasperskycontenthub.com kasperskycontenthub.com	367 B
145	36

	Domain	Requested by
18	threatpost.com	threatpost.com pagead2.googlesyndication.com
13	media.threatpost.com	threatpost.com
10	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com threatpost.com
9	trc.taboola.com	3 redirects cdn.taboola.com threatpost.com
7	pagead2.googlesyndication.com	threatpost.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
7	assets.threatpost.com	threatpost.com
6	images.taboola.com	threatpost.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
6	www.google.com	2 redirects threatpost.com www.gstatic.com securepubads.g.doubleclick.net
5	cdn.taboola.com	assets.threatpost.com cdn.taboola.com threatpost.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net
4	www.google-analytics.com	2 redirects www.googletagmanager.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	gklfs-idnhw.ads.tremorhub.com	vidstat.taboola.com
3	wf.taboola.com	vidstat.taboola.com
3	convammp.taboola.com	threatpost.com
3	x.bidswitch.net	3 redirects
3	match.taboola.com	threatpost.com
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com threatpost.com
3	www.googletagservices.com	pagead2.googlesyndication.com assets.threatpost.com securepubads.g.doubleclick.net
2	opps.taboola.com	vidstat.taboola.com
2	s5pvq.ads.tremorhub.com	vidstat.taboola.com
2	match.adsrvr.org	2 redirects
2	ib.adnxs.com	threatpost.com
2	rtb.mfadsrvr.com	2 redirects
2	pixel.quantserve.com	1 redirects threatpost.com
2	www.facebook.com	threatpost.com connect.facebook.net
2	www.google.de	threatpost.com
2	stats.g.doubleclick.net	2 redirects
2	connect.facebook.net	threatpost.com connect.facebook.net
2	www.googletagmanager.com	assets.threatpost.com threatpost.com
2	cdnjs.cloudflare.com	threatpost.com assets.threatpost.com
1	analytics.twitter.com	static.ads-twitter.com
1	vidstatb.taboola.com	threatpost.com
1	imprammp.taboola.com	threatpost.com
1	m.exactag.com	threatpost.com
1	asn.advolution.de	1 redirects
1	bttrack.com	threatpost.com
1	www.storygize.net	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	tags.bluekai.com	1 redirects
1	px.powerlinks.com	1 redirects
1	server.exposebox.com	1 redirects
1	15.taboola.com	cdn.taboola.com
1	rules.quantcount.com	secure.quantserve.com
1	t.co	threatpost.com
1	www.reddit.com	threatpost.com
1	www.linkedin.com	threatpost.com
1	graph.facebook.com	threatpost.com
1	static.ads-twitter.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	i0.wp.com	threatpost.com
1	secure.gravatar.com	1 redirects
1	kasperskycontenthub.com	threatpost.com
145	57

This site contains links to these domains. Also see Links.

Domain
spotlight.threatpost.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
feedly.com
www.instagram.com
blog.confiant.com
media.threatpost.com
attendee.gotowebinar.com
popup.taboola.com
www.aroundhome.de
www.holzkern.com
om.elvenar.com
asn.advolution.de
plarium.com
akismet.com
t.co

Subject Issuer	Validity	Valid
threatpost.com Thawte EV RSA CA 2018	`2018-06-21` - `2019-06-19`	a year	crt.sh
assets.threatpost.com Amazon	`2019-04-02` - `2020-05-02`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
kasperskycontenthub.com Thawte EV RSA CA 2018	`2018-06-01` - `2019-06-21`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
media.threatpost.com Amazon	`2019-04-02` - `2020-05-02`	a year	crt.sh
*.wp.com Go Daddy Secure Certificate Authority - G2	`2018-04-10` - `2020-05-11`	2 years	crt.sh
www.google.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-01` - `2019-09-07`	5 months	crt.sh
*.google.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2018-10-16` - `2019-10-21`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2018-08-16` - `2019-08-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-03-08` - `2019-06-06`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2018-05-30` - `2020-09-01`	2 years	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2018-08-17` - `2020-09-02`	2 years	crt.sh
www.google.de Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-03-07` - `2020-03-07`	a year	crt.sh
g2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2019-11-19`	7 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
*.exactag.com COMODO ECC Domain Validation Secure Server CA	`2016-09-14` - `2019-09-14`	3 years	crt.sh
vidstat.taboola.com Go Daddy Secure Certificate Authority - G2	`2019-03-19` - `2021-02-14`	2 years	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-28` - `2020-01-28`	a year	crt.sh
*.tremorhub.com Amazon	`2018-08-16` - `2019-09-16`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://threatpost.com/easter-attack-apple-ios/143901/
Frame ID: D1A66F03602C7278168F0EBFC52BCC81
Requests: 119 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/show_ads_impl.js
Frame ID: 2DF87D75F826791A4FDC2C94BA6DFAD5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190417/r20190131/zrt_lookup.html
Frame ID: B589B56B0AEDB6FA88C2699BD3C472E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7500593236707325&output=html&adk=1812271804&adf=3025194257&lmt=1555736685&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2%2C6%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A32904%2C9%3A32904%2C16%3A8388608%2C27%3A128%2C30%3A1081472%2C32%3A128&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1555736684899&bpp=18&bdt=557&fdt=94&idt=93&shv=r20190417&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=6842927412409&frm=20&pv=2&ga_vid=1026937027.1555736685&ga_sid=1555736685&ga_hid=2135741514&ga_fc=0&iag=0&icsg=134415008&dssz=27&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21063245&oid=3&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=15&osw_key=272949454&ifi=0&uci=0.67z1rtooycht&fsb=1&dtd=110
Frame ID: BAB4025C9673F5BDFCE8F83C86915083
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=v1554100419869&theme=standard&size=normal&cb=un78s6l3amtw
Frame ID: 4C274B05F7750D06320DBD2F46EB2794
Requests: 1 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_hsj09x7
Frame ID: 5DA58B24B76E6EC115BAF17017FF2E0A
Requests: 10 HTTP requests in this frame

Frame: https://m.exactag.com/ai.aspx?extProvId=44&extPu=1021&extLi=DE-3709&extCr=82975&extPm=89116
Frame ID: E879060DEA2B8A8B64A77C3B5A467F06
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1554100419869&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=b6bhmyhdtgrw
Frame ID: 9F1022F32230D4588E7835F82941A7B4
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=66301605&ttype=0&cirid=73F94DC4791862944401690784849&cicmp=2040445&cijs=1&dast=V7_w8CFgO3aBynQJx8ugS3aBynQJx8ugUAAAAGBjsHG7eZMUcjDmm3XAxnk-VotFnuRsPZZrCZTMFhyk6Ty3JQC2RNk8vvBhs0nQ6f614vOlpeDtPh7zndNX63X-XwnF6Wt8J0eni8boXhcHa5lX7PXzHaLAeLvRwAAAAAHgCgzvMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADpLHNQCgOAzaZbk-ff4AAHgIAAEAGFAgASh4SCsByHDdOgEAAAAAAAAAYPn___-PGZh3LZUB-BDpuzHoAXjwAXgQAgAAyBrC3VpXNdFeCCUqsCxiBAAAAJAriEt3NKkTKosqAACCdCuAKwCAALWcEPaVLN1BibcwAAAAgbEFelj8frPDrvG7XQYAAAAAAAAAYPZ_9o8mVLTslQY0fVil9gsIALD2CwgAwKZuAABvAnBBFwCrC4jZAQAAANz9____64HEZmJZjHaz1W7iGSwsy4XNN3L4VhvDaLRbzTYu7_U8ykw9CuiH9TlM2WlyWQ5qgaxpcvntN2GL0Woy2SyHs-ViMhiOhqPR_gRsN8AJGg4Hi91gsVsshpPFZDRYDhYoEIMJTshwtJmsRrvVbrIcTkaj2WayQYpWrWajzWC4mk1mu91qOBguRyOkaM1iNpksZqPlbjNYTkaD4WQ4RBjaWBaL0XLkVm5Go7VoMdytFZ6Zba1aDVcrk2c2M05Ga9HrY_pMTJORy-RFwYCRvQgu0onoaHk5TIe_5_QWHS0vh-nw95wuYonmZJFOZJd9YzOxLEa72Wo38QwWluXC5hs5fKuNYTTarWYbl7-0sSwWo-XIrdyMRmvRYrhbKzwz21q1Gq5WJs9sZpyM1qLXx_SZmCYjl8nfWK1Wu81sNlztG6vVareZzYarfYfO8F19zkZptVzymJRf0bi2mjkNCpfB4v1JTItpd3YwTXtHp83rtRgbqm9CYTZ4DAZFLBGcLtKJ6GU8XcQSydMinQiWi8lwsJlYTJbNyrexuHYr527lMFksI8fMMDNOxBKl6SKd6FUOz-lleStMp4fH61YYDmeXW-n3_BWjzXKwmKj_-BDD1VyxGcwVw9FcsZitEgAAAAAAAADAEubMmwAAAACcBrNZzCar5QJIPIzvOrmsWsUEp1cB!&excid=22&tst=1&docw=0
Frame ID: 54B7435526D8312340F709D099B4A5E0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5E90309DFC090E73828E62737918A30C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExCr1FUYoo2UUTAB&v=APEucNUKnykQz06wqVbckfQdb_QHFaIr8pR87gaS3pEqVMwzBSha9NSmE9dPhMOPY67HV3D-HYDHJ9iTMMFU1TwDRYeJ_l-_b-pd41jcGQkb3ZBDSbI4sLgMyHLEDfXLMxRejGLB_1wlBpzGhisnTL6I1uv30pS0Jg
Frame ID: 1568718B92990D611E2135AEABD0F6BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/dbm_bid_iframe.html
Frame ID: 0566D80704A380A49FFBDC08EA1DD9E1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/dbm_bid_appended_html_iframe.html
Frame ID: 8DEE71A0F7FF11C7948BAE16BDF29C4D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190417/r20110914/client/ext/m_window_focus.js
Frame ID: 8DDF00EB71BC7BDAB2C87E576CA3BA19
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push.html
Frame ID: 467DFD16CC6674A76963EC1CEEE37277
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /PREBID_TIMEOUT/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i
env /^google_tag_manager$/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^quantserve$/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
env /^_?COMSCORE$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

env /^Recaptcha$/i

Page Statistics

145
Requests

99 %
HTTPS

47 %
IPv6

36
Domains

57
Subdomains

37
IPs

6
Countries

4800 kB
Transfer

7567 kB
Size

9
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://spotlight.threatpost.com/
Title: HackerOne Spotlight

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/groups/12103060

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/threatpost

Search URL Search Domain Scan URL

URL: https://feedly.com/threatpost

Search URL Search Domain Scan URL

URL: https://www.instagram.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://blog.confiant.com/massive-egobbler-malvertising-campaign-leverages-chrome-vulnerability-to-target-ios-users-a534b95a037f
Title: an analysis

Search URL Search Domain Scan URL

URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/04/18165700/ios_popup.jpg

Search URL Search Domain Scan URL

URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/04/18165727/iPhone-Safari-malware.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/eliyastein/status/1118956267152781313
Title: via tweet

Search URL Search Domain Scan URL

URL: https://attendee.gotowebinar.com/register/8845482382938181378?source=ART
Title: Threatpost webinar

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=threatpost-threatpost&utm_medium=referral&utm_content=thumbnails-a:Below%20Article%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://www.aroundhome.de/immobilienverkauf/formular/?utm_medium=dis_pn&meco=de&utm_source=taboola&utm_campaign=immobilienverkauf-pn-taboola-desktop_050319&utm_content=20190415_hauswertrechner2_klein_hausorange&&prid=566&plmt=threatpost-threatpost&utm_term=1183715
Title: Immobilienverkauf

Search URL Search Domain Scan URL

URL: https://www.holzkern.com/de/blog/post/handgefertigt-aus-holz-und-stein-warum-diese-uhren-so-besonders-sind/?utm_source=taboola&utm_medium=threatpost-threatpost&utm_campaign=2037876
Title: Holzkern

Search URL Search Domain Scan URL

URL: https://om.elvenar.com/ox/de/?ref=tab_de_dach&&external_param=134867823&pid=threatpost-threatpost&bid=134867823
Title: Elvenar - Free Online Game

Search URL Search Domain Scan URL

URL: https://asn.advolution.de/00015c1c5F001441f/?rnd=[cachebuster]&async=1
Title: Eurowings

Search URL Search Domain Scan URL

URL: https://www.aroundhome.de/solaranlage/formular/?utm_medium=dis_pn&utm_meco=DE&utm_source=taboola&utm_campaign=Solaranlagen-ARH-PN-Taboola-Desktop&utm_content=20190401_solar-rechner2019-so-viel-bringt-solaranlage_monteur-reetdach&&plmt=threatpost-threatpost&utm_term=1183715&prid=30
Title: Aroundhome.de

Search URL Search Domain Scan URL

URL: https://plarium.com/landings/de/throne/top_s?publisherID=159196921&placement=threatpost-threatpost&adpartnerset=1744267&plid=128391&pxl=taboola_fr
Title: Throne: Gratis Online Spiel

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

URL: http://twitter.com/search?q=%23Google
Title: #Google

Search URL Search Domain Scan URL

URL: https://t.co/qbBoOTOOC8
Title: https://t.co/qbBoOTOOC8

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost
Title: Follow @threatpost

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en
Title: Ad

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://secure.gravatar.com/avatar/cf0bd571eb10c9271cffbe9110970e82?s=60&d=https%3A%2F%2Fthreatpost.com%2Fwp-content%2Fthemes%2Fthreatpost-2018%2Fassets%2Fimages%2Favatar-default.jpg&r=g HTTP 302
https://i0.wp.com/threatpost.com/wp-content/themes/threatpost-2018/assets/images/avatar-default.jpg?ssl=1

Request Chain 63

https://www.google-analytics.com/r/collect?v=1&_v=j73&aip=1&a=2135741514&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&ul=en-us&de=UTF-8&dt=Easter%20Attack%20Affects%20Half%20a%20Billion%20Apple%20iOS%20Users%20via%20Chrome%20Bug%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YAhAAEAB~&jid=1057307552&gjid=1390964599&cid=1026937027.1555736685&tid=UA-35676203-21&_gid=1548201409.1555736685&_r=1&gtm=2wg430PM29HLF&z=890035578 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35676203-21&cid=1026937027.1555736685&jid=1057307552&_gid=1548201409.1555736685&gjid=1390964599&_v=j73&z=890035578 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1026937027.1555736685&jid=1057307552&_v=j73&z=890035578 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1026937027.1555736685&jid=1057307552&_v=j73&z=890035578&slf_rd=1&random=1738942688

Request Chain 72

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1555736685278&ns_c=UTF-8&cv=3.1&c8=Easter%20Attack%20Affects%20Half%20a%20Billion%20Apple%20iOS%20Users%20via%20Chrome%20Bug%20%7C%20Threatpost&c7=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1555736685278&ns_c=UTF-8&cv=3.1&c8=Easter%20Attack%20Affects%20Half%20a%20Billion%20Apple%20iOS%20Users%20via%20Chrome%20Bug%20%7C%20Threatpost&c7=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&c9=

Request Chain 77

https://server.exposebox.com/rcm HTTP 302
https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_hsj09x7

Request Chain 78

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4b95fb08-f162-4e07-98a4-2dcd963e89c2

Request Chain 79

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
https://tags.bluekai.com/site/38310?id=dFLp8oHnnHma589CbnetvEKfkQRU47HzF6MUViOAn0I%3D&redir=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DdFLp8oHnnHma589CbnetvEKfkQRU47HzF6MUViOAn0I%253D HTTP 302
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=dFLp8oHnnHma589CbnetvEKfkQRU47HzF6MUViOAn0I%3D

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESECbH_j7VV7DMukSPLo2xEis&google_cver=1

Request Chain 83

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=4af0d310-6dbb-40ca-b913-2f6344bb59b9 HTTP 302
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=4af0d310-6dbb-40ca-b913-2f6344bb59b9&tbid=4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded&query=taboola_hm%3D4af0d310-6dbb-40ca-b913-2f6344bb59b9

Request Chain 84

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded HTTP 302
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=aeb067b6-251b-4533-b5ef-1118a16080b3 HTTP 302
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=aeb067b6-251b-4533-b5ef-1118a16080b3&tbid=4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded&query=taboola_hm%3Daeb067b6-251b-4533-b5ef-1118a16080b3

Request Chain 86

https://x.bidswitch.net/sync?ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola HTTP 302
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=taboola&gdpr=1&gdpr_consent=&user_id=TsWenRqeyphWkMvLHcDRyUqTxc9WlJjJTMCxA6Fy HTTP 302
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=74649b2d-6adb-47f8-a9d0-616a74f39c48 HTTP 302
https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=74649b2d-6adb-47f8-a9d0-616a74f39c48&tbid=4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded&query=taboola_hm%3D74649b2d-6adb-47f8-a9d0-616a74f39c48

Request Chain 87

https://asn.advolution.de/00015c1c6F001441f/tpx.gif?rnd=[1]&async=1&url=//m.exactag.com/ai.aspx?extProvId=44&extPu=1021&extLi=DE-3709&extCr=82975&extPm=89116 HTTP 302
https://m.exactag.com/ai.aspx?extProvId=44&extPu=1021&extLi=DE-3709&extCr=82975&extPm=89116

Request Chain 124

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=2135741514&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&ul=en-us&de=UTF-8&dt=Easter%20Attack%20Affects%20Half%20a%20Billion%20Apple%20iOS%20Users%20via%20Chrome%20Bug%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aAjAAUAB~&jid=822463235&gjid=1973556132&cid=1026937027.1555736685&tid=UA-109681207-2&_gid=1548201409.1555736685&_r=1&gtm=2ou430&z=1512866920 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109681207-2&cid=1026937027.1555736685&jid=822463235&_gid=1548201409.1555736685&gjid=1973556132&_v=j73&z=1512866920 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109681207-2&cid=1026937027.1555736685&jid=822463235&_v=j73&z=1512866920 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109681207-2&cid=1026937027.1555736685&jid=822463235&_v=j73&z=1512866920&slf_rd=1&random=382751552

145 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
threatpost.com/easter-attack-apple-ios/143901/ 82 KB
22 KB 607ms
204ms Document
text/html 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

158bd43fb88ee154b20d48484e2f2af54e5d7f76d0d3db9999c2b7460451de95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: threatpost.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx
Date: Sat, 20 Apr 2019 05:04:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Link: <https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/?p=143901>; rel=shortlink
x-cache-hit: HIT
Content-Encoding: gzip

GET
H/1.1 200
OK main.css
threatpost.com/wp-content/themes/threatpost-2018/assets/css/ 217 KB
34 KB 316ms
105ms Stylesheet
text/css 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 07de1271b7abfe530b38ad20f1148064fe30d6bb023a86e708d19ccfb60c3aa4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Sat, 20 Apr 2019 05:04:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Apr 2019 13:19:16 GMT
Server: nginx
ETag: W/"5cb9cad4-362bc"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=604800 public
Connection: close
Expires: Sat, 27 Apr 2019 05:04:44 GMT

GET
H2 200 /
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 37 KB
11 KB 51ms
7ms Stylesheet
text/css 2600:9000:2047:2000:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-kaspersky-widgets/css/trending-authors.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=48e88f79

Requested by

Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:2000:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

79a313df5ecfda53fd0e23585057e83d22ff1f741e3ccd5f1418ca5082cba9a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-kaspersky-widgets/css/trending-authors.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=48e88f79
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: assets.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 19 Apr 2019 13:03:25 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 57679
x-cache: Hit from cloudfront
status: 200
content-length: 10608
last-modified: Fri, 19 Apr 2019 13:03:11 GMT
server: nginx
x-cache-hit: HIT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
via: 1.1 9edca61f65102033971d096a9351690a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-id: iSfX1pu9AwlgWabqtg78Fcs0vHV43BqTlLAb7DVC6Zmas-M3kcRt5A==
expires: Sat, 20 Apr 2019 13:03:24 GMT

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 17 KB
6 KB 66ms
11ms Script
application/javascript 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js?ver=4.9.10

Requested by

Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:44 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:22 GMT
server: cloudflare
etag: W/"5afd4abe-45f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 09 Apr 2020 05:04:44 GMT
cache-control: public, max-age=30672000
cf-ray: 4ca494458b12c279-FRA
served-in-seconds: 0.013

GET
H/1.1 200
OK jquery.js Show response
threatpost.com/wp-includes/js/jquery/ 95 KB
37 KB 445ms
221ms Script
application/x-javascript 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Sat, 20 Apr 2019 05:04:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Mar 2019 01:13:06 GMT
Server: nginx
ETag: W/"5c885922-17ba0"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800 public
Connection: close
Expires: Sat, 27 Apr 2019 05:04:44 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 133 KB
35 KB 54ms
10ms Script
application/x-javascript 2600:9000:2047:2000:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/adrupt-options/dist/js/adrupt.ads.min.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/kaspersky-taboola-ads/assets/js/start.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=48e88f79

Requested by

Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:2000:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

60f7c04e003009ea44b161f7a8c4c76f14ae490a3937ceaaf1be52e1a7e8aa60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/adrupt-options/dist/js/adrupt.ads.min.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/kaspersky-taboola-ads/assets/js/start.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=48e88f79
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: assets.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 19 Apr 2019 13:03:24 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 57679
x-cache: Hit from cloudfront
status: 200
content-length: 35435
last-modified: Fri, 19 Apr 2019 13:03:13 GMT
server: nginx
x-cache-hit: MISS
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
via: 1.1 9edca61f65102033971d096a9351690a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-id: FMMAz5B-PYaKO2bQbKaN7NToiLDpGH4PE-ukZtoh6qO44cJXOy5dHg==
expires: Sat, 20 Apr 2019 13:03:24 GMT

GET
H/1.1 200
OK / Show response
kasperskycontenthub.com/ 0
367 B 535ms
100ms Script
application/javascript 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=1841203759&back=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 20 Apr 2019 05:04:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
x-cache-hit: HIT
Transfer-Encoding: chunked
Connection: close
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK adrupt_style.css
threatpost.com/wp-content/plugins/adrupt-options/dist/css/ 0
331 B 333ms
109ms Stylesheet
text/css 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/plugins/adrupt-options/dist/css/adrupt_style.css
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Sat, 20 Apr 2019 05:04:44 GMT
Last-Modified: Fri, 19 Apr 2019 13:19:12 GMT
Server: nginx
ETag: "5cb9cad0-0"
Content-Type: text/css
Cache-Control: max-age=604800 public
Connection: close
Accept-Ranges: bytes
Content-Length: 0
Expires: Sat, 27 Apr 2019 05:04:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 86 KB
32 KB 52ms
18ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e5c3cc4737389ccda70f782d1d63683a2f0bda244edd13d6a5ab3684ce44e5ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 32763
x-xss-protection: 0
server: cafe
etag: 6830608836913287788
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 20 Apr 2019 05:04:44 GMT

GET
H2 200 Apple_DLL_Hijack.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/04/18114318/ 29 KB
29 KB 147ms
9ms Image
image/jpeg 2600:9000:2047:5400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/04/18114318/Apple_DLL_Hijack.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:5400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4db8a4372cd8e036f461a47200bc0f2bc42fa5159d34439c57ce49667d7983b7

Request headers

:path: /wp-content/uploads/sites/103/2019/04/18114318/Apple_DLL_Hijack.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: media.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Apr 2019 16:01:08 GMT
via: 1.1 412049da39a44d4e9af054ecc17534dd.cloudfront.net (CloudFront), 1.1 91db3e27f70759a0dea967c4b34efea9.cloudfront.net (CloudFront)
last-modified: Thu, 18 Apr 2019 15:43:20 GMT
server: AmazonS3
age: 133417
etag: "e64bb1cc22038f46b89f5f695ef8c506"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 29364
x-amz-cf-id: kPpJ5Q92h1Kj8So6YnSrATp94OQ2kqcCtp9ruuM8J-IYYhihDJuvrw==
expires: Fri, 17 Apr 2020 15:43:18 GMT

GET
H2 200 Tara-headshot.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/08/15114841/ 13 KB
13 KB 8ms
8ms Image
image/jpeg 2600:9000:2047:5400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/08/15114841/Tara-headshot.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:5400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89ce08431545cd3c6d42419d99ee0152027a68c1d0c7c82838cc9a51d9d52451

Request headers

:path: /wp-content/uploads/sites/103/2018/08/15114841/Tara-headshot.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: media.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 23 Mar 2019 08:22:47 GMT
via: 1.1 fdb19a60fef99ccf6faacc3588fcd922.cloudfront.net (CloudFront), 1.1 91db3e27f70759a0dea967c4b34efea9.cloudfront.net (CloudFront)
last-modified: Fri, 17 Aug 2018 16:22:08 GMT
server: AmazonS3
age: 2407318
etag: "dee18dfeea6de13bec60c1e5237eb723"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13097
x-amz-cf-id: ljLLAqY_Kv3yIsqKgl9pdfBbfAB18A8ZmtY7_9NYYUY9x35ywEQuGA==
expires: Sat, 17 Aug 2019 16:22:07 GMT

GET
H2 200 subscribe2.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/02/19151457/ 8 KB
8 KB 7ms
7ms Image
image/jpeg 2600:9000:2047:5400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/02/19151457/subscribe2.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:5400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa64fa30a3263fa3105736228a6feaaa4f7d32d8ef96b12e56f6fb95511b66a7

Request headers

:path: /wp-content/uploads/sites/103/2019/02/19151457/subscribe2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: media.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 23 Mar 2019 06:31:20 GMT
via: 1.1 d79148f01e44f5598c15bdd5ce1c1997.cloudfront.net (CloudFront), 1.1 91db3e27f70759a0dea967c4b34efea9.cloudfront.net (CloudFront)
last-modified: Tue, 19 Feb 2019 20:14:58 GMT
server: AmazonS3
age: 2414005
etag: "5ba45563f793f39ef6baf02645651654"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8281
x-amz-cf-id: 7vkACNPZ0cOCJOjgA9pnDE6BOv98zYNJ9Rx-S2vRq73EcN-r5LbNhA==
expires: Wed, 19 Feb 2020 20:14:57 GMT

GET
H2 200 ios_popup-259x300.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/04/18165700/ 12 KB
13 KB 8ms
8ms Image
image/jpeg 2600:9000:2047:5400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/04/18165700/ios_popup-259x300.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:5400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41665ec619f1f6a97e8953a01e4af3f81d5d8f2876e9bd6b0c13ec7afa6d1225

Request headers

:path: /wp-content/uploads/sites/103/2019/04/18165700/ios_popup-259x300.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: media.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Apr 2019 21:53:20 GMT
via: 1.1 b541956a3e11a8d6bd72d74e925ca434.cloudfront.net (CloudFront), 1.1 91db3e27f70759a0dea967c4b34efea9.cloudfront.net (CloudFront)
last-modified: Thu, 18 Apr 2019 20:57:01 GMT
server: AmazonS3
age: 112285
etag: "080f0e78f40f9e410ecce8dcdff37464"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12468
x-amz-cf-id: umOFw3HTMOIC7QIfSlYnHnUFVT_ENzPaERUbvO1lGWI7MlKomnQnHg==
expires: Fri, 17 Apr 2020 20:57:00 GMT

GET
H2 200 iPhone-Safari-malware-300x180.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/04/18165727/ 11 KB
11 KB 7ms
7ms Image
image/jpeg 2600:9000:2047:5400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/04/18165727/iPhone-Safari-malware-300x180.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:5400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9be8f069c9a92e57fed49fc8de59775a3dfd1935d4a64f5917154c98436c80d

Request headers

:path: /wp-content/uploads/sites/103/2019/04/18165727/iPhone-Safari-malware-300x180.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: media.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Apr 2019 22:31:11 GMT
via: 1.1 a2289d8b15b881db1c42086062568883.cloudfront.net (CloudFront), 1.1 91db3e27f70759a0dea967c4b34efea9.cloudfront.net (CloudFront)
last-modified: Thu, 18 Apr 2019 20:57:28 GMT
server: AmazonS3
age: 110014
etag: "c68e0b90f2567d6b3369934303bf7ab2"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10770
x-amz-cf-id: d666JnRGky4WWzztxmMMzC8iN_YESgiPQDz5uEZvDew2ZJkhsNCdHQ==
expires: Fri, 17 Apr 2020 20:57:27 GMT

GET
H2 200 weather-channel1-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/04/18162023/ 16 KB
16 KB 6ms
6ms Image
image/jpeg 2600:9000:2047:5400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/04/18162023/weather-channel1-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:5400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86b7ccaa2f4514958592d86d80c00afbf2978f0dd547ecf27cf3ae0725cb5774

Request headers

:path: /wp-content/uploads/sites/103/2019/04/18162023/weather-channel1-540x270.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: media.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Apr 2019 20:24:27 GMT
via: 1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront), 1.1 91db3e27f70759a0dea967c4b34efea9.cloudfront.net (CloudFront)
last-modified: Thu, 18 Apr 2019 20:20:26 GMT
server: AmazonS3
age: 117618
etag: "2b843761b13014b381fd755f5485c9e9"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16438
x-amz-cf-id: kW2l2sHS-FQMtEkFHcOvDzN5fnYAdkyGuNNmTBcBKwL1xYmIUtDDgg==
expires: Fri, 17 Apr 2020 20:20:23 GMT

GET
H2 200 breach-2018-year-in-review-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/12/19164049/ 36 KB
36 KB 8ms
7ms Image
image/jpeg 2600:9000:2047:5400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/12/19164049/breach-2018-year-in-review-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:5400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 151c3dcb260a184635c1f2deb0dfe7972b0a71ac9167745dd7647c3c3d12aba7

Request headers

:path: /wp-content/uploads/sites/103/2018/12/19164049/breach-2018-year-in-review-540x270.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: media.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 18 Apr 2019 18:57:16 GMT
via: 1.1 a2289d8b15b881db1c42086062568883.cloudfront.net (CloudFront), 1.1 91db3e27f70759a0dea967c4b34efea9.cloudfront.net (CloudFront)
last-modified: Wed, 19 Dec 2018 21:40:52 GMT
server: AmazonS3
age: 122849
etag: "37ddd682fd14c423b6781c153a6959ae"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 36715
x-amz-cf-id: 4I48OC7UVTzqt5XjuVJSwrDfWg7ETqvRCSOy1GxX8v-jk23uoBaGgA==
expires: Thu, 19 Dec 2019 21:40:49 GMT

GET
H2 200 vulnerable-medical-featured-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/08/30091211/ 38 KB
38 KB 11ms
11ms Image
image/jpeg 2600:9000:2047:5400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/08/30091211/vulnerable-medical-featured-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:5400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c87632d69189fb1ea3c4d5dff1b6261a3ac3d2bdfd45c185465da6ff19f8697

Request headers

:path: /wp-content/uploads/sites/103/2018/08/30091211/vulnerable-medical-featured-540x270.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: media.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 07 Jan 2019 15:42:18 GMT
via: 1.1 249b0d921fdb938596674ad935677340.cloudfront.net (CloudFront), 1.1 91db3e27f70759a0dea967c4b34efea9.cloudfront.net (CloudFront)
last-modified: Thu, 30 Aug 2018 13:12:14 GMT
server: AmazonS3
age: 8860947
etag: "c6640d7da2fe8e66012bc5ee5ff7ede9"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 38465
x-amz-cf-id: TqDWNIn9SJPMkSAhwncS6R-O_b-arK_Ep--zLPTspkYQsiGoednFgg==
expires: Fri, 30 Aug 2019 13:12:11 GMT

GET
H2

404

avatar-default.jpg
i0.wp.com/threatpost.com/wp-content/themes/threatpost-2018/assets/images/
Redirect Chain

https://secure.gravatar.com/avatar/cf0bd571eb10c9271cffbe9110970e82?s=60&d=https%3A%2F%2Fthreatpost.com%2Fwp-content%2Fthemes%2Fthreatpost-2018%2Fassets%2Fimages%2Favatar-default.jpg&r=g
https://i0.wp.com/threatpost.com/wp-content/themes/threatpost-2018/assets/images/avatar-default.jpg?ssl=1

65 B
65 B

422ms
396ms

Image
text/html

192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.wp.com/threatpost.com/wp-content/themes/threatpost-2018/assets/images/avatar-default.jpg?ssl=1
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: i1.wp.com
Software: nginx /
Resource Hash: 3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 404
x-nc: EXPIRED fra 20
date: Sat, 20 Apr 2019 05:04:45 GMT
server: nginx
content-type: text/html; charset=utf-8

Redirect headers

x-nc: HIT vie 1
date: Sat, 20 Apr 2019 05:04:44 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
source-age: 56532
location: https://i0.wp.com/threatpost.com/wp-content/themes/threatpost-2018/assets/images/avatar-default.jpg?ssl=1
content-type: text/html; charset=utf-8
status: 302
cache-control: max-age=300
link: <https://www.gravatar.com/avatar/cf0bd571eb10c9271cffbe9110970e82?s=60&d=https%3A%2F%2Fthreatpost.com%2Fwp-content%2Fthemes%2Fthreatpost-2018%2Fassets%2Fimages%2Favatar-default.jpg&r=g>; rel="canonical"
content-length: 0
expires: Sat, 20 Apr 2019 05:09:44 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 762 B
537 B 16ms
16ms Script
text/javascript 2a00:1450:4001:81e::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

b9b8ef6b88b16d3b65955c4209e539f0f75deb19b77c24787e7266b706f679a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 448
x-xss-protection: 1; mode=block
expires: Sat, 20 Apr 2019 05:04:44 GMT

GET
H2 200 Encryption-2018-year-in-review2-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/12/21144357/ 1 KB
2 KB 7ms
7ms Image
image/jpeg 2600:9000:2047:5400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/12/21144357/Encryption-2018-year-in-review2-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:5400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ff0e5e1826e93da235848615a061a85bbdca78c6fab7a5242fa28f0ce77a87f

Request headers

:path: /wp-content/uploads/sites/103/2018/12/21144357/Encryption-2018-year-in-review2-64x64.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: media.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 17 Apr 2019 18:10:22 GMT
via: 1.1 1f95d1a95c6f2df8073daccac07b7570.cloudfront.net (CloudFront), 1.1 91db3e27f70759a0dea967c4b34efea9.cloudfront.net (CloudFront)
last-modified: Fri, 21 Dec 2018 19:44:00 GMT
server: AmazonS3
age: 212063
etag: "55983f1fe2fb32040ef9734e1a3d502d"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1244
x-amz-cf-id: qfyIc39V5g5LNLmuQEmDskPdYxY2RSo5Fd9QDbOosCXPOajHBTytUA==
expires: Sat, 21 Dec 2019 19:43:57 GMT

GET
H2 200 shutterstock_377739694-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2016/11/06232644/ 2 KB
3 KB 7ms
6ms Image
image/jpeg 2600:9000:2047:5400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2016/11/06232644/shutterstock_377739694-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:5400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0768f4ef72f0b9e8755313ac742b870acc76a7c302cdfe52a9fa677168c9aa3f

Request headers

:path: /wp-content/uploads/sites/103/2016/11/06232644/shutterstock_377739694-64x64.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: media.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 17 Apr 2019 18:11:21 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront), 1.1 91db3e27f70759a0dea967c4b34efea9.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jul 2018 01:14:29 GMT
server: AmazonS3
age: 212004
etag: "68c4fc1e409abfdc4889256aaa021e12"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2226
x-amz-cf-id: 2umUzsNK3Mf4mWiFgeyEC5FMmqVK_AwzsPWfTwnOMK8uujr0ulQYuA==
expires: Wed, 03 Jul 2019 01:14:25 GMT

GET
H2 200 DDoS-year-in-review-2018-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/12/19164130/ 2 KB
2 KB 7ms
6ms Image
image/jpeg 2600:9000:2047:5400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/12/19164130/DDoS-year-in-review-2018-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:5400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4515e53b3ec6a75595c3f6eb488eb24f9f574d2922e8c4c71653f695d7bbe74

Request headers

:path: /wp-content/uploads/sites/103/2018/12/19164130/DDoS-year-in-review-2018-64x64.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: media.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 17 Apr 2019 00:36:10 GMT
via: 1.1 6558236a06004e2e5ed43d07e2124e70.cloudfront.net (CloudFront), 1.1 91db3e27f70759a0dea967c4b34efea9.cloudfront.net (CloudFront)
last-modified: Wed, 19 Dec 2018 21:41:32 GMT
server: AmazonS3
age: 275315
etag: "9591fd046b27c225210b9b47aa1ccb8f"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1689
x-amz-cf-id: pXN7c8g_RUvQibLqCwnL5aA5gtftb104yuBndwscYnR4YDgdAJ2WNw==
expires: Thu, 19 Dec 2019 21:41:30 GMT

GET
H2 200 WordPress-patch-dlya-XSS-700x412-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/04/12095249/ 2 KB
3 KB 7ms
6ms Image
image/jpeg 2600:9000:2047:5400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/04/12095249/WordPress-patch-dlya-XSS-700x412-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:5400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d57d91ed032154ff092267af35b6ea00ed8e5f2a8ba74ba986d0772f9cce29c7

Request headers

:path: /wp-content/uploads/sites/103/2019/04/12095249/WordPress-patch-dlya-XSS-700x412-64x64.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: media.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 17 Apr 2019 18:13:25 GMT
via: 1.1 bd785324d865b594e6f1838b58cb0dae.cloudfront.net (CloudFront), 1.1 91db3e27f70759a0dea967c4b34efea9.cloudfront.net (CloudFront)
last-modified: Fri, 12 Apr 2019 13:52:52 GMT
server: AmazonS3
age: 211880
etag: "670af681cd9737272cf64de6d576e3a9"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2553
x-amz-cf-id: foiF0UpTcQRwpEtG-ccAxFJWlAu42jtZPSyk-cu9NmHu4fCYlBeJJg==
expires: Sat, 11 Apr 2020 13:52:49 GMT

GET
H2 200 Talk-Security-Podcast-Dark-Hotel-and-WireLurker-1-64x64.png
media.threatpost.com/wp-content/uploads/sites/103/2018/10/17114359/ 3 KB
3 KB 7ms
6ms Image
image/png 2600:9000:2047:5400:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/10/17114359/Talk-Security-Podcast-Dark-Hotel-and-WireLurker-1-64x64.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:5400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c7b4b4ce1f74f44ad090157fae7940b4d4b5682b410ccb6ad1c61f46e5f898b

Request headers

:path: /wp-content/uploads/sites/103/2018/10/17114359/Talk-Security-Podcast-Dark-Hotel-and-WireLurker-1-64x64.png
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: media.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 17 Apr 2019 00:36:10 GMT
via: 1.1 7e6ac12144acebd1fc302708f2ecfad6.cloudfront.net (CloudFront), 1.1 91db3e27f70759a0dea967c4b34efea9.cloudfront.net (CloudFront)
last-modified: Wed, 17 Oct 2018 15:44:03 GMT
server: AmazonS3
age: 275315
etag: "420b3079b162c78dbbf869aa13944b62"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2582
x-amz-cf-id: uKSmbt8l9O_yHgL5FEKuRA85focFHNeemlnxWr5c5sMV5Ez-pjYw2w==
expires: Thu, 17 Oct 2019 15:43:59 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 2 KB
1 KB 7ms
6ms Script
application/x-javascript 2600:9000:2047:2000:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/jquery.json.min.js&ver=48e88f79

Requested by

Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:2000:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

a9f6c03ce6f4d1654f29f2136651e883198d509cb2e26af1c24b1f87b6ccae13

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/jquery.json.min.js&ver=48e88f79
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: assets.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 19 Apr 2019 13:03:24 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 57680
x-cache: Hit from cloudfront
status: 200
content-length: 935
last-modified: Fri, 19 Apr 2019 13:03:10 GMT
server: nginx
x-cache-hit: HIT
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
via: 1.1 9edca61f65102033971d096a9351690a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-id: haSVPOPsd3hxP5YGAR2J8qOFm6jtkP_iMC219N4Cp3VNKTXQzXmikg==
expires: Sat, 20 Apr 2019 13:03:24 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 26 KB
9 KB 7ms
6ms Script
application/x-javascript 2600:9000:2047:2000:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/gravityforms.min.js&ver=48e88f79

Requested by

Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:2000:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

a783d2ad42c380bc896219c080fa845d1e9f2e77483558103aeb296b95b85701

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/gravityforms.min.js&ver=48e88f79
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: assets.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 19 Apr 2019 13:03:24 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 57680
x-cache: Hit from cloudfront
status: 200
content-length: 8382
last-modified: Fri, 19 Apr 2019 13:03:09 GMT
server: nginx
x-cache-hit: MISS
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
via: 1.1 9edca61f65102033971d096a9351690a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-id: ZTd4s2SFTl0M34DkDkNdAT3KEgzXSaNYBgL3clVheXFAoQuRYEgxpg==
expires: Sat, 20 Apr 2019 13:03:24 GMT

GET
H2 200 /
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 160 B
526 B 49ms
8ms Stylesheet
text/css 2600:9000:2047:2000:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityformsmailchimp/css/form_settings.css&ver=48e88f79

Requested by

Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:2000:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

0590be5083a6babff6571bd27f87886c08720e623045c8aae01bc54054c26219

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityformsmailchimp/css/form_settings.css&ver=48e88f79
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: assets.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 19 Apr 2019 13:03:24 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 57680
x-cache: Hit from cloudfront
status: 200
content-length: 135
last-modified: Fri, 19 Apr 2019 13:03:10 GMT
server: nginx
x-cache-hit: HIT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
via: 1.1 9edca61f65102033971d096a9351690a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-id: wGQtppFl-HsJOnHtSG5VxfqaniY7Cz_nkvDJaJpnRzNzLnnXDEWrsg==
expires: Sat, 20 Apr 2019 13:03:24 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 13 KB
5 KB 222ms
222ms Script
application/x-javascript 2600:9000:2047:2000:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-taboola-ads/assets/js/end.js,wp-includes/js/wp-embed.min.js,wp-content/plugins/gravityforms/js/conditional_logic.min.js,wp-content/plugins/gravityforms/js/placeholders.jquery.min.js,wp-content/plugins/akismet/_inc/form.js&ver=48e88f79

Requested by

Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:2000:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

e697ae92648ccad15ada450ecbd959853b72bb5b977112896334a50ddfc1c0b4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-taboola-ads/assets/js/end.js,wp-includes/js/wp-embed.min.js,wp-content/plugins/gravityforms/js/conditional_logic.min.js,wp-content/plugins/gravityforms/js/placeholders.jquery.min.js,wp-content/plugins/akismet/_inc/form.js&ver=48e88f79
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: assets.threatpost.com
referer: https://threatpost.com/easter-attack-apple-ios/143901/
:scheme: https
:method: GET
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 19 Apr 2019 13:05:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 57582
x-cache: Hit from cloudfront
status: 200
content-length: 4760
last-modified: Fri, 19 Apr 2019 13:03:10 GMT
server: nginx
x-cache-hit: HIT
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
via: 1.1 9edca61f65102033971d096a9351690a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-id: PhHNDVN7aBKXgD0F1viJozSVvy84xDgWLEP5CG-Mw9fWwpGjXxzYsQ==
expires: Sat, 20 Apr 2019 13:03:50 GMT

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 17 KB
5 KB 10ms
10ms Script
application/javascript 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js?adrupt.js

Requested by

Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/adrupt-options/dist/js/adrupt.ads.min.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/kaspersky-taboola-ads/assets/js/start.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=48e88f79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:44 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:22 GMT
server: cloudflare
etag: W/"5afd4abe-45f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 09 Apr 2020 05:04:44 GMT
cache-control: public, max-age=30672000
cf-ray: 4ca494481906c279-FRA
served-in-seconds: 0.013

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 63 KB
24 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:814::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109681207-2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:814::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

4df31579b4a1750518a552d3a66ba8a8831ac09345730358d7e77006bb8125e8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:44 GMT
content-encoding: br
last-modified: Fri, 19 Apr 2019 21:22:44 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 24713
x-xss-protection: 0
expires: Sat, 20 Apr 2019 05:04:44 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/threatpost--network/ 65 KB
18 KB 228ms
183ms Script
application/javascript 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/threatpost--network/loader.js
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/adrupt-options/dist/js/adrupt.ads.min.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/kaspersky-taboola-ads/assets/js/start.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=48e88f79
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b536eba66aac4492da7e98c54bbe148cdc6308b8e54ab0799fc7edd203652423

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: AgIvleucbvJ1uABwKiW6RgCUW7SAS..e
content-encoding: gzip
age: 0
x-cache: HIT
status: 200
date: Sat, 20 Apr 2019 05:04:45 GMT
content-length: 17801
x-amz-id-2: BvByF7h3Tp2Pad9sfheo6AhglgmJr/uora2yTnaQdHl1J8NvdDbdMsaVycjjYFCOZvtFkmBVRfA=
x-served-by: cache-hhn1541-HHN
last-modified: Sun, 14 Apr 2019 11:15:54 GMT
server: AmazonS3
x-timer: S1555736685.900641,VS0,VE175
etag: "6dd48c99b325cbe00e2693cf4176d110"
vary: Accept-Encoding
x-amz-request-id: 0ADEA48F2B27D673
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 71
x-cache-hits: 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 63 KB
21 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:814::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Requested by

Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:814::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

d521d893fa2493562b9fdc3040270e5d93efb3256c010de0b45074460ff7f2e2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:44 GMT
content-encoding: br
last-modified: Fri, 19 Apr 2019 21:22:44 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 21379
x-xss-protection: 0
expires: Sat, 20 Apr 2019 05:04:44 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/ 11 KB
4 KB 742ms
104ms Other
image/svg+xml 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 76ba07e059d9e2113f9c940f1a31efc95bd9d5badd68bbc3637177e892a08099

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Sat, 20 Apr 2019 05:04:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Apr 2019 13:19:16 GMT
Server: nginx
ETag: W/"5cb9cad4-2b9f"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800 public
Connection: close
Expires: Sat, 27 Apr 2019 05:04:45 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 11 KB
4 KB 748ms
107ms Other
image/svg+xml 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 76ba07e059d9e2113f9c940f1a31efc95bd9d5badd68bbc3637177e892a08099

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Sat, 20 Apr 2019 05:04:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Apr 2019 13:19:13 GMT
Server: nginx
ETag: W/"5cb9cad1-2b9f"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800 public
Connection: close
Expires: Sat, 27 Apr 2019 05:04:45 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
481 B 52ms
16ms Script
application/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=threatpost.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
481 B 57ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=threatpost.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/ 205 KB
77 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c81c2a184926f0de9792b39184045e08acca0d2a72aa59927de411d787d759ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 78248
x-xss-protection: 0
server: cafe
etag: 18145366447081761562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Apr 2019 05:04:44 GMT

GET
H/1.1 200
OK logo.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 19 KB
19 KB 746ms
111ms Image
image/png 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Sat, 20 Apr 2019 05:04:45 GMT
Last-Modified: Fri, 19 Apr 2019 13:19:16 GMT
Server: nginx
ETag: "5cb9cad4-4a32"
Content-Type: image/png
Cache-Control: max-age=604800 public
Connection: close
Accept-Ranges: bytes
Content-Length: 18994
Expires: Sat, 27 Apr 2019 05:04:45 GMT

GET
H/1.1 200
OK museosans-700-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 400ms
204ms Font
font/woff2 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Pragma: no-cache
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Origin: https://threatpost.com

Response headers

Pragma: public
Date: Sat, 20 Apr 2019 05:04:45 GMT
Last-Modified: Fri, 19 Apr 2019 13:19:13 GMT
Server: nginx
ETag: "5cb9cad1-51a4"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 20900
Expires: Sun, 19 Apr 2020 05:04:45 GMT

GET
H/1.1 200
OK museosans-100-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 401ms
205ms Font
font/woff2 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Pragma: no-cache
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Origin: https://threatpost.com

Response headers

Pragma: public
Date: Sat, 20 Apr 2019 05:04:45 GMT
Last-Modified: Fri, 19 Apr 2019 13:19:13 GMT
Server: nginx
ETag: "5cb9cad1-50c8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 20680
Expires: Sun, 19 Apr 2020 05:04:45 GMT

GET
H/1.1 200
OK museosans-300-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 406ms
198ms Font
font/woff2 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Pragma: no-cache
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Origin: https://threatpost.com

Response headers

Pragma: public
Date: Sat, 20 Apr 2019 05:04:45 GMT
Last-Modified: Fri, 19 Apr 2019 13:19:13 GMT
Server: nginx
ETag: "5cb9cad1-51b8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 20920
Expires: Sun, 19 Apr 2020 05:04:45 GMT

GET
H/1.1 200
OK museosans-500-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 407ms
199ms Font
font/woff2 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Pragma: no-cache
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Origin: https://threatpost.com

Response headers

Pragma: public
Date: Sat, 20 Apr 2019 05:04:45 GMT
Last-Modified: Fri, 19 Apr 2019 13:19:13 GMT
Server: nginx
ETag: "5cb9cad1-5194"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 20884
Expires: Sun, 19 Apr 2020 05:04:45 GMT

GET
H/1.1 200
OK museosans-300italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 23 KB
23 KB 423ms
207ms Font
font/woff2 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

Pragma: no-cache
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Origin: https://threatpost.com

Response headers

Pragma: public
Date: Sat, 20 Apr 2019 05:04:45 GMT
Last-Modified: Fri, 19 Apr 2019 13:19:16 GMT
Server: nginx
ETag: "5cb9cad4-5bac"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 23468
Expires: Sun, 19 Apr 2020 05:04:45 GMT

GET
H/1.1 200
OK museosans-700italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 15 KB
16 KB 441ms
216ms Font
font/woff2 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Pragma: no-cache
Origin: https://threatpost.com
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Origin: https://threatpost.com

Response headers

Pragma: public
Date: Sat, 20 Apr 2019 05:04:45 GMT
Last-Modified: Fri, 19 Apr 2019 13:19:13 GMT
Server: nginx
ETag: "5cb9cad1-3dcc"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000 public
Connection: close
Accept-Ranges: bytes
Content-Length: 15820
Expires: Sun, 19 Apr 2020 05:04:45 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/ Frame 2DF8 205 KB
77 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c81c2a184926f0de9792b39184045e08acca0d2a72aa59927de411d787d759ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 78248
x-xss-protection: 0
server: cafe
etag: 18145366447081761562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Apr 2019 05:04:44 GMT

GET
H2 200 ca-pub-7500593236707325.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 68 B
209 B 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7500593236707325.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 19 Apr 2019 19:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
age: 35810
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 88
x-xss-protection: 0
expires: Sat, 20 Apr 2019 07:07:54 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190417/r20190131/ Frame B589 0
0 7ms
5ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190417/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190417/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://threatpost.com/easter-attack-apple-ios/143901/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/easter-attack-apple-ios/143901/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 17 Apr 2019 14:01:07 GMT
expires: Wed, 01 May 2019 14:01:07 GMT
content-type: text/html; charset=UTF-8
etag: 3275482936266559025
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6909
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 227017
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1554100419869/ 261 KB
91 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1554100419869/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

07a045bd0b098c8ca4b92ec31d5247281c8db4ea451d53db155b50bd2e388a70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Apr 2019 21:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Apr 2019 21:15:00 GMT
server: sffe
age: 1495491
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 93196
x-xss-protection: 0
expires: Wed, 01 Apr 2020 21:39:53 GMT

GET
H/1.1 200
OK mail-plane-light.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 828 B
722 B 638ms
101ms Image
image/svg+xml 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-light.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Sat, 20 Apr 2019 05:04:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Apr 2019 13:19:13 GMT
Server: nginx
ETag: W/"5cb9cad1-33c"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800 public
Connection: close
Expires: Sat, 27 Apr 2019 05:04:45 GMT

GET
H/1.1 200
OK twitter-blue.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 868 B
847 B 342ms
110ms Image
image/svg+xml 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/twitter-blue.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Cookie: _ga=GA1.2.1026937027.1555736685; _gid=GA1.2.1548201409.1555736685; _gat_UA-35676203-21=1; _fbp=fb.1.1555736685268.236298029
Connection: keep-alive
Cache-Control: no-cache
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Sat, 20 Apr 2019 05:04:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Apr 2019 13:19:15 GMT
Server: nginx
ETag: W/"5cb9cad3-364"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800 public
Connection: close
Expires: Sat, 27 Apr 2019 05:04:45 GMT

GET
H/1.1 200
OK mail-plane-large-dark.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 812 B
722 B 345ms
113ms Image
image/svg+xml 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-large-dark.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Cookie: _ga=GA1.2.1026937027.1555736685; _gid=GA1.2.1548201409.1555736685; _gat_UA-35676203-21=1; _fbp=fb.1.1555736685268.236298029
Connection: keep-alive
Cache-Control: no-cache
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Sat, 20 Apr 2019 05:04:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Apr 2019 13:19:16 GMT
Server: nginx
ETag: W/"5cb9cad4-32c"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800 public
Connection: close
Expires: Sat, 27 Apr 2019 05:04:45 GMT

GET
H/1.1 200
OK logo-white.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 10 KB
10 KB 319ms
102ms Image
image/png 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo-white.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
Cookie: _ga=GA1.2.1026937027.1555736685; _gid=GA1.2.1548201409.1555736685; _gat_UA-35676203-21=1; _fbp=fb.1.1555736685268.236298029; __qca=P0-652953207-1555736685290; trc_cookie_storage=threatpost-threatpost%253Asession-data%3Dv2_13b2147657b30a29af7da75c044756ce_4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded_1555736685_1555736685_CNawjgYQ459IGIrWh8mjLSABKAEwODib4wlAi4oQSMWWE1Cj7BBYAGAA%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522threatpost-threatpost%253Asession-data%2522%252C%2522taboola%2520global%253Alspb%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Alspb%3DCwsIQBDQpSoMCwhCENClKgwLCEwQ0KUqDAsIIBDQpSoMCwgkENClKgwLCGQQ0KUqDAsIJxDQpSoMCwgtENClKgwLCDsQ0KUqDAsIPxDQpSoMDBMU%7Ctaboola%2520global%253Auser-id%3D4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded
Connection: keep-alive
Cache-Control: no-cache
Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Sat, 20 Apr 2019 05:04:45 GMT
Last-Modified: Fri, 19 Apr 2019 13:19:13 GMT
Server: nginx
ETag: "5cb9cad1-260a"
Content-Type: image/png
Cache-Control: max-age=604800 public
Connection: close
Accept-Ranges: bytes
Content-Length: 9738
Expires: Sat, 27 Apr 2019 05:04:45 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame BAB4 0
0 40ms
39ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7500593236707325&output=html&adk=1812271804&adf=3025194257&lmt=1555736685&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2%2C6%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A32904%2C9%3A32904%2C16%3A8388608%2C27%3A128%2C30%3A1081472%2C32%3A128&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1555736684899&bpp=18&bdt=557&fdt=94&idt=93&shv=r20190417&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=6842927412409&frm=20&pv=2&ga_vid=1026937027.1555736685&ga_sid=1555736685&ga_hid=2135741514&ga_fc=0&iag=0&icsg=134415008&dssz=27&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21063245&oid=3&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=15&osw_key=272949454&ifi=0&uci=0.67z1rtooycht&fsb=1&dtd=110

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7500593236707325&output=html&adk=1812271804&adf=3025194257&lmt=1555736685&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2%2C6%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A32904%2C9%3A32904%2C16%3A8388608%2C27%3A128%2C30%3A1081472%2C32%3A128&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1555736684899&bpp=18&bdt=557&fdt=94&idt=93&shv=r20190417&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=6842927412409&frm=20&pv=2&ga_vid=1026937027.1555736685&ga_sid=1555736685&ga_hid=2135741514&ga_fc=0&iag=0&icsg=134415008&dssz=27&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21063245&oid=3&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=15&osw_key=272949454&ifi=0&uci=0.67z1rtooycht&fsb=1&dtd=110
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://threatpost.com/easter-attack-apple-ios/143901/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/easter-attack-apple-ios/143901/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Apr 2019 05:04:45 GMT
server: cafe
content-length: 44
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 20-Apr-2019 05:19:45 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires: Sat, 20 Apr 2019 05:04:45 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 76 KB
28 KB 121ms
50ms Script
text/javascript 2a00:1450:4016:80d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190417/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4016:80d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9fe96f11cd5e87cbfe3e2b73a62fe86ead3517929b425fb84ac287388a6db037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1555672411458484"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28613
x-xss-protection: 0
expires: Sat, 20 Apr 2019 05:04:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 5538
date: Sat, 20 Apr 2019 03:32:27 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17543
expires: Sat, 20 Apr 2019 05:32:27 GMT

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 12 KB
6 KB 153ms
27ms Script
application/x-javascript 91.228.74.212
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.212 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 20 Apr 2019 05:04:45 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20-Apr-2019 05:04:45 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Sat, 27 Apr 2019 05:04:45 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 84ms
20ms Script
application/javascript 151.101.120.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.157 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
content-encoding: gzip
age: 46627
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-cdg20728-CDG
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1555736685.102503,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 53 KB
15 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
x-fb-debug: 16+5sKgxm1KL05bk53NcEkG1XJo9L/kCWtwmJr2glqXfdkrvlPCSZ1dnr73QHIBY2HqP92VCslyy6dumPrR2tw==
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 20 Apr 2019 05:04:45 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
content-length: 15397
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 42 KB
11 KB 63ms
47ms Script
text/javascript 2a00:1450:4016:80d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4016:80d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7d6c8e4a8df6294aa4717f458670dad91720239ea5260e107ecfdaf5b6171507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "141 / 268 of 1000 / last-modified: 1555704992"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 11264
x-xss-protection: 0
expires: Sat, 20 Apr 2019 05:04:45 GMT

GET
H2 200 fontawesome-webfont.woff2
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/ 75 KB
76 KB 25ms
8ms Font
font/woff2 2600:9000:2047:e600:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:e600:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path: /wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://threatpost.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: assets.threatpost.com
referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-kaspersky-widgets/css/trending-authors.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=48e88f79
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-kaspersky-widgets/css/trending-authors.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=48e88f79
Origin: https://threatpost.com

Response headers

date: Wed, 27 Jun 2018 12:29:04 GMT
via: 1.1 23082ff4de65f70078e091bc7cd0cf24.cloudfront.net (CloudFront)
age: 25634140
x-cache: Hit from cloudfront
status: 200
content-length: 77160
pragma: public
last-modified: Wed, 27 Jun 2018 11:01:21 GMT
server: nginx
etag: "5b336e81-12d68"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000 public
accept-ranges: bytes
x-amz-cf-id: AUrOG3gaVzd3CGsj_u9R6AIi2gPqmpmEv04xByIs1hbSV4vuvqaIpw==
expires: Thu, 27 Jun 2019 12:29:04 GMT

GET
H/1.1 200
OK photo-newsletter.jpg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 83 KB
83 KB 438ms
214ms Image
image/jpeg 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/photo-newsletter.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 940e0c3385928422aae38e1a74f1d84b462d8ce1a056c686fde505a0bf3162bb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Cookie: _ga=GA1.2.1026937027.1555736685; _gid=GA1.2.1548201409.1555736685; _gat_UA-35676203-21=1; _fbp=fb.1.1555736685268.236298029; __qca=P0-652953207-1555736685290; trc_cookie_storage=threatpost-threatpost%253Asession-data%3Dv2_13b2147657b30a29af7da75c044756ce_4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded_1555736685_1555736685_CNawjgYQ459IGIrWh8mjLSABKAEwODib4wlAi4oQSMWWE1Cj7BBYAGAA%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522threatpost-threatpost%253Asession-data%2522%252C%2522taboola%2520global%253Alspb%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Alspb%3DCwsIQBDQpSoMCwhCENClKgwLCEwQ0KUqDAsIIBDQpSoMCwgkENClKgwLCGQQ0KUqDAsIJxDQpSoMCwgtENClKgwLCDsQ0KUqDAsIPxDQpSoMDBMU%7Ctaboola%2520global%253Auser-id%3D4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded
Connection: keep-alive
Cache-Control: no-cache
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Sat, 20 Apr 2019 05:04:45 GMT
Last-Modified: Fri, 19 Apr 2019 13:19:13 GMT
Server: nginx
ETag: "5cb9cad1-14c88"
Content-Type: image/jpeg
Cache-Control: max-age=604800 public
Connection: close
Accept-Ranges: bytes
Content-Length: 85128
Expires: Sat, 27 Apr 2019 05:04:45 GMT

GET
H2 200 / Show response
graph.facebook.com/ 387 B
695 B 81ms
48ms XHR
application/json 2a03:2880:f01c:20e:face:b00c:0:2
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:20e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

4c53d94546bdb5a14ce5c3ec031a558f493b9d51d72d05403daca6912d14b236

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
etag: "86a2c28a58de9692332c0f85387b8a4d0df45d1f"
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
x-fb-rev: 1000624815
content-length: 258
pragma: no-cache
x-fb-debug: 4q2USaGewL3XYUu1JGtQT+p+RWfnEwF5jVZC2G6v/g9Xc9gM2iZRv3tuNToAHzznEYeV+AhplP6W3GMetXOOyg==
x-fb-trace-id: BBe4c8nGpKH
date: Sat, 20 Apr 2019 05:04:45 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-fb-request-id: A5XB6l9aSu_QQuvIuG-VI_K
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.9
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 share Show response
www.linkedin.com/countserv/count/ 153 B
1 KB 136ms
103ms Script
text/javascript 2a05:f500:10:101::b93f:9101
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkedin.com/countserv/count/share?url=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&format=jsonp&callback=jQuery1124045877438760172495_1555736684801&_=1555736684802

Requested by

Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:f500:10:101::b93f:9101 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

8728689b95f8fdd290c0a6a1a0f301d793927895fb750a6b9fb27c8d1d0ac8a9

Security Headers

Name	Value
Content-Security-Policy	default-src ; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: ; font-src data: ; style-src 'unsafe-inline' 'self' static-src.linkedin.com .licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com .ads.linkedin.com .licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: ; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-li-pop: prod-efr5
x-li-uuid: uyNITD8WlxUA8kkxzCoAAA==
pragma: no-cache
server: Apache-Coyote/1.1
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
content-type: text/javascript;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
x-li-fabric: prod-lva1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 4 KB
3 KB 512ms
470ms XHR
application/json 151.101.1.140
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.140 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

snooserv /

Resource Hash

4874cf1cb80ba991457a0d664d5e0398e59cb3f7e53f9b2935e76109e2b3e071

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
x-cache: MISS
status: 200
vary: accept-encoding
content-length: 1516
x-xss-protection: 1; mode=block
x-served-by: cache-hhn1549-HHN
x-moose: majestic
expires: -1
server: snooserv
x-timer: S1555736685.170902,VS0,VE463
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j73&aip=1&a=2135741514&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&ul=en-us&de=UTF-8&dt=Easter%20Attack%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35676203-21&cid=1026937027.1555736685&jid=1057307552&_gid=1548201409.1555736685&gjid=1390964599&_v=j73&z=890035578
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1026937027.1555736685&jid=1057307552&_v=j73&z=890035578
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1026937027.1555736685&jid=1057307552&_v=j73&z=890035578&slf_rd=1&random=1738942688

42 B
109 B

19ms
19ms

Image
image/gif

2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1026937027.1555736685&jid=1057307552&_v=j73&z=890035578&slf_rd=1&random=1738942688

Requested by

Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Apr 2019 05:04:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Apr 2019 05:04:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=1026937027.1555736685&jid=1057307552&_v=j73&z=890035578&slf_rd=1&random=1738942688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 839281392784015 Show response
connect.facebook.net/signals/config/ 174 KB
42 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/839281392784015?v=2.8.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

6fbd7b36d4badcc4c4bd55a2f632fbe2fa3dc6fba6adf54a47a6e0df460b6f0f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 42769
x-xss-protection: 0
pragma: public
x-fb-debug: 6nFxfTVkqDmu+nUeQSxhFmw+4lEbsEpENU7Ifrb+9KPre4o+iHW1buWHGLvxuLjm12iXaBfjkNmB8J9IV5gEjQ==
date: Sat, 20 Apr 2019 05:04:45 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 impl.353-9-RELEASE.js Show response
cdn.taboola.com/libtrc/ 364 KB
103 KB 7ms
7ms Script
application/javascript 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.353-9-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/threatpost--network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a04047cc8cc6f8c8e3215a049cf7334208c3c6427e695d9c816baeadb71d3611

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: cQtTjtG0dlBq9TImQ5Hwb2t9t_zmvXvb
content-encoding: gzip
age: 46
x-cache: HIT
status: 200
date: Sat, 20 Apr 2019 05:04:45 GMT
x-amz-replication-status: PENDING
content-length: 105580
x-amz-id-2: lAS/pK0qG5xNWXHnXO9rcC0rHxjlZDvaliTlGYC1GXgrkLg7miM1WlQU4tGO4veya2nIs6skjA4=
x-served-by: cache-hhn1541-HHN
last-modified: Tue, 16 Apr 2019 11:45:11 GMT
server: AmazonS3
x-timer: S1555736685.198237,VS0,VE0
etag: "f20fea44e981761fd04f6b5b99686690"
vary: Accept-Encoding
x-amz-request-id: 3CE0AEBBD91AA52B
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 4
x-cache-hits: 250

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 28ms
27ms Script
application/x-javascript 104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/threatpost--network/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 20 Apr 2019 05:04:45 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Sun, 21 Apr 2019 05:04:45 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 4C27 0
0 40ms
37ms Document
text/html 2a00:1450:4001:81e::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=v1554100419869&theme=standard&size=normal&cb=un78s6l3amtw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1554100419869/recaptcha__en.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s5XfeTYr8tP0Uxvlcw3NUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=v1554100419869&theme=standard&size=normal&cb=un78s6l3amtw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://threatpost.com/easter-attack-apple-ios/143901/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/easter-attack-apple-ios/143901/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 20 Apr 2019 05:04:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-s5XfeTYr8tP0Uxvlcw3NUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11493
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 adsct
t.co/i/ 43 B
486 B 192ms
137ms Image
image/gif 104.244.42.5
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 118
pragma: no-cache
last-modified: Sat, 20 Apr 2019 05:04:45 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c2e20a5c297d3f6b47db9b7173217a0e
x-transaction: 00c185d5004d1c43
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 pubads_impl_2019041601.js Show response
securepubads.g.doubleclick.net/gpt/ 149 KB
54 KB 63ms
16ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

e404b43d6b607ad0773e1da1c627603796ad817ddeaaadc82d7383557d197895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Apr 2019 14:38:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 55406
x-xss-protection: 0
expires: Sat, 20 Apr 2019 05:04:45 GMT

GET
H2 200 rules-p-CRy9tA-v0aTsa.js Show response
rules.quantcount.com/ 6 KB
2 KB 48ms
7ms Script
application/x-javascript 2600:9000:2047:c800:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-CRy9tA-v0aTsa.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:c800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e6714bd0f978b1eeb773e412c0b49ae81bf864244cd87ffe8467c5f9d6b0a7f

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 04:59:05 GMT
content-encoding: gzip
last-modified: Fri, 01 Feb 2019 11:56:17 GMT
server: AmazonS3
age: 367
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-id: zp8hpVJ_ihUfi0XDm3wteE2L_VXpG3g35CYIuzFUyE57RHEfp60mxQ==
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)

GET
H2 200 /
www.facebook.com/tr/ 44 B
245 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=839281392784015&ev=PageView&dl=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&rl=&if=false&ts=1555736685269&sw=1600&sh=1200&v=2.8.47&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1555736685268.236298029&it=1555736685147&coo=false&rqm=GET

Requested by

Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sat, 20 Apr 2019 05:04:45 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1555736685278&ns_c=UTF-8&cv=3.1&c8=Easter%20Attack%20Affects%20Half%20a%20Billion%20Apple%20iOS%20Users%20via%20Chrome%20Bug...
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1555736685278&ns_c=UTF-8&cv=3.1&c8=Easter%20Attack%20Affects%20Half%20a%20Billion%20Apple%20iOS%20Users%20via%20Chrome%20Bu...

0
248 B

35ms
26ms

Image
text/plain

104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1555736685278&ns_c=UTF-8&cv=3.1&c8=Easter%20Attack%20Affects%20Half%20a%20Billion%20Apple%20iOS%20Users%20via%20Chrome%20Bug%20%7C%20Threatpost&c7=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&c9=
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Apr 2019 05:04:45 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1555736685278&ns_c=UTF-8&cv=3.1&c8=Easter%20Attack%20Affects%20Half%20a%20Billion%20Apple%20iOS%20Users%20via%20Chrome%20Bug%20%7C%20Threatpost&c7=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&c9=
Pragma: no-cache
Date: Sat, 20 Apr 2019 05:04:45 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel;r=917867558;labels=_fp.event.Threatpost%20Articles%2C_fp.channel.Threatpost;rf=0;a=p-CRy9tA-v0aTsa;url=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F;fpan=1;fpa=P0-6529532...
pixel.quantserve.com/ 35 B
621 B 150ms
28ms Image
image/gif 91.228.74.150
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=917867558;labels=_fp.event.Threatpost%20Articles%2C_fp.channel.Threatpost;rf=0;a=p-CRy9tA-v0aTsa;url=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F;fpan=1;fpa=P0-652953207-1555736685290;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1555736685290;tzo=0;ogl=image.https%3A%2F%2Fmedia%252Ethreatpost%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F103%2F2019%2F04%2F18114318%2FApple%2Ctype.article%2Ctitle.Easter%20Attack%20Affects%20Half%20a%20Billion%20Apple%20iOS%20Users%2Cdescription.The%20U%252ES-focused%20eGobbler%20malvertising%20attacks%20are%20exploiting%20an%20unpatched%20Google%2Curl.https%3A%2F%2Fthreatpost%252Ecom%2Feaster-attack-apple-ios%2F143901%2F
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.150 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Apr 2019 05:04:45 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/threatpost-threatpost/trc/3/ 11 KB
5 KB 133ms
98ms Script
application/javascript 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/threatpost-threatpost/trc/3/json?tim=05%3A04%3A45.346&data=%7B%22id%22%3A764%2C%22ii%22%3A%22%2Feaster-attack-apple-ios%2F143901%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1555736685322%2C%22cv%22%3A%22353-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22bw%22%3A1600%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22nsid%22%3A%22threatpost--network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dthreatpost--network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A3989%2C%22mw%22%3A700%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.353-9-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: dab2f187bbdb3266165ebd1ad3d0395fe203f290271bc1f726456d6cf888823b

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
via: 1.1 varnish
x-served-by: cache-hhn1541-HHN
server: nginx
x-timer: S1555736685.386171,VS0,VE91
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 tb Show response
15.taboola.com/ 17 KB
17 KB 74ms
18ms Script
text/html 151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=threatpost-threatpost&unitType=59&tbloc=&pageType=text&pstn=Slider%20-%20Video&uuip=&cisrf=&cirf=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&encoded=1&uid=4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded&variant=0|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1555736685547&tagid=&cntry=DE&platform=1&sesid=13b2147657b30a29af7da75c044756ce&itemid=/easter-attack-apple-ios/143901&viewid=1555736685322&geolat=&geoing=&deviceifa=&appid=&sd=v2_13b2147657b30a29af7da75c044756ce_4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded_1555736685_1555736685_CNawjgYQ459IGIrWh8mjLSABKAEwODib4wlAi4oQSMWWE1Cj7BBYAGAA&ri=0912803bbd23e7cb57e97eadb2d1f0f8&appname=&cdb=&gdprApplies=&sii=5633628570577398101
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.353-9-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: 1b56c7b37c5c00cc137a3f789f5b37aca985cfc2fb90a600a6047878cbfaaf59

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1555736686.609101,VS0,VE12
machineid: 1430
x-served-by: cache-hhn1534-HHN
x-cache: MISS
content-type: text/html;charset=ISO-8859-1
status: 200
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
x-cache-hits: 0
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 userx.353-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 22 KB
8 KB 18ms
9ms Script
application/javascript 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.353-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/threatpost--network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ca38399ede8b875f89b8b98e97d746758d66de51058f9cf69da9d036dfd4d68

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: E0hEoYefPm2eie1hq79wTP3gLPypwiJi
content-encoding: gzip
age: 46
x-cache: HIT
status: 200
date: Sat, 20 Apr 2019 05:04:45 GMT
x-amz-replication-status: PENDING
content-length: 7622
x-amz-id-2: /g43auLWy9L5ky/b3aGHaj5zj6/gzXwu0Q9M+MZg9QdQrlI+kjJK3mG70kG3+LMjldiNesXVX74=
x-served-by: cache-hhn1541-HHN
last-modified: Tue, 16 Apr 2019 11:45:44 GMT
server: AmazonS3
x-timer: S1555736686.560175,VS0,VE0
etag: "8f5c282002e62b41bd0183dff4b92218"
vary: Accept-Encoding
x-amz-request-id: CD1E0B826D9D3618
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 47
x-cache-hits: 93

GET
H2

200

rtb-h
trc.taboola.com/sg/exposebox-network/1/ Frame 5DA5
Redirect Chain

https://server.exposebox.com/rcm
https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_hsj09x7

0
67 B

16ms
15ms

Image
text/plain

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_hsj09x7
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1555736686.608113,VS0,VE8
x-served-by: cache-hhn1541-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 google
x-powered-by: Express
location: //trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_hsj09x7
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 302
cache-control: max-age:0
alt-svc: clear
expires: 0

GET
H2

204

rtb-h
trc.taboola.com/sg/mediaforcebidder-network/1/ Frame 5DA5
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4b95fb08-f162-4e07-98a4-2dcd963e89c2

0
223 B

15ms
15ms

Image
text/plain

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4b95fb08-f162-4e07-98a4-2dcd963e89c2
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1555736686.621618,VS0,VE8
x-cache: MISS
status: 204
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn1541-HHN

Redirect headers

Location: //trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4b95fb08-f162-4e07-98a4-2dcd963e89c2
Date: Sat, 20 Apr 2019 05:04:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame 5DA5
Redirect Chain

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
https://tags.bluekai.com/site/38310?id=dFLp8oHnnHma589CbnetvEKfkQRU47HzF6MUViOAn0I%3D&redir=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DdFLp8oHnnHma589C...
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=dFLp8oHnnHma589CbnetvEKfkQRU47HzF6MUViOAn0I%3D

45 B
268 B

15ms
15ms

Image
image/gif

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=dFLp8oHnnHma589CbnetvEKfkQRU47HzF6MUViOAn0I%3D
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:46 GMT
via: 1.1 varnish
server: nginx
x-timer: S1555736686.056861,VS0,VE8
x-cache: MISS
status: 200
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn1541-HHN

Redirect headers

Location: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=dFLp8oHnnHma589CbnetvEKfkQRU47HzF6MUViOAn0I%3D
Date: Sat, 20 Apr 2019 05:04:46 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 9e59
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 5DA5 43 B
695 B 77ms
13ms Image
image/gif 185.33.223.80
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID

Requested by

Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.80 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Apr 2019 05:04:47 GMT
AN-X-Request-Uuid: 9363b48b-b1d7-4c15-893e-6f2265594e24
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.130.184.116; 185.130.184.116; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.142:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 5DA5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESECbH_j7VV7DMukSPLo2xEis&google_cver=1

0
51 B

15ms
15ms

Image
text/plain

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESECbH_j7VV7DMukSPLo2xEis&google_cver=1
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1555736686.624037,VS0,VE8
x-cache: MISS
status: 204
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn1541-HHN

Redirect headers

pragma: no-cache
date: Sat, 20 Apr 2019 05:04:45 GMT
server: HTTP server (unknown)
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESECbH_j7VV7DMukSPLo2xEis&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 5DA5 43 B
694 B 78ms
14ms Image
image/gif 185.33.223.80
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID

Requested by

Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.80 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Apr 2019 05:04:47 GMT
AN-X-Request-Uuid: 6179f0bb-38df-4756-b4b8-063ed510fdbf
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.130.184.116; 185.130.184.116; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.58:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rtb-h
match.taboola.com/sg/thetradedesk-network/1/ Frame 5DA5
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=4af0d310-6dbb-40ca-b913-2f6344bb59b9
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=4af0d310-6dbb-40ca-b913-2f6344bb59b9&tbid=4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded&query=taboola_hm%3D4af0d310-6dbb-40ca...

0
53 B

17ms
16ms

Image
text/plain

151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=4af0d310-6dbb-40ca-b913-2f6344bb59b9&tbid=4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded&query=taboola_hm%3D4af0d310-6dbb-40ca-b913-2f6344bb59b9
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1555736686.787302,VS0,VE9
x-served-by: cache-hhn1534-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1555736686.764025,VS0,VE8
location: https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=4af0d310-6dbb-40ca-b913-2f6344bb59b9&tbid=4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded&query=taboola_hm%3D4af0d310-6dbb-40ca-b913-2f6344bb59b9
x-cache: MISS
status: 302
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn1541-HHN

GET
H2

200

rtb-h
match.taboola.com/sg/storygize-network/1/ Frame 5DA5
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=aeb067b6-251b-4533-b5ef-1118a16080b3
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=aeb067b6-251b-4533-b5ef-1118a16080b3&tbid=4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded&query=taboola_hm%3Daeb067b6-251b-4533-b5...

0
53 B

15ms
15ms

Image
text/plain

151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=aeb067b6-251b-4533-b5ef-1118a16080b3&tbid=4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded&query=taboola_hm%3Daeb067b6-251b-4533-b5ef-1118a16080b3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:46 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1555736687.513428,VS0,VE8
x-served-by: cache-hhn1534-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

date: Sat, 20 Apr 2019 05:04:46 GMT
via: 1.1 varnish
server: nginx
x-timer: S1555736686.495528,VS0,VE8
location: https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=aeb067b6-251b-4533-b5ef-1118a16080b3&tbid=4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded&query=taboola_hm%3Daeb067b6-251b-4533-b5ef-1118a16080b3
x-cache: MISS
status: 302
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn1541-HHN

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 5DA5 35 B
380 B 446ms
110ms Image
image/gif 192.132.33.46
Bidtellect Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT - Bidtellect Inc., US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Sat, 20 Apr 2019 05:04:45 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
match.taboola.com/sg/bidswitch-network/1/ Frame 5DA5
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola
https://x.bidswitch.net/ul_cb/sync?ssp=taboola
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=taboola
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=taboola&gdpr=1&gdpr_consent=&user_id=TsWenRqeyphWkMvLHcDRyUqTxc9WlJjJTMCxA6Fy
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=74649b2d-6adb-47f8-a9d0-616a74f39c48
https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=74649b2d-6adb-47f8-a9d0-616a74f39c48&tbid=4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded&query=taboola_hm%3D74649b2d-6adb-47f8-a9...

0
53 B

37ms
15ms

Image
text/plain

151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=74649b2d-6adb-47f8-a9d0-616a74f39c48&tbid=4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded&query=taboola_hm%3D74649b2d-6adb-47f8-a9d0-616a74f39c48
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1555736686.787262,VS0,VE8
x-served-by: cache-hhn1534-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1555736686.739822,VS0,VE8
location: https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=74649b2d-6adb-47f8-a9d0-616a74f39c48&tbid=4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded&query=taboola_hm%3D74649b2d-6adb-47f8-a9d0-616a74f39c48
x-cache: MISS
status: 302
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn1541-HHN

GET
H/1.1

200
OK

ai.aspx
m.exactag.com/ Frame E879
Redirect Chain

https://asn.advolution.de/00015c1c6F001441f/tpx.gif?rnd=[1]&async=1&url=//m.exactag.com/ai.aspx?extProvId=44&extPu=1021&extLi=DE-3709&extCr=82975&extPm=89116
https://m.exactag.com/ai.aspx?extProvId=44&extPu=1021&extLi=DE-3709&extCr=82975&extPm=89116

43 B
654 B

73ms
15ms

Image
image/gif

213.202.235.8
MYLOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.exactag.com/ai.aspx?extProvId=44&extPu=1021&extLi=DE-3709&extCr=82975&extPm=89116
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 213.202.235.8 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Apr 2019 05:04:45 GMT
X-ET-Code: 0
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Connection: close
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Cache-Control: private
Last-Modified: Sa, 20 Apr 2019 05:04:45 GMT
X-ET-Camp: 977
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 20 Apr 2019 05:04:45 GMT
Content-Encoding: gzip
X-Powered-By: PHP/5.4.44-0+deb7u1
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR OUR NOR"
X-DNT-Detected: false
X-GDPR-Detected: false
Pragma: no-cache
Last-Modified: Sat, 20 Apr 2019 05:04:45 GMT
Server: httpd
Vary: Accept-Encoding,User-Agent, Accept-Encoding
Content-type: text/html
Location: //m.exactag.com/ai.aspx?extProvId=44&extPu=1021&extLi=DE-3709&extCr=82975&extPm=89116
Cache-Control: no-cache, must-revalidate
X-Server: graviera
X-Script-Lastchange: 2019-04-15 16:44:39, www-data
X-Systime: 2019-04-20 07:04:45
X-GDPR-Status: v1t1p1
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 9F10 0
0 17ms
16ms Document
text/html 2a00:1450:4001:81e::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1554100419869&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=b6bhmyhdtgrw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1554100419869/recaptcha__en.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s3Sp0sFcVEOF+YbfqoitBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=v1554100419869&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=b6bhmyhdtgrw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://threatpost.com/easter-attack-apple-ios/143901/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/easter-attack-apple-ios/143901/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 20 Apr 2019 05:04:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-s3Sp0sFcVEOF+YbfqoitBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1116
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

POST
H2 204 available Show response
trc.taboola.com/threatpost-threatpost/log/3/ 0
101 B 16ms
16ms XHR
image/gif 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/threatpost-threatpost/log/3/available?route=AM
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.353-9-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1555736686.580452,VS0,VE9
x-served-by: cache-hhn1541-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://threatpost.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 5bf1e2209f5c21756954fc6947d8d5f3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
14 KB 21ms
7ms Image
image/jpeg 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bf1e2209f5c21756954fc6947d8d5f3.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: da9ef5758c2a68c614fe297e9af561bc0ba885dd20238654e611a147bc68fdce

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
age: 409986
x-cache: HIT
status: 200, 200 OK
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bf1e2209f5c21756954fc6947d8d5f3.png
content-length: 13935
x-request-id: 39f31898da91aec0
x-served-by: cache-hhn1541-HHN
last-modified: Mon, 15 Apr 2019 07:42:25 GMT
server: cloudinary
x-timer: S1555736686.656024,VS0,VE0
etag: "576a2b26b29322b7cf557f9d8b434f13"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 100

GET
H2 200 be07527bb430c61ad4197eb9842471db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
18 KB 7ms
7ms Image
image/jpeg 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be07527bb430c61ad4197eb9842471db.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 5551815d987998dc9bdc90c580dd7c01b398786b1acf769524ea2c127b4fc3ae

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
age: 2410101
x-cache: HIT
status: 200
expiration: expiry-date="Sun, 24 Mar 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be07527bb430c61ad4197eb9842471db.jpg
content-length: 18352
x-served-by: cache-hhn1541-HHN
last-modified: Thu, 21 Feb 2019 05:32:27 GMT
server: cloudinary
x-timer: S1555736686.663872,VS0,VE0
etag: "da1fdfb66968b7c66e645f6e2ddf4c77"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 108

GET
H2 200 613ff115e6b2e6c2997c65b4bcc4623a.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
19 KB 7ms
7ms Image
image/jpeg 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/613ff115e6b2e6c2997c65b4bcc4623a.jpeg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 924f9036fb869592346fb06ad94fcaf642d2aeb89adf880ff0793ff53af1954c

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
age: 27205
x-cache: HIT
status: 200
expiration: expiry-date="Thu, 04 Apr 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/613ff115e6b2e6c2997c65b4bcc4623a.jpeg
content-length: 19258
x-served-by: cache-hhn1541-HHN
last-modified: Mon, 04 Mar 2019 17:02:11 GMT
server: cloudinary
x-timer: S1555736686.671822,VS0,VE0
etag: "246bfc8a100cd4cc871a4fbc276225e0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 7

GET
H2 200 fbb39d04286eda51ee407577dfdc2b55.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 7ms
7ms Image
image/jpeg 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fbb39d04286eda51ee407577dfdc2b55.jpeg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1bc6ecff270f95c4fdd4e437641c48359ae82ded0b6434cf2477be055b05dac6

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
age: 1059418
x-cache: HIT
status: 200, 200 OK
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fbb39d04286eda51ee407577dfdc2b55.jpeg
content-length: 15868
x-request-id: db8e9ae2e744ad60
x-served-by: cache-hhn1541-HHN
last-modified: Thu, 04 Apr 2019 10:16:38 GMT
server: cloudinary
x-timer: S1555736686.679934,VS0,VE0
etag: "316e1bd32ff5c29f34e3bab8d09c15dd"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 345

GET
H2 200 758ff4e565241b51a5ab332a525f14d4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 34 KB
35 KB 8ms
7ms Image
image/jpeg 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/758ff4e565241b51a5ab332a525f14d4.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 7acb0c9eb166a250e43441d1db313572298152f84edd8f235a579dcf30b0f4a6

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
age: 532308
x-cache: HIT
status: 200
expiration: expiry-date="Sun, 14 Apr 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/758ff4e565241b51a5ab332a525f14d4.jpg
content-length: 35008
x-served-by: cache-hhn1541-HHN
last-modified: Thu, 14 Mar 2019 03:38:22 GMT
server: cloudinary
x-timer: S1555736686.688017,VS0,VE0
etag: "b96923664a089b7c509124de044b3773"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 TR_EN_600x500_Luda_2018-0619_girl_Naza%26IMG%3D19EG.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2018/07/ 18 KB
18 KB 8ms
6ms Image
image/jpeg 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2018/07/TR_EN_600x500_Luda_2018-0619_girl_Naza%26IMG%3D19EG.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 22e9cddb22e85c81e378ec92b3027cfd26a6f3c55d47673c62c6552b99831d20

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
age: 2125484
x-cache: HIT
status: 200
expiration: expiry-date="Sat, 13 Apr 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2018/07/TR_EN_600x500_Luda_2018-0619_girl_Naza%26IMG%3D19EG.jpg
content-length: 18514
x-served-by: cache-hhn1541-HHN
last-modified: Wed, 13 Mar 2019 21:56:07 GMT
server: cloudinary
x-timer: S1555736686.697687,VS0,VE0
etag: "5020c962ca5ef787207b475fbebc48b3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 31

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
705 B 8ms
8ms Image
image/png 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.353-9-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
age: 4562929
x-cache: HIT
status: 200
date: Sat, 20 Apr 2019 05:04:45 GMT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: XvamycYj5i9elo1HIxQVWoqB3bzM0MDs3mgweXjpvYdi7ZZIyzbyvzEvbwKvdJGIx5LiaLJce0k=
x-served-by: cache-hhn1541-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1555736686.598806,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-req: /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
x-amz-request-id: 093E8082E423E036
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 47
x-cache-hits: 220950

GET
H2 200 creative_js.js Show response
vidstat.taboola.com/vpaid/units/14_12_0/creatives/ 4 KB
2 KB 52ms
9ms Script
application/javascript 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/14_12_0/creatives/creative_js.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.353-9-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10eba73b3641332bde05fa8d6223e7017ac5207673602247c35f358ea89e3092

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Hit from cloudfront
status: 200
x-amz-meta-mode: 33188
content-encoding: gzip
last-modified: Wed, 06 Sep 2017 08:46:00 GMT
server: cloudflare
etag: W/"0df6cb700db4e2c8b3b7dcb734e91cb0"
x-amz-meta-uid: 0
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
x-amz-meta-mtime: 1499351521
x-amz-meta-gid: 0
cf-ray: 4ca4944ddaf597f8-FRA
x-amz-cf-id: Me-D5dUM6WfX7T75uCPTYXs3Zssma-IhbfdwRwfHG7oY9YLWlYTIhg==
expires: Tue, 21 May 2019 05:04:45 GMT

GET
H2 200 st
imprammp.taboola.com/ Frame 54B7 0
0 40ms
17ms Document
text/html 151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=66301605&ttype=0&cirid=73F94DC4791862944401690784849&cicmp=2040445&cijs=1&dast=V7_w8CFgO3aBynQJx8ugS3aBynQJx8ugUAAAAGBjsHG7eZMUcjDmm3XAxnk-VotFnuRsPZZrCZTMFhyk6Ty3JQC2RNk8vvBhs0nQ6f614vOlpeDtPh7zndNX63X-XwnF6Wt8J0eni8boXhcHa5lX7PXzHaLAeLvRwAAAAAHgCgzvMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADpLHNQCgOAzaZbk-ff4AAHgIAAEAGFAgASh4SCsByHDdOgEAAAAAAAAAYPn___-PGZh3LZUB-BDpuzHoAXjwAXgQAgAAyBrC3VpXNdFeCCUqsCxiBAAAAJAriEt3NKkTKosqAACCdCuAKwCAALWcEPaVLN1BibcwAAAAgbEFelj8frPDrvG7XQYAAAAAAAAAYPZ_9o8mVLTslQY0fVil9gsIALD2CwgAwKZuAABvAnBBFwCrC4jZAQAAANz9____64HEZmJZjHaz1W7iGSwsy4XNN3L4VhvDaLRbzTYu7_U8ykw9CuiH9TlM2WlyWQ5qgaxpcvntN2GL0Woy2SyHs-ViMhiOhqPR_gRsN8AJGg4Hi91gsVsshpPFZDRYDhYoEIMJTshwtJmsRrvVbrIcTkaj2WayQYpWrWajzWC4mk1mu91qOBguRyOkaM1iNpksZqPlbjNYTkaD4WQ4RBjaWBaL0XLkVm5Go7VoMdytFZ6Zba1aDVcrk2c2M05Ga9HrY_pMTJORy-RFwYCRvQgu0onoaHk5TIe_5_QWHS0vh-nw95wuYonmZJFOZJd9YzOxLEa72Wo38QwWluXC5hs5fKuNYTTarWYbl7-0sSwWo-XIrdyMRmvRYrhbKzwz21q1Gq5WJs9sZpyM1qLXx_SZmCYjl8nfWK1Wu81sNlztG6vVareZzYarfYfO8F19zkZptVzymJRf0bi2mjkNCpfB4v1JTItpd3YwTXtHp83rtRgbqm9CYTZ4DAZFLBGcLtKJ6GU8XcQSydMinQiWi8lwsJlYTJbNyrexuHYr527lMFksI8fMMDNOxBKl6SKd6FUOz-lleStMp4fH61YYDmeXW-n3_BWjzXKwmKj_-BDD1VyxGcwVw9FcsZitEgAAAAAAAADAEubMmwAAAACcBrNZzCar5QJIPIzvOrmsWsUEp1cB!&excid=22&tst=1&docw=0
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cipid=66301605&ttype=0&cirid=73F94DC4791862944401690784849&cicmp=2040445&cijs=1&dast=V7_w8CFgO3aBynQJx8ugS3aBynQJx8ugUAAAAGBjsHG7eZMUcjDmm3XAxnk-VotFnuRsPZZrCZTMFhyk6Ty3JQC2RNk8vvBhs0nQ6f614vOlpeDtPh7zndNX63X-XwnF6Wt8J0eni8boXhcHa5lX7PXzHaLAeLvRwAAAAAHgCgzvMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADpLHNQCgOAzaZbk-ff4AAHgIAAEAGFAgASh4SCsByHDdOgEAAAAAAAAAYPn___-PGZh3LZUB-BDpuzHoAXjwAXgQAgAAyBrC3VpXNdFeCCUqsCxiBAAAAJAriEt3NKkTKosqAACCdCuAKwCAALWcEPaVLN1BibcwAAAAgbEFelj8frPDrvG7XQYAAAAAAAAAYPZ_9o8mVLTslQY0fVil9gsIALD2CwgAwKZuAABvAnBBFwCrC4jZAQAAANz9____64HEZmJZjHaz1W7iGSwsy4XNN3L4VhvDaLRbzTYu7_U8ykw9CuiH9TlM2WlyWQ5qgaxpcvntN2GL0Woy2SyHs-ViMhiOhqPR_gRsN8AJGg4Hi91gsVsshpPFZDRYDhYoEIMJTshwtJmsRrvVbrIcTkaj2WayQYpWrWajzWC4mk1mu91qOBguRyOkaM1iNpksZqPlbjNYTkaD4WQ4RBjaWBaL0XLkVm5Go7VoMdytFZ6Zba1aDVcrk2c2M05Ga9HrY_pMTJORy-RFwYCRvQgu0onoaHk5TIe_5_QWHS0vh-nw95wuYonmZJFOZJd9YzOxLEa72Wo38QwWluXC5hs5fKuNYTTarWYbl7-0sSwWo-XIrdyMRmvRYrhbKzwz21q1Gq5WJs9sZpyM1qLXx_SZmCYjl8nfWK1Wu81sNlztG6vVareZzYarfYfO8F19zkZptVzymJRf0bi2mjkNCpfB4v1JTItpd3YwTXtHp83rtRgbqm9CYTZ4DAZFLBGcLtKJ6GU8XcQSydMinQiWi8lwsJlYTJbNyrexuHYr527lMFksI8fMMDNOxBKl6SKd6FUOz-lleStMp4fH61YYDmeXW-n3_BWjzXKwmKj_-BDD1VyxGcwVw9FcsZitEgAAAAAAAADAEubMmwAAAACcBrNZzCar5QJIPIzvOrmsWsUEp1cB!&excid=22&tst=1&docw=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://threatpost.com/easter-attack-apple-ios/143901/
accept-encoding: gzip, deflate, br
cookie: t_gid=4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/easter-attack-apple-ios/143901/

Response headers

status: 200
server: nginx/1.13.12
content-type: text/html;charset=ISO-8859-1
accept-ranges: bytes
date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
x-served-by: cache-hhn1534-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1555736686.780117,VS0,VE9

GET
H2 200 cmTagSLIDER_INSTREAM.js Show response
vidstat.taboola.com/vpaid/units/22_3_0/infra/ 544 KB
128 KB 24ms
23ms Script
application/javascript 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/22_3_0/infra/cmTagSLIDER_INSTREAM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/14_12_0/creatives/creative_js.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fd6548be2062224aaadc96988031f1e23c06affac5d93bc63ad0d2f31d7108b

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 6fe90cb7a4852d2683f62e862f7a790c.cloudfront.net (CloudFront)
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Hit from cloudfront
status: 200
x-amz-meta-mode: 33188
content-encoding: gzip
last-modified: Wed, 10 Apr 2019 08:59:36 GMT
server: cloudflare
etag: W/"cf50158062bf70690f12acf77ef2314c"
x-amz-meta-uid: 0
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
x-amz-meta-mtime: 1554886764
x-amz-meta-gid: 0
cf-ray: 4ca4944e0b1097f8-FRA
x-amz-cf-id: wykz1ik4TA_E204f0xg9XQhLTzCQ8B9jvSOEhaaGBGN4Wie5ziW9vA==
expires: Tue, 21 May 2019 05:04:45 GMT

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/22_3_0/assets/css/ 32 KB
6 KB 11ms
10ms Stylesheet
text/css 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/22_3_0/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/14_12_0/creatives/creative_js.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 818a5beb9f1b63daa80795c7c26c0479b226e0b7674347ee0788d478134f5e46

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 ad93a72606d0015c6aa5ceae5dc8a8d5.cloudfront.net (CloudFront)
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Hit from cloudfront
status: 200
x-amz-meta-mode: 33188
content-encoding: gzip
last-modified: Wed, 10 Apr 2019 08:59:30 GMT
server: cloudflare
etag: W/"1cab46f54902e90dc170d6a4f0bb74a7"
x-amz-meta-uid: 0
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
x-amz-meta-mtime: 1554886760
x-amz-meta-gid: 0
cf-ray: 4ca4944e0b1197f8-FRA
x-amz-cf-id: kq92uij1CLYh9ZRw83wO63DJz3zTAdajMU7xQsjUJMAIby6Mqts79A==
expires: Tue, 21 May 2019 05:04:45 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame 5E90 0
0 16ms
4ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 3632
pragma: no-cache
cache-control: no-cache
origin: https://threatpost.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://threatpost.com/easter-attack-apple-ios/143901/
accept-encoding: gzip, deflate, br
cookie: fr=0cF1cNGsB94Zu7OoC..Bcuqht...1.0.Bcuqht.
Origin: https://threatpost.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/easter-attack-apple-ios/143901/

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen-bolt
date: Sat, 20 Apr 2019 05:04:45 GMT

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 10ms
10ms Script
application/javascript 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/22_3_0/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 200
content-encoding: gzip
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: cloudflare
etag: W/"d8d81221ec6e604811ce469d899c9c8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 4ca4944ebba997f8-FRA
x-amz-cf-id: bMoBnXfCmbW4DvOfg1cNBesDcv8QwXci_H95OEMaeZC8to9mckeEXQ==
expires: Tue, 21 May 2019 05:04:45 GMT

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v9.9.9/ 553 KB
146 KB 10ms
9ms Script
application/javascript 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.9.9/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/22_3_0/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: efec3d34c79b4ecff68fa635bff375f4a54974731bc2e25ee0573383fa7fad15

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
status: 200
x-amz-meta-mode: 33188
content-encoding: gzip
last-modified: Sun, 07 Apr 2019 09:26:27 GMT
server: cloudflare
etag: W/"2f19af25070237a08fb4118bb1492123"
x-amz-meta-uid: 0
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
x-amz-meta-mtime: 1554629186
x-amz-meta-gid: 0
cf-ray: 4ca4944ecbaf97f8-FRA
x-amz-cf-id: bUuDNxrButRb9W8vQphj57tHVK5_aNzKygogfc4viBYSampOeNngoA==
expires: Tue, 21 May 2019 05:04:45 GMT

GET
H2 200 st
convammp.taboola.com/ 0
53 B 49ms
16ms Image
text/plain 151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://convammp.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66301605&crid=5302265&dast=V7K14CFgO3aBynQJx8ugS3aBynQJx8ugUAAAAGBjsHHbeZMUcjDmm3XAxnk-VoNBosZsvBbjgajpZD2LjNjDkacUi75WI4myxHo81yNxrONoPNZAoOU3aaXJaDWiBrmlx-N9ig6XT4XPd60dHycpgOf8_prvG7_SqH5_SyvBWm08PjdSsMh7PLrfR7_orRZjlY7OUAAAAA8AAAdZ4P8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABcJA8rgEAxWHQLsv16fMHAMBDAAgAwIACCUDBQ1oJQIbr1gkAAAAAAAAAAMv___9_zMC8a6kMwIdIXw_Agw_AA1GBZREjAAAAgFxBXLqjSZ1QWVQBABCkWwFcAQAEqOWEsK-EAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oaJlrzSg6cMqtV9AAIC1X0AAADZ1AwB4E4ALugBYXUDMDgAAAODu____Xw8kNhPLYrSbrXYTz2BhWS5svpHDt9oYRqPdarZxea_nUWbqUUA_rM9hyk6Ty3JQC2RNk8tvvwlbjFaTyWY5nC0Xk8FwNByN9idguwFO0HA4WOwGi91iMZwsJqPBcrBAgRhMcEKGo81kNdqtdpPlcDIazTaTDVK0ajUbbQbD1Wwy2-1Ww8FwORohRWsWs8lkMRstd5vBcjIaDCfDIcLQxrJYjJYjt3IzGq1Fi-FurfDMbGvVarhamTyzmXEyWoteH9NnYpqMXCYvCgaM7EVwkU5ER8vLYTr8Pae36Gh5OUyHv-d0EUs0J4t0IrvsG5uJZTHazVa7iWewsCwXNt_I4VttDKPRbjXbuPyljWWxGC1HbuVmNFqLFsPdWuGZ2daq1XC1MnlmM-NktBa9PqbPxDQZuUz-xmq12m1ms-Fq31itVrvNbDZc7Tt0hu_qczZKq-WSx6T8isa11cxpULgMFu9PYlpMu7ODado7Om1er8XYUH0TCrPBYzAoYongdJFORC_j6SKWSJ4W6USwXEyGg83EYrJsVr6NxbVbOXcrh8liGTlmhplxIpYoTRfpRK9yeE4vy1thOj08XrfCcDi73Eq_568YbZaDxUT9x4cYruaKzWCuGI7misVslQAAAAAAAAAAljBn3gQAAADgNJjNYjZZLRdA4mF818ll1SomOL0K!&cmcv=&pix=31589837&cb=1555736685869&uv=2230&abt=sac5_vB&ft=0&unm=SLIDER_INSTREAM
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1555736686.918338,VS0,VE9
x-served-by: cache-hhn1534-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 st
convammp.taboola.com/ 0
53 B 49ms
16ms Image
text/plain 151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://convammp.taboola.com/st?cijs=convusmp&ttype=72&cisd=convusmp&cipid=66301605&crid=5302265&dast=V7K14CFgO3aBynQJx8ugS3aBynQJx8ugUAAAAGBjsHHbeZMUcjDmm3XAxnk-VoNBosZsvBbjgajpZD2LjNjDkacUi75WI4myxHo81yNxrONoPNZAoOU3aaXJaDWiBrmlx-N9ig6XT4XPd60dHycpgOf8_prvG7_SqH5_SyvBWm08PjdSsMh7PLrfR7_orRZjlY7OUAAAAA8AAAdZ4P8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABcJA8rgEAxWHQLsv16fMHAMBDAAgAwIACCUDBQ1oJQIbr1gkAAAAAAAAAAMv___9_zMC8a6kMwIdIXw_Agw_AA1GBZREjAAAAgFxBXLqjSZ1QWVQBABCkWwFcAQAEqOWEsK-EAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oaJlrzSg6cMqtV9AAIC1X0AAADZ1AwB4E4ALugBYXUDMDgAAAODu____Xw8kNhPLYrSbrXYTz2BhWS5svpHDt9oYRqPdarZxea_nUWbqUUA_rM9hyk6Ty3JQC2RNk8tvvwlbjFaTyWY5nC0Xk8FwNByN9idguwFO0HA4WOwGi91iMZwsJqPBcrBAgRhMcEKGo81kNdqtdpPlcDIazTaTDVK0ajUbbQbD1Wwy2-1Ww8FwORohRWsWs8lkMRstd5vBcjIaDCfDIcLQxrJYjJYjt3IzGq1Fi-FurfDMbGvVarhamTyzmXEyWoteH9NnYpqMXCYvCgaM7EVwkU5ER8vLYTr8Pae36Gh5OUyHv-d0EUs0J4t0IrvsG5uJZTHazVa7iWewsCwXNt_I4VttDKPRbjXbuPyljWWxGC1HbuVmNFqLFsPdWuGZ2daq1XC1MnlmM-NktBa9PqbPxDQZuUz-xmq12m1ms-Fq31itVrvNbDZc7Tt0hu_qczZKq-WSx6T8isa11cxpULgMFu9PYlpMu7ODado7Om1er8XYUH0TCrPBYzAoYongdJFORC_j6SKWSJ4W6USwXEyGg83EYrJsVr6NxbVbOXcrh8liGTlmhplxIpYoTRfpRK9yeE4vy1thOj08XrfCcDi73Eq_568YbZaDxUT9x4cYruaKzWCuGI7misVslQAAAAAAAAAAljBn3gQAAADgNJjNYjZZLRdA4mF818ll1SomOL0K!&cmcv=&pix=&cb=1555736685876&uv=2230&abt=sac5_vB&ft=0&unm=SLIDER_INSTREAM
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1555736686.918329,VS0,VE9
x-served-by: cache-hhn1534-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 3 KB
2 KB 8ms
7ms Image
image/svg+xml 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: 3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding: gzip
age: 64
x-cache: HIT
status: 200
date: Sat, 20 Apr 2019 05:04:45 GMT
x-amz-replication-status: COMPLETED
content-length: 1502
x-amz-id-2: bC3gdYPW5xIxWinUgDcCWPYa+I/kcGaPjFGrH8mrMV+Xy2VZoBFJiotblyk7FmFu0IWZEIebf6c=
x-served-by: cache-hhn1541-HHN
access-control-allow-origin: *
last-modified: Sun, 10 Jun 2018 13:23:55 GMT
server: AmazonS3
x-timer: S1555736686.884274,VS0,VE0
etag: "11d8569a7da0739259e3ac0b0d666e94"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 8124BF18BABA1816
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 47
x-cache-hits: 101

GET
H2 200 player.css
vidstat.taboola.com/vpaid/vPlayer/player/v9.9.9/assets/ 13 KB
2 KB 9ms
9ms Stylesheet
text/css 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.9.9/assets/player.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.9.9/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d7b0822fa40be3fb8bcbdfb17574332f6da59adb2ddfe741e277f7240b67daa

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Hit from cloudfront
status: 200
x-amz-meta-mode: 33188
content-encoding: gzip
last-modified: Sun, 07 Apr 2019 09:26:28 GMT
server: cloudflare
etag: W/"6f1147dfc105dd8225faf22168ea2b2b"
x-amz-meta-uid: 0
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
x-amz-meta-mtime: 1554629187
x-amz-meta-gid: 0
cf-ray: 4ca4944f4c3197f8-FRA
x-amz-cf-id: QqypK8OgC_miCzHRjRlZVlLDFh4NfZdawrvnLRvSn_PdQBFtVBOc5w==
expires: Tue, 21 May 2019 05:04:45 GMT

GET
H2 200 dsm.js Show response
vidstat.taboola.com/dsm/163/ 5 KB
5 KB 9ms
9ms Script
application/octet-stream 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/dsm/163/dsm.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.9.9/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7782eccb926cdcb657eacb76520651347d9ce1129eb22de911680dc43f5a3eb6

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 200
content-length: 4961
last-modified: Sun, 07 Apr 2019 09:23:27 GMT
server: cloudflare
etag: "adfab001fe96c4a74dd8e90850c51fb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4ca4944f4c3497f8-FRA
x-amz-cf-id: nOYFCqfnBsRvfjD-sbyM0ScPjoEiNpz87sWuGS7QybqwXxA0oIpyXQ==
expires: Tue, 21 May 2019 05:04:45 GMT

GET
H2 200 st
convammp.taboola.com/ 0
53 B 16ms
15ms Image
text/plain 151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://convammp.taboola.com/st?baseReportD=taboola.com&dataCenter=am&cijs=convusmp&ttype=81&cisd=convusmp&cipid=66301605&crid=5302265&dast=V7K14CFgO3aBynQJx8ugS3aBynQJx8ugUAAAAGBjsHHbeZMUcjDmm3XAxnk-VoNBosZsvBbjgajpZD2LjNjDkacUi75WI4myxHo81yNxrONoPNZAoOU3aaXJaDWiBrmlx-N9ig6XT4XPd60dHycpgOf8_prvG7_SqH5_SyvBWm08PjdSsMh7PLrfR7_orRZjlY7OUAAAAA8AAAdZ4P8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABcJA8rgEAxWHQLsv16fMHAMBDAAgAwIACCUDBQ1oJQIbr1gkAAAAAAAAAAMv___9_zMC8a6kMwIdIXw_Agw_AA1GBZREjAAAAgFxBXLqjSZ1QWVQBABCkWwFcAQAEqOWEsK-EAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oaJlrzSg6cMqtV9AAIC1X0AAADZ1AwB4E4ALugBYXUDMDgAAAODu____Xw8kNhPLYrSbrXYTz2BhWS5svpHDt9oYRqPdarZxea_nUWbqUUA_rM9hyk6Ty3JQC2RNk8tvvwlbjFaTyWY5nC0Xk8FwNByN9idguwFO0HA4WOwGi91iMZwsJqPBcrBAgRhMcEKGo81kNdqtdpPlcDIazTaTDVK0ajUbbQbD1Wwy2-1Ww8FwORohRWsWs8lkMRstd5vBcjIaDCfDIcLQxrJYjJYjt3IzGq1Fi-FurfDMbGvVarhamTyzmXEyWoteH9NnYpqMXCYvCgaM7EVwkU5ER8vLYTr8Pae36Gh5OUyHv-d0EUs0J4t0IrvsG5uJZTHazVa7iWewsCwXNt_I4VttDKPRbjXbuPyljWWxGC1HbuVmNFqLFsPdWuGZ2daq1XC1MnlmM-NktBa9PqbPxDQZuUz-xmq12m1ms-Fq31itVrvNbDZc7Tt0hu_qczZKq-WSx6T8isa11cxpULgMFu9PYlpMu7ODado7Om1er8XYUH0TCrPBYzAoYongdJFORC_j6SKWSJ4W6USwXEyGg83EYrJsVr6NxbVbOXcrh8liGTlmhplxIpYoTRfpRK9yeE4vy1thOj08XrfCcDi73Eq_568YbZaDxUT9x4cYruaKzWCuGI7misVslQAAAAAAAAAAljBn3gQAAADgNJjNYjZZLRdA4mF818ll1SomOL0K!&cmcv=&uv=2230&unm=SLIDER_INSTREAM&cb=1555736685957&abt=sac5_vB&
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1555736686.971848,VS0,VE8
x-served-by: cache-hhn1534-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 206 11-travel-tools-you-wont-regret-splurging-on.mp4
vidstatb.taboola.com/vid/ 3 MB
3 MB 24ms
9ms Media
video/mp4 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/11-travel-tools-you-wont-regret-splurging-on.mp4
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b43344a84d27d5328f03df273b3e2d4508aa55f093d99d2aa95c160c17541cb9

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range: bytes=0-
chrome-proxy: frfr

Response headers

date: Sat, 20 Apr 2019 05:04:46 GMT
via: 1.1 ae3e6ab763f755c867a3b493d306312c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 206
Content-Length: 3005098
Content-Range: bytes 0-3005097/3005098
last-modified: Thu, 29 Mar 2018 08:22:42 GMT
server: cloudflare
etag: "7eb53ac377d084afd29b4619c31bd36c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 4ca4944f8c6e97f8-FRA
x-amz-cf-id: Yfwy0DK31dXUG8_YaQbpie5TupMZbKbO7bSJhYc8jSKXoKHsZdfTLw==
expires: Tue, 21 May 2019 05:04:46 GMT

GET
H2 200 desk_muted2.svg
vidstat.taboola.com/assets/video_controls/ 688 B
590 B 11ms
10ms Image
image/svg+xml 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/video_controls/desk_muted2.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b07af50f99890a6edd3601bb8cf2d7ebdb404904067925d794d1cd450e939f57

Request headers

Referer: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.9.9/assets/player.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
content-encoding: gzip
last-modified: Sun, 19 Nov 2017 12:19:28 GMT
server: cloudflare
etag: W/"c374f9a1c65db8dd9f4b435bd1adb4ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 4ca4944f6c6197f8-FRA
x-amz-cf-id: IEs4K2Ky9denkongHenJ9LNvphQEh5Pqa_QTFKCg6zDWfUEGWl5I-Q==
expires: Tue, 21 May 2019 05:04:45 GMT

GET
H2 200 pause2.svg
vidstat.taboola.com/assets/video_controls/ 391 B
765 B 10ms
9ms Image
image/svg+xml 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/video_controls/pause2.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/easter-attack-apple-ios/143901/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 437513ec64a0d4c9b838a51cf1e57bfb0d75586f35ddd91d0de1d01335fd0969

Request headers

Referer: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.9.9/assets/player.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:45 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Hit from cloudfront
status: 200
x-amz-meta-mode: 33188
content-encoding: gzip
last-modified: Sun, 02 Jul 2017 14:26:33 GMT
server: cloudflare
etag: W/"0ae31cb3e45e52b441abf8cc6208a36e"
x-amz-meta-uid: 0
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
expires: Tue, 21 May 2019 05:04:45 GMT
cache-control: public, max-age=2678400
x-amz-meta-gid: 0
cf-ray: 4ca4944f6c5f97f8-FRA
x-amz-cf-id: ADsqc76_AMZ6878LWKlDyGdVF-vtikS_6TJfXhP3xEj4huxtHY4-lA==
x-amz-meta-mtime: 1498396298

GET
H2 200 oppsula.js Show response
vidstat.taboola.com/oppsula/1.3.6/ 15 KB
5 KB 12ms
11ms Script
application/javascript 2606:4700::6810:5424
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/oppsula/1.3.6/oppsula.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.9.9/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5424 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6eeaa330e79de82579d573d85b1e62ee0017782c71406518af6b366b78c7981e

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:46 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 200
content-encoding: gzip
last-modified: Sun, 24 Feb 2019 08:54:20 GMT
server: cloudflare
etag: W/"9eef55ccd492389cc88aa5285cade680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 4ca4944fbca997f8-FRA
x-amz-cf-id: 36UdwQHOWwL8Suz39IHHnJfA9lAou9299EPAvTGJwhCGjAQso6xY9Q==
expires: Tue, 21 May 2019 05:04:46 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 6 KB
7 KB 282ms
262ms XHR
application/json 151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=198827&tagid=1020237&crid=5302265&noaop=2&sortOrderType=0&cb=1555736686030&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=999&pt=477387640&tz=0&viewable=true&ddast=V7K14CFgO3aBynQJx8ugS3aBynQJx8ugUAAAAGBjsHHbeZMUcjDmm3XAxnk-VoNBosZsvBbjgajpZD2LjNjDkacUi75WI4myxHo81yNxrONoPNZAoOU3aaXJaDWiBrmlx-N9ig6XT4XPd60dHycpgOf8_prvG7_SqH5_SyvBWm08PjdSsMh7PLrfR7_orRZjlY7OUAAAAA8AAAdZ4P8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABcJA8rgEAxWHQLsv16fMHAMBDAAgAwIACCUDBQ1oJQIbr1gkAAAAAAAAAAMv___9_zMC8a6kMwIdIXw_Agw_AA1GBZREjAAAAgFxBXLqjSZ1QWVQBABCkWwFcAQAEqOWEsK-EAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oaJlrzSg6cMqtV9AAIC1X0AAADZ1AwB4E4ALugBYXUDMDgAAAODu____Xw8kNhPLYrSbrXYTz2BhWS5svpHDt9oYRqPdarZxea_nUWbqUUA_rM9hyk6Ty3JQC2RNk8tvvwlbjFaTyWY5nC0Xk8FwNByN9idguwFO0HA4WOwGi91iMZwsJqPBcrBAgRhMcEKGo81kNdqtdpPlcDIazTaTDVK0ajUbbQbD1Wwy2-1Ww8FwORohRWsWs8lkMRstd5vBcjIaDCfDIcLQxrJYjJYjt3IzGq1Fi-FurfDMbGvVarhamTyzmXEyWoteH9NnYpqMXCYvCgaM7EVwkU5ER8vLYTr8Pae36Gh5OUyHv-d0EUs0J4t0IrvsG5uJZTHazVa7iWewsCwXNt_I4VttDKPRbjXbuPyljWWxGC1HbuVmNFqLFsPdWuGZ2daq1XC1MnlmM-NktBa9PqbPxDQZuUz-xmq12m1ms-Fq31itVrvNbDZc7Tt0hu_qczZKq-WSx6T8isa11cxpULgMFu9PYlpMu7ODado7Om1er8XYUH0TCrPBYzAoYongdJFORC_j6SKWSJ4W6USwXEyGg83EYrJsVr6NxbVbOXcrh8liGTlmhplxIpYoTRfpRK9yeE4vy1thOj08XrfCcDi73Eq_568YbZaDxUT9x4cYruaKzWCuGI7misVslQAAAAAAAAAAljBn3gQAAADgNJjNYjZZLRdA4mF818ll1SomOL0K!&proto=2,3,5,6&dtagid=1683035&dpubid=331625&abtst=sac5_vB&mPre=0.033&encoded=1&pstn=1&cirf=https%3A%2F%2Fthreatpost.com&callback=&en=1&wfv=1&cdb=&gdprApplies=false&amp=0&qsz=6&ft=0&pb=0
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.9.9/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: 55158de6ae73a0efccdc02e871d29577ca400b6fd2855fc9dc34bc81429a3614

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: text/plain

Response headers

date: Sat, 20 Apr 2019 05:04:46 GMT
via: 1.1 varnish
machineid: 1410
x-cache: MISS
status: 200
x-cache-hits: 0
content-length: 6572
x-served-by: cache-hhn1534-HHN
pragma: no-cache
server: nginx/1.13.12
x-timer: S1555736686.056394,VS0,VE256
content-type: application/json;charset=ISO-8859-1
access-control-allow-origin: https://threatpost.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 485 B
748 B 224ms
223ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3205505132111335&correlator=782086247006100&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21062421%2C21062452%2C21062832%2C21063441%2C21063606%2C953563517&vrg=2019041601&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F21707124336%2Fthreatpost%2Fheader&sz=970x250&eri=1&cust_params=UrlHost%3Dthreatpost.com%26UrlPath%3D%252Feaster-attack-apple-ios%252F143901%26UrlQuery%3D%26category%3Dmalware-2%26contentid%3D143901%26contenttags%3Dproduction%252Chomeapple-2%252Ccyberattack%252Ceaster-attack%252Cegobbler%252Cgoogle-chrome%252Chalf-a-billion-users%252Cios-0%252Cipad-0%252Ciphone%252Cmalvertising%252Csafari%252Cunpatched%252Cvulnerability%252C&cookie_enabled=1&bc=15&abxe=1&lmt=1555736686&dt=1555736686191&dlt=1555736684342&idt=1097&frm=20&biw=1585&bih=1200&oid=3&adx=308&ady=0&adk=151559616&uci=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&dssz=47&icsg=149546510843904&std=3&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=1026937027.1555736685&ga_sid=1555736685&ga_hid=2135741514&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041601.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

162dd1236b7f83b99b51481fd50ddbbb76964e0a8fc4c23f0f3a4806331425fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Origin: https://threatpost.com

Response headers

date: Sat, 20 Apr 2019 05:04:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 313
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019041601.js Show response
securepubads.g.doubleclick.net/gpt/ 71 KB
27 KB 16ms
16ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041601.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

a03e952076d990386cea2efd2dc5a114d7673f915efa4ff91f4d4b68b68a5492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Apr 2019 14:38:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27295
x-xss-protection: 0
expires: Sat, 20 Apr 2019 05:04:46 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ 0
0 27ms
6ms Other
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041601.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 397ms
397ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3205505132111335&correlator=782086247006100&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&adsid=NT&eid=21062421%2C21062452%2C21062832%2C21063441%2C21063606%2C953563517&vrg=2019041601&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F21707124336%2Fthreatpost%2Fmedrectangle&sz=300x250&eri=1&cust_params=UrlHost%3Dthreatpost.com%26UrlPath%3D%252Feaster-attack-apple-ios%252F143901%26UrlQuery%3D%26category%3Dmalware-2%26contentid%3D143901%26contenttags%3Dproduction%252Chomeapple-2%252Ccyberattack%252Ceaster-attack%252Cegobbler%252Cgoogle-chrome%252Chalf-a-billion-users%252Cios-0%252Cipad-0%252Ciphone%252Cmalvertising%252Csafari%252Cunpatched%252Cvulnerability%252C&cookie_enabled=1&bc=15&abxe=1&lmt=1555736686&dt=1555736686202&dlt=1555736684342&idt=1097&frm=20&biw=1585&bih=1200&oid=3&adx=1093&ady=407&adk=689239265&uci=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&dssz=48&icsg=149546510843904&std=3&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=1026937027.1555736685&ga_sid=1555736685&ga_hid=2135741514&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041601.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ad0a569a36e36aad1a7528d4ea354f15c8e951ec745bc9eb9d80c90d5cef15bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Origin: https://threatpost.com

Response headers

date: Sat, 20 Apr 2019 05:04:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 6779
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 484 B
395 B 592ms
591ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3205505132111335&correlator=782086247006100&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&adsid=NT&eid=21062421%2C21062452%2C21062832%2C21063441%2C21063606%2C953563517&vrg=2019041601&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F21707124336%2Fthreatpost%2Ftower&sz=300x600&eri=1&cust_params=UrlHost%3Dthreatpost.com%26UrlPath%3D%252Feaster-attack-apple-ios%252F143901%26UrlQuery%3D%26category%3Dmalware-2%26contentid%3D143901%26contenttags%3Dproduction%252Chomeapple-2%252Ccyberattack%252Ceaster-attack%252Cegobbler%252Cgoogle-chrome%252Chalf-a-billion-users%252Cios-0%252Cipad-0%252Ciphone%252Cmalvertising%252Csafari%252Cunpatched%252Cvulnerability%252C&cookie_enabled=1&bc=15&abxe=1&lmt=1555736686&dt=1555736686207&dlt=1555736684342&idt=1097&frm=20&biw=1585&bih=1200&oid=3&adx=1093&ady=1731&adk=2784303562&uci=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&dssz=48&icsg=149546510843904&std=3&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=1026937027.1555736685&ga_sid=1555736685&ga_hid=2135741514&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041601.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ff4df26a68d6bec4a211ac9399d0cd0c81cc47fb2bf46894194547431df02a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Origin: https://threatpost.com

Response headers

date: Sat, 20 Apr 2019 05:04:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 316
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 487 B
394 B 598ms
597ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3205505132111335&correlator=782086247006100&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&adsid=NT&eid=21062421%2C21062452%2C21062832%2C21063441%2C21063606%2C953563517&vrg=2019041601&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F21707124336%2Fthreatpost%2Finterstitial&sz=2x2&eri=1&cust_params=UrlHost%3Dthreatpost.com%26UrlPath%3D%252Feaster-attack-apple-ios%252F143901%26UrlQuery%3D%26category%3Dmalware-2%26contentid%3D143901%26contenttags%3Dproduction%252Chomeapple-2%252Ccyberattack%252Ceaster-attack%252Cegobbler%252Cgoogle-chrome%252Chalf-a-billion-users%252Cios-0%252Cipad-0%252Ciphone%252Cmalvertising%252Csafari%252Cunpatched%252Cvulnerability%252C&cookie_enabled=1&bc=15&abxe=1&lmt=1555736686&dt=1555736686212&dlt=1555736684342&idt=1097&frm=20&biw=1585&bih=1200&oid=3&adx=792&ady=6450&adk=1322721597&uci=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&dssz=48&icsg=149546510843904&std=3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x6452&msz=1585x2&blev=1&bisch=1&ga_vid=1026937027.1555736685&ga_sid=1555736685&ga_hid=2135741514&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019041601.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

31decc0966f093cf288c7791be5e0646cd90fde54bd9e46414cbddf131b61195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Origin: https://threatpost.com

Response headers

date: Sat, 20 Apr 2019 05:04:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 315
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109681207-2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 5539
date: Sat, 20 Apr 2019 03:32:27 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17543
expires: Sat, 20 Apr 2019 05:32:27 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=2135741514&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F&ul=en-us&de=UTF-8&dt=Easter%20Attack%20Affec...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109681207-2&cid=1026937027.1555736685&jid=822463235&_gid=1548201409.1555736685&gjid=1973556132&_v=j73&z=1512866920
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109681207-2&cid=1026937027.1555736685&jid=822463235&_v=j73&z=1512866920
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109681207-2&cid=1026937027.1555736685&jid=822463235&_v=j73&z=1512866920&slf_rd=1&random=382751552

42 B
109 B

22ms
22ms

Image
image/gif

2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109681207-2&cid=1026937027.1555736685&jid=822463235&_v=j73&z=1512866920&slf_rd=1&random=382751552

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Apr 2019 05:04:46 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Apr 2019 05:04:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109681207-2&cid=1026937027.1555736685&jid=822463235&_v=j73&z=1512866920&slf_rd=1&random=382751552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
673 B 206ms
141ms Script
application/javascript 104.244.42.67
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fthreatpost.com%2Feaster-attack-apple-ios%2F143901%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 120
pragma: no-cache
last-modified: Sat, 20 Apr 2019 05:04:46 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d8e9b98180fc317bf1d8985b8a7587b3
x-transaction: 0039b20700713169
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 tag Show response
gklfs-idnhw.ads.tremorhub.com/ad/ 119 B
464 B 481ms
237ms XHR
text/xml 52.4.203.244
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://gklfs-idnhw.ads.tremorhub.com/ad/tag?adCode=gklfs-mjhgb&playerWidth=400&playerHeight=225&playerPosition=1&mediaTitle=11-travel-tools-you-wont-regret-splurging-on&mediaDesc=11-travel-tools-you-wont-regret-splurging-on&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2F11-travel-tools-you-wont-regret-splurging-on.mp4&srcPageUrl=https%3A%2F%2Fthreatpost.com&contentLength=53&gdpr=1&blockedDomains=
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.9.9/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.203.244 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-4-203-244.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e4f4325d2251a1fb661e38826334015128eb74701e9951dcb1fa40a5a32a9ec8

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 20 Apr 2019 05:04:46 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
status: 200
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET
H2 200 tag Show response
s5pvq.ads.tremorhub.com/ad/ 119 B
455 B 638ms
311ms XHR
text/xml 52.4.203.244
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s5pvq.ads.tremorhub.com/ad/tag?adCode=gklfs-dsarh&playerWidth=400&playerHeight=225&playerPosition=1&mediaTitle=11-travel-tools-you-wont-regret-splurging-on&mediaDesc=11-travel-tools-you-wont-regret-splurging-on&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2F11-travel-tools-you-wont-regret-splurging-on.mp4&srcPageUrl=https%3A%2F%2Fthreatpost.com&contentLength=53&gdpr=1&blockedDomains=
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.9.9/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.203.244 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-4-203-244.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: ae07da0b8bdaa74042237e5292bd98e9a7b4f6991843c1144757450b5573fd48

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 20 Apr 2019 05:04:46 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
status: 200
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET
H2 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 1568 0
0 21ms
16ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExCr1FUYoo2UUTAB&v=APEucNUKnykQz06wqVbckfQdb_QHFaIr8pR87gaS3pEqVMwzBSha9NSmE9dPhMOPY67HV3D-HYDHJ9iTMMFU1TwDRYeJ_l-_b-pd41jcGQkb3ZBDSbI4sLgMyHLEDfXLMxRejGLB_1wlBpzGhisnTL6I1uv30pS0Jg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041601.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJ3FExCr1FUYoo2UUTAB&v=APEucNUKnykQz06wqVbckfQdb_QHFaIr8pR87gaS3pEqVMwzBSha9NSmE9dPhMOPY67HV3D-HYDHJ9iTMMFU1TwDRYeJ_l-_b-pd41jcGQkb3ZBDSbI4sLgMyHLEDfXLMxRejGLB_1wlBpzGhisnTL6I1uv30pS0Jg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://threatpost.com/easter-attack-apple-ios/143901/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkj4t8GNJUjAJIB3VBGHBBR7YIi_DVLsxcelR8VzhIr9Bw1MfkErQlMozkf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/easter-attack-apple-ios/143901/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 20 Apr 2019 05:04:46 GMT
server: cafe
cache-control: private
content-length: 152
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 dbm_bid_iframe.html
googleads.g.doubleclick.net/pagead/ Frame 0566 0
0 12ms
6ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/dbm_bid_iframe.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041601.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/dbm_bid_iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://threatpost.com/easter-attack-apple-ios/143901/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkj4t8GNJUjAJIB3VBGHBBR7YIi_DVLsxcelR8VzhIr9Bw1MfkErQlMozkf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/easter-attack-apple-ios/143901/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Sat, 20 Apr 2019 02:31:18 GMT
expires: Sun, 21 Apr 2019 02:31:18 GMT
content-type: text/html; charset=UTF-8
etag: 15448042816335319604
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 3232
x-xss-protection: 0
age: 9208
cache-control: public, max-age=86400
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 dbm_bid_appended_html_iframe.html
tpc.googlesyndication.com/pagead/js/ Frame 8DEE 0
0 8ms
6ms Document
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/dbm_bid_appended_html_iframe.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041601.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /pagead/js/dbm_bid_appended_html_iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://threatpost.com/easter-attack-apple-ios/143901/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/easter-attack-apple-ios/143901/

Response headers

status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 19 Apr 2019 23:26:48 GMT
expires: Sat, 20 Apr 2019 23:26:48 GMT
content-type: text/html; charset=UTF-8
etag: 14890857266575238548
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1532
x-xss-protection: 0
cache-control: public, max-age=86400
age: 20278
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 m_window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20190417/r20110914/client/ext/ Frame 8DDF 2 KB
1 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190417/r20110914/client/ext/m_window_focus.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041601.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

b4ec4a79d6d5b86670fa7b1fe304db7b966deb4ba92227d53b37cf80621d2004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 17 Apr 2019 13:24:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1048
x-xss-protection: 0
server: cafe
etag: 10790372862462034421
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 May 2019 13:24:50 GMT

GET
H2 200 cookie_push.html
pagead2.googlesyndication.com/pagead/s/ Frame 467D 0
0 15ms
9ms Document
text/html 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041601.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://threatpost.com/easter-attack-apple-ios/143901/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://threatpost.com/easter-attack-apple-ios/143901/

Response headers

status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
vary: Accept-Encoding
date: Sat, 20 Apr 2019 02:38:07 GMT
expires: Sun, 21 Apr 2019 02:38:07 GMT
content-type: text/html; charset=UTF-8
etag: 15714087069842583550
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 652
x-xss-protection: 0
cache-control: public, max-age=86400
age: 8799
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8DDF 75 KB
28 KB 59ms
51ms Script
text/javascript 2a00:1450:4016:80d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041601.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4016:80d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

664830e6c63c91a71036f5b2e6e0e4ca68beeb98a9b3a1f3ca7763368f5e49f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 20 Apr 2019 05:04:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1555672411458484"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28636
x-xss-protection: 0
expires: Sat, 20 Apr 2019 05:04:46 GMT

GET
H2 200 m_qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20190417/r20110914/client/ext/ Frame 8DDF 8 KB
3 KB 16ms
8ms Script
text/javascript 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190417/r20110914/client/ext/m_qs_click_protection.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041601.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d4de866a4f7572af22873c3dd6b3c3bf27e3f3cb1cdecaa9aae9e31365664d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 17 Apr 2019 13:24:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 3467
x-xss-protection: 0
server: cafe
etag: 2413499115753633717
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 May 2019 13:24:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8DDF 0
71 B 20ms
12ms Image
text/html 2a00:1450:4001:81e::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyAu6DPrs3asj8pj9kSaydjMh4vZHf5ILjwzJMb3AwS0UcaRO-47TtKXMSFVOJoYHWeYuq5GHkIKz62lg4s--bNeHu1g
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041601.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:81e::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DDF 42 B
175 B 20ms
13ms Image
image/gif 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cl03V_ub6UTgoGLxjvTJhQPfOHS_Ez78g4RggOiP03plhQoB67kUnXElGue-POTmtOlPggLWwS-DQB8SFQY9EIHSPBXkymNzHmHGz2q7sIbIHlF0k

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019041601.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Apr 2019 05:04:46 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8DDF 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47507c2543e09c6350482effa4c6e095bc953e2c7160861b1e7aab55297c7ac4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8DDF 42 B
112 B 41ms
41ms Image
image/gif 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7HDQPt3zjBs5elQSVwX9A17-IuNJyoMxQ8d3nCdvr2PFpRNFoNx5aHzMznDz6_gmZhytNRmIgy3DF_yZ_qUV7OMpQ1M-uYdunTLiBTTitQLrC-8_lVw&sai=AMfl-YRHmpeObM3NOeWfmHmpJ37EsXeONA8S3SVMcHE9t7y8sj1ij0TuvC_w6PpWlpclCxMeBPl_4_mQKWzxSGmGq0E0kdA6CKEyofESeQ4jL0pl7dvzQ7NWWut0QjjV&sig=Cg0ArKJSzNC6Kqiqvu3oEAE&cid=CAASEuRoLk32ApeG6XVm5Di8AEPfZw&adk=689239265&tt=1422&bs=1585%2C1200&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&p=157,1093,407,1393&mcvt=1012&rs=3&ht=0&tfs=1515&tls=2527&mc=1&lte=1&bas=0&bac=0&avms=geo&avms_sel=10&first_poll=2527&rst=1555736686638&rpt=81&isd=0&msd=0&lm=2&nio_mode=1&oseid=3&xdi=0&ps=1585%2C6200&ss=1600%2C1200&pt=1106&deb=1-1-2-10-24-14-46-23&tvt=2517&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=BODY&cl=1&cec=6&clc=0&cac=0&cd=300x254&v=20190419

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Apr 2019 05:04:47 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 OpportunityServlet Show response
opps.taboola.com/ 1 B
201 B 316ms
22ms XHR
text/plain 151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://opps.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/oppsula/1.3.6/oppsula.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: text/plain

Response headers

date: Sat, 20 Apr 2019 05:04:51 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1555736691.351092,VS0,VE15
x-served-by: cache-hhn1537-HHN
status: 200
x-cache: MISS
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1
x-cache-hits: 0

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 6 KB
7 KB 117ms
116ms XHR
application/json 151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=198827&tagid=1020237&crid=5302265&noaop=2&sortOrderType=0&cb=1555736691463&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=-1&seq=2&pv=999&pt=477387640&tz=0&viewable=true&ddast=V7K14CFgO3aBynQJx8ugS3aBynQJx8ugUAAAAGBjsHHbeZMUcjDmm3XAxnk-VoNBosZsvBbjgajpZD2LjNjDkacUi75WI4myxHo81yNxrONoPNZAoOU3aaXJaDWiBrmlx-N9ig6XT4XPd60dHycpgOf8_prvG7_SqH5_SyvBWm08PjdSsMh7PLrfR7_orRZjlY7OUAAAAA8AAAdZ4P8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABcJA8rgEAxWHQLsv16fMHAMBDAAgAwIACCUDBQ1oJQIbr1gkAAAAAAAAAAMv___9_zMC8a6kMwIdIXw_Agw_AA1GBZREjAAAAgFxBXLqjSZ1QWVQBABCkWwFcAQAEqOWEsK-EAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oaJlrzSg6cMqtV9AAIC1X0AAADZ1AwB4E4ALugBYXUDMDgAAAODu____Xw8kNhPLYrSbrXYTz2BhWS5svpHDt9oYRqPdarZxea_nUWbqUUA_rM9hyk6Ty3JQC2RNk8tvvwlbjFaTyWY5nC0Xk8FwNByN9idguwFO0HA4WOwGi91iMZwsJqPBcrBAgRhMcEKGo81kNdqtdpPlcDIazTaTDVK0ajUbbQbD1Wwy2-1Ww8FwORohRWsWs8lkMRstd5vBcjIaDCfDIcLQxrJYjJYjt3IzGq1Fi-FurfDMbGvVarhamTyzmXEyWoteH9NnYpqMXCYvCgaM7EVwkU5ER8vLYTr8Pae36Gh5OUyHv-d0EUs0J4t0IrvsG5uJZTHazVa7iWewsCwXNt_I4VttDKPRbjXbuPyljWWxGC1HbuVmNFqLFsPdWuGZ2daq1XC1MnlmM-NktBa9PqbPxDQZuUz-xmq12m1ms-Fq31itVrvNbDZc7Tt0hu_qczZKq-WSx6T8isa11cxpULgMFu9PYlpMu7ODado7Om1er8XYUH0TCrPBYzAoYongdJFORC_j6SKWSJ4W6USwXEyGg83EYrJsVr6NxbVbOXcrh8liGTlmhplxIpYoTRfpRK9yeE4vy1thOj08XrfCcDi73Eq_568YbZaDxUT9x4cYruaKzWCuGI7misVslQAAAAAAAAAAljBn3gQAAADgNJjNYjZZLRdA4mF818ll1SomOL0K!&proto=2,3,5,6&dtagid=1683035&dpubid=331625&abtst=sac5_vB&mPre=0.033&encoded=1&pstn=1&cirf=https%3A%2F%2Fthreatpost.com&callback=&en=1&wfv=1&cdb=&gdprApplies=false&amp=0&qsz=6&ft=0&pb=0
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.9.9/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: 7624fdb8e68843c3a5f049e11cf0d3003246a672fdb02416b9fc935e13687eba

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: text/plain

Response headers

date: Sat, 20 Apr 2019 05:04:51 GMT
via: 1.1 varnish
machineid: 1426
x-cache: MISS
status: 200
x-cache-hits: 0
content-length: 6572
x-served-by: cache-hhn1534-HHN
pragma: no-cache
server: nginx/1.13.12
x-timer: S1555736691.469855,VS0,VE110
content-type: application/json;charset=ISO-8859-1
access-control-allow-origin: https://threatpost.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag Show response
gklfs-idnhw.ads.tremorhub.com/ad/ 119 B
455 B 218ms
217ms XHR
text/xml 52.4.203.244
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://gklfs-idnhw.ads.tremorhub.com/ad/tag?adCode=gklfs-mjhgb&playerWidth=400&playerHeight=225&playerPosition=1&mediaTitle=11-travel-tools-you-wont-regret-splurging-on&mediaDesc=11-travel-tools-you-wont-regret-splurging-on&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2F11-travel-tools-you-wont-regret-splurging-on.mp4&srcPageUrl=https%3A%2F%2Fthreatpost.com&contentLength=53&gdpr=1&blockedDomains=
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.9.9/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.203.244 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-4-203-244.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e4f4325d2251a1fb661e38826334015128eb74701e9951dcb1fa40a5a32a9ec8

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 20 Apr 2019 05:04:51 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
status: 200
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET
H2 200 tag Show response
s5pvq.ads.tremorhub.com/ad/ 119 B
455 B 308ms
308ms XHR
text/xml 52.4.203.244
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s5pvq.ads.tremorhub.com/ad/tag?adCode=gklfs-dsarh&playerWidth=400&playerHeight=225&playerPosition=1&mediaTitle=11-travel-tools-you-wont-regret-splurging-on&mediaDesc=11-travel-tools-you-wont-regret-splurging-on&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2F11-travel-tools-you-wont-regret-splurging-on.mp4&srcPageUrl=https%3A%2F%2Fthreatpost.com&contentLength=53&gdpr=1&blockedDomains=
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.9.9/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.203.244 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-4-203-244.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: ae07da0b8bdaa74042237e5292bd98e9a7b4f6991843c1144757450b5573fd48

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 20 Apr 2019 05:04:51 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
status: 200
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

POST
H2 200 OpportunityServlet Show response
opps.taboola.com/ 1 B
79 B 16ms
16ms XHR
text/plain 151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://opps.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/oppsula/1.3.6/oppsula.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: text/plain

Response headers

date: Sat, 20 Apr 2019 05:04:56 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1555736696.057008,VS0,VE9
x-served-by: cache-hhn1537-HHN
status: 200
x-cache: MISS
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1
x-cache-hits: 0

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 6 KB
7 KB 104ms
104ms XHR
application/json 151.101.2.49
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=198827&tagid=1020237&crid=5302265&noaop=2&sortOrderType=0&cb=1555736696463&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=-1&seq=3&pv=999&pt=477387640&tz=0&viewable=true&ddast=V7K14CFgO3aBynQJx8ugS3aBynQJx8ugUAAAAGBjsHHbeZMUcjDmm3XAxnk-VoNBosZsvBbjgajpZD2LjNjDkacUi75WI4myxHo81yNxrONoPNZAoOU3aaXJaDWiBrmlx-N9ig6XT4XPd60dHycpgOf8_prvG7_SqH5_SyvBWm08PjdSsMh7PLrfR7_orRZjlY7OUAAAAA8AAAdZ4P8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABcJA8rgEAxWHQLsv16fMHAMBDAAgAwIACCUDBQ1oJQIbr1gkAAAAAAAAAAMv___9_zMC8a6kMwIdIXw_Agw_AA1GBZREjAAAAgFxBXLqjSZ1QWVQBABCkWwFcAQAEqOWEsK-EAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380oaJlrzSg6cMqtV9AAIC1X0AAADZ1AwB4E4ALugBYXUDMDgAAAODu____Xw8kNhPLYrSbrXYTz2BhWS5svpHDt9oYRqPdarZxea_nUWbqUUA_rM9hyk6Ty3JQC2RNk8tvvwlbjFaTyWY5nC0Xk8FwNByN9idguwFO0HA4WOwGi91iMZwsJqPBcrBAgRhMcEKGo81kNdqtdpPlcDIazTaTDVK0ajUbbQbD1Wwy2-1Ww8FwORohRWsWs8lkMRstd5vBcjIaDCfDIcLQxrJYjJYjt3IzGq1Fi-FurfDMbGvVarhamTyzmXEyWoteH9NnYpqMXCYvCgaM7EVwkU5ER8vLYTr8Pae36Gh5OUyHv-d0EUs0J4t0IrvsG5uJZTHazVa7iWewsCwXNt_I4VttDKPRbjXbuPyljWWxGC1HbuVmNFqLFsPdWuGZ2daq1XC1MnlmM-NktBa9PqbPxDQZuUz-xmq12m1ms-Fq31itVrvNbDZc7Tt0hu_qczZKq-WSx6T8isa11cxpULgMFu9PYlpMu7ODado7Om1er8XYUH0TCrPBYzAoYongdJFORC_j6SKWSJ4W6USwXEyGg83EYrJsVr6NxbVbOXcrh8liGTlmhplxIpYoTRfpRK9yeE4vy1thOj08XrfCcDi73Eq_568YbZaDxUT9x4cYruaKzWCuGI7misVslQAAAAAAAAAAljBn3gQAAADgNJjNYjZZLRdA4mF818ll1SomOL0K!&proto=2,3,5,6&dtagid=1683035&dpubid=331625&abtst=sac5_vB&mPre=0.033&encoded=1&pstn=1&cirf=https%3A%2F%2Fthreatpost.com&callback=&en=1&wfv=1&cdb=&gdprApplies=false&amp=0&qsz=6&ft=0&pb=0
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.9.9/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: 0d06c4b4819e81a3061f8516dbc94ce22f87a0c1d5ef091566b137ce25fd48e1

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: text/plain

Response headers

date: Sat, 20 Apr 2019 05:04:56 GMT
via: 1.1 varnish
machineid: 1440
x-cache: MISS
status: 200
x-cache-hits: 0
content-length: 6584
x-served-by: cache-hhn1534-HHN
pragma: no-cache
server: nginx/1.13.12
x-timer: S1555736696.470253,VS0,VE97
content-type: application/json;charset=ISO-8859-1
access-control-allow-origin: https://threatpost.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag Show response
gklfs-idnhw.ads.tremorhub.com/ad/ 119 B
455 B 302ms
301ms XHR
text/xml 52.4.203.244
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://gklfs-idnhw.ads.tremorhub.com/ad/tag?adCode=gklfs-mjhgb&playerWidth=400&playerHeight=225&playerPosition=1&mediaTitle=11-travel-tools-you-wont-regret-splurging-on&mediaDesc=11-travel-tools-you-wont-regret-splurging-on&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2F11-travel-tools-you-wont-regret-splurging-on.mp4&srcPageUrl=https%3A%2F%2Fthreatpost.com&contentLength=53&gdpr=1&blockedDomains=
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v9.9.9/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.203.244 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-4-203-244.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e4f4325d2251a1fb661e38826334015128eb74701e9951dcb1fa40a5a32a9ec8

Request headers

Referer: https://threatpost.com/easter-attack-apple-ios/143901/
Origin: https://threatpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 20 Apr 2019 05:04:56 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
status: 200
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET tag
s5pvq.ads.tremorhub.com/ad/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s5pvq.ads.tremorhub.com
URL: https://s5pvq.ads.tremorhub.com/ad/tag?adCode=gklfs-dsarh&playerWidth=400&playerHeight=225&playerPosition=1&mediaTitle=11-travel-tools-you-wont-regret-splurging-on&mediaDesc=11-travel-tools-you-wont-regret-splurging-on&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2F11-travel-tools-you-wont-regret-splurging-on.mp4&srcPageUrl=https%3A%2F%2Fthreatpost.com&contentLength=53&gdpr=1&blockedDomains=

Verdicts & Comments Add Verdict or Comment

323 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/	1970-01-19 08:54:32	Name: t_gid Value: 4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded
.doubleclick.net/	1970-01-19 09:30:32	Name: IDE Value: AHWqTUkj4t8GNJUjAJIB3VBGHBBR7YIi_DVLsxcelR8VzhIr9Bw1MfkErQlMozkf
.threatpost.com/	1970-01-19 00:08:56	Name: _gat_gtag_UA_109681207_2 Value: 1
threatpost.com/	1970-01-19 08:54:32	Name: trc_cookie_storage Value: threatpost-threatpost%253Asession-data%3Dv2_13b2147657b30a29af7da75c044756ce_4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded_1555736685_1555736685_CNawjgYQ459IGIrWh8mjLSABKAEwODib4wlAi4oQSMWWE1Cj7BBYAGAA%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522threatpost-threatpost%253Asession-data%2522%252C%2522taboola%2520global%253Alspb%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Alspb%3DCwsIQBDQpSoMCwhCENClKgwLCEwQ0KUqDAsIIBDQpSoMCwgkENClKgwLCGQQ0KUqDAsIJxDQpSoMCwgtENClKgwLCDsQ0KUqDAsIPxDQpSoMDBMU%7Ctaboola%2520global%253Auser-id%3D4c21149d-9344-4187-a3f6-5585ed36f824-tuct3b42ded
.threatpost.com/	1970-01-19 09:33:25	Name: __qca Value: P0-652953207-1555736685290
.threatpost.com/	1970-01-19 02:18:32	Name: _fbp Value: fb.1.1555736685268.236298029
.threatpost.com/	1970-01-19 00:08:56	Name: _gat_UA-35676203-21 Value: 1
.threatpost.com/	1970-01-19 00:10:23	Name: _gid Value: GA1.2.1548201409.1555736685
.threatpost.com/	1970-01-19 17:40:08	Name: _ga Value: GA1.2.1026937027.1555736685

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
adservice.google.com
adservice.google.de
analytics.twitter.com
asn.advolution.de
assets.threatpost.com
bttrack.com
cdn.taboola.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
convammp.taboola.com
gklfs-idnhw.ads.tremorhub.com
googleads.g.doubleclick.net
graph.facebook.com
i0.wp.com
ib.adnxs.com
images.taboola.com
imprammp.taboola.com
kasperskycontenthub.com
m.exactag.com
match.adsrvr.org
match.taboola.com
media.threatpost.com
opps.taboola.com
pagead2.googlesyndication.com
pixel.quantserve.com
px.powerlinks.com
rtb.mfadsrvr.com
rules.quantcount.com
s5pvq.ads.tremorhub.com
sb.scorecardresearch.com
secure.gravatar.com
secure.quantserve.com
securepubads.g.doubleclick.net
server.exposebox.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tags.bluekai.com
threatpost.com
tpc.googlesyndication.com
trc.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.reddit.com
www.storygize.net
x.bidswitch.net
s5pvq.ads.tremorhub.com
104.111.214.103
104.111.241.32
104.244.42.5
104.244.42.67
151.101.1.140
151.101.120.157
151.101.2.2
151.101.2.49
172.217.18.98
18.153.11.14
18.196.37.19
185.33.223.80
192.0.77.2
192.132.33.46
213.202.235.8
213.9.42.202
216.58.207.34
2600:9000:2047:2000:2:9275:3d40:93a1
2600:9000:2047:5400:0:5c46:4f40:93a1
2600:9000:2047:c800:6:44e3:f8c0:93a1
2600:9000:2047:e600:2:9275:3d40:93a1
2606:4700::6810:5424
2606:4700::6813:c497
2a00:1450:4001:809::2003
2a00:1450:4001:814::2008
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::2004
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2002
2a00:1450:4001:821::2002
2a00:1450:4001:825::2001
2a00:1450:400c:c08::9a
2a00:1450:4016:80d::2002
2a03:2880:f01c:20e:face:b00c:0:2
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
2a05:f500:10:101::b93f:9101
34.211.85.62
35.173.160.135
35.201.85.158
52.4.203.244
54.194.234.200
54.72.175.179
91.228.74.150
91.228.74.212
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0590be5083a6babff6571bd27f87886c08720e623045c8aae01bc54054c26219
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7
0768f4ef72f0b9e8755313ac742b870acc76a7c302cdfe52a9fa677168c9aa3f
07a045bd0b098c8ca4b92ec31d5247281c8db4ea451d53db155b50bd2e388a70
07de1271b7abfe530b38ad20f1148064fe30d6bb023a86e708d19ccfb60c3aa4
0d06c4b4819e81a3061f8516dbc94ce22f87a0c1d5ef091566b137ce25fd48e1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10eba73b3641332bde05fa8d6223e7017ac5207673602247c35f358ea89e3092
151c3dcb260a184635c1f2deb0dfe7972b0a71ac9167745dd7647c3c3d12aba7
158bd43fb88ee154b20d48484e2f2af54e5d7f76d0d3db9999c2b7460451de95
162dd1236b7f83b99b51481fd50ddbbb76964e0a8fc4c23f0f3a4806331425fb
1b56c7b37c5c00cc137a3f789f5b37aca985cfc2fb90a600a6047878cbfaaf59
1bc6ecff270f95c4fdd4e437641c48359ae82ded0b6434cf2477be055b05dac6
1c7b4b4ce1f74f44ad090157fae7940b4d4b5682b410ccb6ad1c61f46e5f898b
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
22e9cddb22e85c81e378ec92b3027cfd26a6f3c55d47673c62c6552b99831d20
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
31decc0966f093cf288c7791be5e0646cd90fde54bd9e46414cbddf131b61195
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a
3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
41665ec619f1f6a97e8953a01e4af3f81d5d8f2876e9bd6b0c13ec7afa6d1225
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730
437513ec64a0d4c9b838a51cf1e57bfb0d75586f35ddd91d0de1d01335fd0969
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7
47507c2543e09c6350482effa4c6e095bc953e2c7160861b1e7aab55297c7ac4
4874cf1cb80ba991457a0d664d5e0398e59cb3f7e53f9b2935e76109e2b3e071
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c53d94546bdb5a14ce5c3ec031a558f493b9d51d72d05403daca6912d14b236
4db8a4372cd8e036f461a47200bc0f2bc42fa5159d34439c57ce49667d7983b7
4df31579b4a1750518a552d3a66ba8a8831ac09345730358d7e77006bb8125e8
55158de6ae73a0efccdc02e871d29577ca400b6fd2855fc9dc34bc81429a3614
5551815d987998dc9bdc90c580dd7c01b398786b1acf769524ea2c127b4fc3ae
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60f7c04e003009ea44b161f7a8c4c76f14ae490a3937ceaaf1be52e1a7e8aa60
664830e6c63c91a71036f5b2e6e0e4ca68beeb98a9b3a1f3ca7763368f5e49f0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6eeaa330e79de82579d573d85b1e62ee0017782c71406518af6b366b78c7981e
6fbd7b36d4badcc4c4bd55a2f632fbe2fa3dc6fba6adf54a47a6e0df460b6f0f
7624fdb8e68843c3a5f049e11cf0d3003246a672fdb02416b9fc935e13687eba
76ba07e059d9e2113f9c940f1a31efc95bd9d5badd68bbc3637177e892a08099
7782eccb926cdcb657eacb76520651347d9ce1129eb22de911680dc43f5a3eb6
79a313df5ecfda53fd0e23585057e83d22ff1f741e3ccd5f1418ca5082cba9a9
7acb0c9eb166a250e43441d1db313572298152f84edd8f235a579dcf30b0f4a6
7ca38399ede8b875f89b8b98e97d746758d66de51058f9cf69da9d036dfd4d68
7d6c8e4a8df6294aa4717f458670dad91720239ea5260e107ecfdaf5b6171507
7d7b0822fa40be3fb8bcbdfb17574332f6da59adb2ddfe741e277f7240b67daa
7ff0e5e1826e93da235848615a061a85bbdca78c6fab7a5242fa28f0ce77a87f
818a5beb9f1b63daa80795c7c26c0479b226e0b7674347ee0788d478134f5e46
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb
86b7ccaa2f4514958592d86d80c00afbf2978f0dd547ecf27cf3ae0725cb5774
8728689b95f8fdd290c0a6a1a0f301d793927895fb750a6b9fb27c8d1d0ac8a9
89ce08431545cd3c6d42419d99ee0152027a68c1d0c7c82838cc9a51d9d52451
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
8c87632d69189fb1ea3c4d5dff1b6261a3ac3d2bdfd45c185465da6ff19f8697
924f9036fb869592346fb06ad94fcaf642d2aeb89adf880ff0793ff53af1954c
940e0c3385928422aae38e1a74f1d84b462d8ce1a056c686fde505a0bf3162bb
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9e6714bd0f978b1eeb773e412c0b49ae81bf864244cd87ffe8467c5f9d6b0a7f
9fd6548be2062224aaadc96988031f1e23c06affac5d93bc63ad0d2f31d7108b
9fe96f11cd5e87cbfe3e2b73a62fe86ead3517929b425fb84ac287388a6db037
a03e952076d990386cea2efd2dc5a114d7673f915efa4ff91f4d4b68b68a5492
a04047cc8cc6f8c8e3215a049cf7334208c3c6427e695d9c816baeadb71d3611
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a783d2ad42c380bc896219c080fa845d1e9f2e77483558103aeb296b95b85701
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22
a9f6c03ce6f4d1654f29f2136651e883198d509cb2e26af1c24b1f87b6ccae13
aa64fa30a3263fa3105736228a6feaaa4f7d32d8ef96b12e56f6fb95511b66a7
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad0a569a36e36aad1a7528d4ea354f15c8e951ec745bc9eb9d80c90d5cef15bb
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be
ae07da0b8bdaa74042237e5292bd98e9a7b4f6991843c1144757450b5573fd48
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b07af50f99890a6edd3601bb8cf2d7ebdb404904067925d794d1cd450e939f57
b43344a84d27d5328f03df273b3e2d4508aa55f093d99d2aa95c160c17541cb9
b4ec4a79d6d5b86670fa7b1fe304db7b966deb4ba92227d53b37cf80621d2004
b536eba66aac4492da7e98c54bbe148cdc6308b8e54ab0799fc7edd203652423
b9b8ef6b88b16d3b65955c4209e539f0f75deb19b77c24787e7266b706f679a1
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c81c2a184926f0de9792b39184045e08acca0d2a72aa59927de411d787d759ac
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d4de866a4f7572af22873c3dd6b3c3bf27e3f3cb1cdecaa9aae9e31365664d97
d521d893fa2493562b9fdc3040270e5d93efb3256c010de0b45074460ff7f2e2
d57d91ed032154ff092267af35b6ea00ed8e5f2a8ba74ba986d0772f9cce29c7
da9ef5758c2a68c614fe297e9af561bc0ba885dd20238654e611a147bc68fdce
dab2f187bbdb3266165ebd1ad3d0395fe203f290271bc1f726456d6cf888823b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e404b43d6b607ad0773e1da1c627603796ad817ddeaaadc82d7383557d197895
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0
e4515e53b3ec6a75595c3f6eb488eb24f9f574d2922e8c4c71653f695d7bbe74
e4f4325d2251a1fb661e38826334015128eb74701e9951dcb1fa40a5a32a9ec8
e5c3cc4737389ccda70f782d1d63683a2f0bda244edd13d6a5ab3684ce44e5ac
e697ae92648ccad15ada450ecbd959853b72bb5b977112896334a50ddfc1c0b4
e9be8f069c9a92e57fed49fc8de59775a3dfd1935d4a64f5917154c98436c80d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efec3d34c79b4ecff68fa635bff375f4a54974731bc2e25ee0573383fa7fad15
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
ff4df26a68d6bec4a211ac9399d0cd0c81cc47fb2bf46894194547431df02a96

threatpost.com Open in urlscan Pro 35.173.160.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

145 Requests

99 %HTTPS

47 %IPv6

36 Domains

57 Subdomains

37 IPs

6 Countries

4800 kBTransfer

7567 kBSize

9 Cookies

24 Outgoing links

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

99 %
HTTPS

47 %
IPv6

36
Domains

57
Subdomains

37
IPs

6
Countries

4800 kB
Transfer

7567 kB
Size

9
Cookies

145 HTTP transactions
3 data transactions